Tag: Cyber Security News

Ransomware attacks targeting the healthcare sector have become increasingly challenging to manage due to financial losses and the risks posed to patient safety and operational continuity. Researchers at ANR.RUN analyze the impact of ransomware threats in healthcare, using the notorious…

Read more →

The European Union today imposed sanctions on three Russian military intelligence officers for their involvement in a series of cyberattacks targeting Estonian government agencies in 2020.  The individuals, identified as Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov, are…

Read more →

Phemex, a cryptocurrency exchange based in Singapore, suffered a significant cyberattack that resulted in the theft of $85 million worth of digital assets.  The platform’s hot wallets, which are linked to the internet for real-time transactions, were the primary target…

Read more →

Cybersecurity researchers have exposed critical vulnerabilities in a telecom network that allowed unauthorized access to sensitive data and control over 3,000 companies.  The research revealed obvious vulnerabilities in the network’s backend APIs, authentication systems, and Know Your Customer (KYC) processes,…

Read more →

A financially motivated threat actor has been linked to a sophisticated cyber campaign that has been targeting users in Poland and Germany since July 2024.  The effort uses phishing emails to spread a range of malware payloads, including Agent Tesla,…

Read more →

Researchers Fabian Bräunlein and Luca Melette demonstrated how outdated Radio Ripple Control systems, used to manage up to 60 gigawatts (GW) of electricity, could be exploited by attackers to disrupt power supply on a massive scale.  Their findings, presented at…

Read more →

NVIDIA has issued a critical software security update for its GPU Display Driver, addressing multiple vulnerabilities that could potentially expose systems to denial-of-service (DoS) attacks, data tampering, and information disclosure.  This update impacts users across Windows and Linux platforms and…

Read more →

A new method of exploiting the “Bring Your Own Vulnerable Driver” (BYOVD) technique has emerged, combining it with Windows symbolic links to elevate its effectiveness. This innovative approach exploits drivers with file-writing capabilities, bypassing the need to rely solely on…

Read more →

Cybercriminals are increasingly employing a technique known as “hidden text salting” to bypass spam filters and evade detection. This method, which saw a surge in usage during the latter half of 2024, poses a significant threat to organizations relying on…

Read more →

A sophisticated phishing campaign has been uncovered, leveraging malicious PDFs disguised as official U.S. Postal Service (USPS) communications to target mobile users. This attack, identified by Zimperium’s zLabs team, employs a novel obfuscation technique to bypass traditional endpoint security measures…

Read more →

A critical Insecure Direct Object Reference (IDOR) vulnerability has been identified in One Identity Manager, a widely used identity and access management solution.  This vulnerability, officially tracked as CVE-2024-56404, allows unauthorized privilege escalation under specific configurations.  The issue affects only…

Read more →

The Akira ransomware group, a prominent player in the Ransomware-as-a-Service (RaaS) domain since March 2023, has intensified its operations with a new Linux variant targeting VMware ESXi servers. Initially focused on Windows systems, Akira expanded its scope in April 2023…

Read more →

Apple has released updates across its platforms, including iOS 18.3, iPadOS 18.3, macOS Ventura, macOS Sonoma, macOS Sequoia, and Safari, to address multiple vulnerabilities. These updates include critical fixes for zero-day vulnerabilities that were actively being exploited, as well as…

Read more →

Apple has released critical security updates to address a zero-day vulnerability actively exploited in attacks targeting iPhone users.  The flaw, identified as CVE-2025-24085, is a use-after-free issue in the Core Media framework, which handles multimedia processing across Apple’s ecosystem.  This…

Read more →

The creators of Wireshark, Gerald Combs and Loris Degioanni, have unveiled Stratoshark, a groundbreaking tool designed to bring Wireshark’s renowned capabilities into the cloud era. Building on over 25 years of experience with Wireshark, which has become a staple for…

Read more →

A newly disclosed attack method targeting Docker installations has raised significant security concerns among developers and system administrators. The vulnerability leverages a misconfigured Docker Engine API setting, allowing attackers to achieve remote code execution (RCE) with minimal user interaction. While…

Read more →

A sophisticated phishing campaign targeting Amazon Prime members has been uncovered, aiming to steal credit card information and other sensitive data. Cybersecurity experts have identified a complex attack chain that leverages PDF attachments, redirects, and cleverly crafted phishing sites to…

Read more →

A critical zero-day vulnerability in Fortinet’s FortiOS and FortiProxy products tracked as CVE-2024-55591, has been actively exploited in the wild, allowing attackers to gain super-admin privileges. The flaw, which carries a CVSS score of 9.6, has raised significant concerns among…

Read more →

Microsoft has unveiled a new security feature for its popular collaboration platform, Microsoft Teams, to combat phishing attacks through brand impersonation in external chats. The feature, which will alert users to potential impersonation risks during initial contact from external domains,…

Read more →

DeepSeek, the Chinese AI startup that recently dethroned OpenAI’s ChatGPT as the top-rated free app on Apple’s App Store in the United States, announced it is facing a significant cyber attack, prompting the company to temporarily halt new user registrations.…

Read more →

Cybercriminals are employing sophisticated strategies to bypass email security filters, creating phishing emails that are undetectable by utilizing HTML entities and zero-width characters. This new wave of attacks, dubbed “Shy Z-WASP,” combines zero-width joiners and soft hyphen entities to obfuscate…

Read more →

Xerox has released a critical security bulletin addressing multiple vulnerabilities in its Xerox Workplace Suite, a widely used print management server solution.  These vulnerabilities, identified as CVE-2024-55925 through CVE-2024-55931, could allow attackers to bypass API security, manipulate headers, and exploit…

Read more →

A novel attack method leveraging multicast poisoning to execute pre-authenticated Kerberos relay attacks over HTTP. This technique, detailed by Quentin Roland of Synacktiv, combines legacy weaknesses in local name resolution protocols with advanced authentication relaying tools like Responder and krbrelayx.…

Read more →

PortSwigger has released Burp Suite 2025.1, introducing several new features and improvements aimed at enhancing the tool’s usability and efficiency for penetration testers.  This update includes significant advancements in the Burp Intruder module, HTTP response analysis, and interaction management, alongside…

Read more →

A sophisticated malware campaign has been uncovered, leveraging 7-Zip self-extracting archives and the UltraVNC remote access tool to target Russian-speaking entities. The operation, attributed to a threat actor dubbed GamaCopy, mimics tactics previously associated with the Kremlin-aligned Gamaredon group. The…

Read more →

A sophisticated attack campaign have been uncovered recently by the cybersecurity researchers at CloudSEK targeting aspiring hackers, commonly known as “script kiddies.” The operation involves a trojanized version of the XWorm Remote Access Trojan (RAT) builder, which has been weaponized…

Read more →

Google has rolled out a new Stable Channel Update for its Chrome browser, addressing critical security vulnerabilities that posed significant risks to users.  The update, version 132.0.6834.110/111 for Windows and Mac and 132.0.6834.110 for Linux is being gradually deployed and…

Read more →

A sophisticated new phishing framework dubbed “FlowerStorm” has emerged, targeting multiple brands simultaneously to steal customer login credentials. Cybersecurity researchers at CloudSEK have uncovered this alarming development, which poses a significant threat to organizations and consumers alike. FlowerStorm, active since…

Read more →

Researchers have unveiled SCAVY, a novel framework designed to automate the discovery of memory corruption targets in the Linux kernel.  This discovery aims to address critical gaps in the detection and prevention of privilege escalation exploits, which often leverage memory-corruption…

Read more →

A newly disclosed vulnerability in Apache Solr, identified as CVE-2024-52012, has raised concerns among users of the search platform, particularly those running instances on Windows systems.  The flaw, categorized as a Relative Path Traversal vulnerability, allows attackers to gain arbitrary…

Read more →

A team of researchers from the Indian Institute of Technology Kharagpur and Intel Corporation has uncovered a significant vulnerability in Intel’s Trust Domain Extensions (TDX) technology, potentially compromising the security of sensitive data in cloud computing environments. Intel TDX, introduced…

Read more →

Security researchers have uncovered a critical vulnerability in Windows stemming from its “Best-Fit” character conversion feature, which has been exploited to execute remote code.  This newly identified attack surface, dubbed “WorstFit,” leverages certain features of Windows’ internal character encoding system…

Read more →

A critical vulnerability (CVE-2024-52975) has been identified in Elastic’s Fleet Server, posing a severe risk of sensitive information exposure.  The flaw, affecting Fleet Server versions 8.13.0 through 8.15.0, allows sensitive data to be logged at the INFO and ERROR log…

Read more →

The North Korean-linked Andariel hacking group has been identified using a sophisticated attack campaign that employs the Relative Identifier (RID) technique to covertly create hidden administrator accounts on Windows systems. This deceptive technique enables attackers to avoid traditional detection measures…

Read more →

Threat actors demonstrated a methodical approach in a recent cyberattack, taking 11 days from initial compromise to fully deploy LockBit ransomware across a victim’s network. The incident, detailed in a report by The DFIR Report, showcases the evolving tactics of…

Read more →

GitLab has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE), addressing several vulnerabilities, including a high-severity cross-site scripting (XSS) flaw.  The patched versions, 17.8.1, 17.7.3, and 17.6.4, are now available, and GitLab strongly recommends all…

Read more →

Critical security vulnerabilities in Git-related projects, including GitHub Desktop, Git Credential Manager, Git LFS, and GitHub Codespaces, were recently uncovered and involved improper handling of text-based protocols, allowing attackers to potentially leak user credentials. This discovery highlights significant risks in…

Read more →

A critical security flaw, CVE-2024-50050, has been discovered in Meta’s Llama Stack framework, a widely used open-source tool for building and deploying generative AI (GenAI) applications. The vulnerability, caused by unsafe deserialization of Python objects via the pickle module, allows…

Read more →

The U.S. healthcare system, UnitedHealth Group, has confirmed that a February 2024 ransomware attack on its subsidiary, Change Healthcare, compromised the personal and healthcare data of approximately 190 million individuals. This figure, nearly double the initial estimate of 100 million,…

Read more →

An open-source firewall is a network security solution designed to monitor and control traffic based on predefined rules. It provides transparency, flexibility, and cost-effectiveness by granting users access to its source code, enabling them to modify and customize it to…

Read more →

Welcome to this week’s Cybersecurity Newsletter, where we bring you the latest updates and key insights from the ever-evolving world of cybersecurity. In today’s fast-paced digital environment, staying informed is crucial, and our goal is to provide you with the…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical vulnerability, CVE-2025-23006, affecting SonicWall’s Secure Mobile Access (SMA) 1000 series appliances. This vulnerability, actively exploited in the wild, poses a severe risk to organizations relying…

Read more →

A critical vulnerability in Kubernetes, designated as CVE-2024-9042, has been discovered, enabling attackers to execute remote code with SYSTEM privileges on all Windows nodes within a Kubernetes cluster. This vulnerability, identified by Akamai security researcher Tomer Peled, specifically affects the…

Read more →

IntelBroker, a key figure within the dark web’s BreachForums, has announced his resignation as the platform’s owner. This decision marks a significant shift for the forum, a major hub for cybercriminal activity, and follows a period of instability marked by…

Read more →

Microsoft has allowed unprivileged users to update their own User Principal Names (UPNs) in Entra ID, sparking concerns over security and administrative oversight. To clarify, an unprivileged user can update the user principal name (UPN) for their own Entra ID…

Read more →

Vulnerability Assessment and Penetration Testing (VAPT) tools are an integral part of any cybersecurity toolkit, playing a critical role in identifying, analyzing, and remediating security vulnerabilities in computer systems, networks, applications, and IT infrastructure. These tools enable organizations to proactively…

Read more →