Tag: Cyber Security News

Federal prosecutors unsealed criminal complaints today against David Jose Gomez Cegarra, 24, and Jesus Segundo Hernandez-Gil, 19, members of the Tren de Aragua Gang, for allegedly orchestrating a coordinated ATM “jackpotting” campaign across four U.S. states.  The defendants face charges…

Read more →

A critical Insecure Direct Object Reference (IDOR) vulnerability chain in ZITADEL’s administration interface (CVE-2025-27507) has exposed organizations to systemic risks of account takeover and configuration tampering.  Rated 9.0/10 on the CVSS v3.1 scale, these flaws enable authenticated low-privilege users to…

Read more →

In its latest Android security update, Google has unveiled a dual-layer defense system combining AI-powered scam detection for both text messages and voice calls.  The new features, powered by Gemini Nano AI models operating entirely on-device, aim to combat the…

Read more →

A critical security vulnerability in LibreOffice tracked as CVE-2025-1080, has exposed millions of users to potential remote code execution attacks through manipulated macro URLs.  Patched in versions 24.8.5 and 25.2.1 released on March 4, 2025, this flaw allowed attackers to…

Read more →

Elastic has issued an urgent security advisory for a critical vulnerability in Kibana, tracked as CVE-2025-25012, that allows authenticated attackers to execute arbitrary code on affected systems.  The flaw, rated 9.9 on the CVSS v3.1 scale, stems from a prototype…

Read more →

Google collects and stores significant amounts of user data on Android devices, even when users haven’t opened any Google apps. The study by Professor D.J. Leith from Trinity College Dublin, documents for the first time how pre-installed Google apps silently…

Read more →

A sophisticated Android banking trojan campaign leveraging a malicious file manager application accumulated over 220,000 downloads on the Google Play Store before its removal.  Dubbed Anatsa (also known as TeaBot), the malware targets global financial institutions through a multi-stage infection…

Read more →

A new ransomware group, SecP0, has emerged on the cybercrime landscape, adopting a novel and deeply concerning tactic: demanding ransom payments not for encrypted data, but for undisclosed software vulnerabilities.  This shift in strategy represents a significant evolution in ransomware…

Read more →

In a sophisticated cybercrime operation targeting high-demand events, two individuals were arrested this week for allegedly orchestrating a $600,000 ticket theft scheme involving Taylor Swift’s Eras Tour and other major concerts.  Queens District Attorney Melinda Katz revealed that Tyrone Rose,…

Read more →

In a landmark development for cybersecurity infrastructure, Google’s Mandiant subsidiary has unveiled GoStringUngarbler – an open-source deobfuscation framework designed to neutralize advanced string encryption techniques in Go-based malware.  This innovation specifically targets binaries obfuscated using garble, an increasingly prevalent obfuscation…

Read more →

Patch management tools are essential for maintaining the security and efficiency of IT systems in 2025. These tools automate the process of identifying, testing, and deploying software updates and security patches across various operating systems and applications. Top contenders in…

Read more →

Cybersecurity has transformed from a niche technical field into a critical business priority that shapes organizational strategies worldwide. As we navigate through 2025, the cybersecurity industry continues to expand in response to increasingly sophisticated threats, digital transformation initiatives, and regulatory requirements. The global cybersecurity market is…

Read more →

The U.S. Department of Justice (DOJ) unsealed indictments today against 12 Chinese nationals linked to state-sponsored cyber espionage campaigns targeting the U.S. Treasury Department, religious organizations, media outlets, and critical infrastructure.  The charges reveal an extensive, decade-long operation leveraging advanced…

Read more →

Researchers uncovered one of the most technically sophisticated attacks in cryptocurrency history, exploiting Bybit’s Ethereum hot wallet infrastructure through a malicious proxy contract upgrade.  The breach, attributed to North Korea’s Lazarus Group via blockchain fingerprinting, resulted in the theft of…

Read more →

Shadowserver observed that 41,500+ internet-exposed VMware ESXi hypervisors as of March 4, 2025, are vulnerable to CVE-2025-22224, a critical zero-day vulnerability actively exploited in attacks. Broadcom patched the vulnerability in an emergency update. It enables attackers with local administrative access…

Read more →

HUMAN Security’s Satori Threat Intelligence team has uncovered a sophisticated malware operation dubbed “BADBOX 2.0” that compromised over 50,000 Android devices using 24 deceptive applications. This operation represents a major expansion of the original BADBOX campaign first identified in 2023,…

Read more →

Microsoft has recently published comprehensive guidance for developers working with Virtualization-Based Security (VBS) enclaves, highlighting critical security measures to strengthen the trust boundary between different virtual trust levels. The guidance by the Microsoft Security team, addresses fundamental security challenges that…

Read more →

Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese state-sponsored espionage group that has begun targeting common IT solutions including remote management tools and cloud applications to gain initial access to organizational networks. This…

Read more →

Security researchers at Proofpoint have uncovered a sophisticated cyber espionage campaign targeting aviation and satellite communications organizations in the United Arab Emirates. The campaign, attributed to a threat actor tracked as UNK_CraftyCamel, leveraged a compromised Indian electronics company to deliver…

Read more →

A newly disclosed vulnerability in Cisco Webex for BroadWorks Release 45.2 enables remote attackers to intercept sensitive credentials and user data when Session Initiation Protocol (SIP) communications lack encryption. This vulnerability, rated as low severity but with significant operational implications,…

Read more →

A critical security flaw in the GiveWP Donation Plugin tracked as CVE-2025-0912, has exposed over 100,000 WordPress websites to unauthenticated remote code execution (RCE) attacks.  The vulnerability, scoring a maximum CVSS 9.8 (Critical) severity rating, originates from improper handling of…

Read more →

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sweeping sanctions today against Behrouz Parsarad, an Iran-based cybercriminal identified as the sole administrator of the Nemesis darknet marketplace.  This move marks OFAC’s first recognition as a…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert on March 4, 2025, adding three critical VMware vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog following confirmed in-the-wild exploitation. The vulnerabilities CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 allow attackers…

Read more →

Microsoft has announced plans to enhance security measures by removing the Data Encryption Standard (DES) encryption algorithm from Kerberos authentication in upcoming Windows releases. This security change will affect Windows Server 2025 and Windows 11 version 24H2 computers after they…

Read more →

The Vim text editor vulnerability CVE-2025-27423 is a high-severity issue that allows for arbitrary code execution via malicious TAR archives. Affecting Vim versions prior to 9.1.1164, this flaw in the bundled tar.vim plugin exposes users to potential command injection attacks…

Read more →

A critical evolution of the CVE-2024-7014 vulnerability, originally patched in July 2024, has resurfaced with updated tactics to bypass security measures.  Dubbed Evilloader, this new exploit leverages Telegram’s multimedia handling mechanisms to execute malicious JavaScript code by disguising .htm files…

Read more →

NVIDIA has issued urgent security advisories addressing multiple vulnerabilities in its Hopper HGX 8-GPU High-Performance Computing (HMC) platforms, including a high-severity flaw (CVE-2024-0114, CVSS 8.1) that permits unauthorized code execution, privilege escalation, and systemic data compromise.  A secondary medium-severity vulnerability…

Read more →

Zoho has patched a high-severity vulnerability (CVE-2025-1723) in its ADSelfService Plus software, a widely used self-service password management and single sign-on solution.  The flaw, discovered in builds 6510 and earlier, could enable attackers to bypass authentication safeguards and access sensitive…

Read more →

A newly disclosed vulnerability in Hewlett Packard Enterprise’s (HPE) Insight Remote Support tool enables unauthenticated attackers to execute arbitrary code on vulnerable systems, with proof-of-concept (PoC) exploit code now publicly available.  Tracked as CVE-2024-53676, this critical remote code execution (RCE)…

Read more →

A sophisticated malware campaign named “GrassCall” was detected that specifically targets job seekers through deceptive tactics. The campaign, attributed to the threat group known as Crazy Evil, has been actively exploiting job hunters’ vulnerability by luring them with fake employment…

Read more →

A security researcher known as “Seeker” has published an in-depth analysis of advanced obfuscation techniques employed by APT28, a threat actor known for sophisticated cyber espionage operations. The report provides a comprehensive examination of a heavily obfuscated HTA Trojan used…

Read more →

Google has rolled out Chrome 134 to the stable channel, delivering critical security updates that resolve 14 vulnerabilities, including high-severity flaws that could enable browser crashes, data leaks, or arbitrary code execution.  The update (versions 134.0.6998.35 for Linux, 134.0.6998.35/36 for…

Read more →

A new report published recently, details how red team operators can use SpecterInsight 4.2.0 to successfully bypass Windows Defender and other antivirus solutions. The technique allows threat actors to evade detection while loading malicious .NET payloads into memory, presenting significant…

Read more →

Security researchers have uncovered a significant remote code execution vulnerability in Microsoft’s Windows Key Distribution Center (KDC) Proxy that could potentially allow attackers to gain complete control over affected servers. The vulnerability, tracked as CVE-2024-43639, stems from an integer overflow…

Read more →

Dutch IT security consultancy Modat has uncovered alarming security vulnerabilities in approximately 49,000 access management systems (AMS) deployed worldwide. These systems, designed to control building access through authentication methods like passwords, biometrics, and multi-factor authentication, have been found to contain…

Read more →

Stegoсampaign, a complex attack that leverages phishing, a multi-functional RAT, а loader, and malicious scripts, got a new twist. ANY.RUN’s malware analysts discovered a Stegocampaign variant that uses a Windows registry file to add a malicious script to Autorun. While…

Read more →

New research reveals that threat actors are exploiting exposed cloud credentials to hijack enterprise AI systems within minutes of credential leakage. Recent incidents have demonstrated that attackers can compromise large language model (LLM) infrastructure in under 19 minutes.  Dubbed LLMjacking,…

Read more →

The exponential growth of government data requests to technology giants has transformed Silicon Valley into the backbone of modern surveillance infrastructure. Between 2014 and 2024, Apple, Google, and Meta collectively disclosed data from 3.16 million user accounts to U.S. authorities,…

Read more →

U.S. law enforcement announced the recovery of $31 million in cryptocurrency tied to the 2021 Uranium Finance exploit, marking one of the largest DeFi-related asset seizures.  The operation, spearheaded by the Southern District of New York (SDNY) and Homeland Security…

Read more →

Indian multinational tech giant Tata Technologies, a subsidiary of Tata Motors, is in the spotlight following allegations by ransomware group Hunters International of a major data breach.  According to Huntress Group, the claim resulted in the theft of 1.4 TB…

Read more →

VMware has issued a critical security advisory (VMSA-2025-0004) warning of active exploitation of three vulnerabilities in its ESXi, Workstation, and Fusion products. These flaws, CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, allow attackers to execute malicious code, escalate privileges, and leak sensitive memory…

Read more →

A newly identified variant of the Android Remote Access Tool (RAT), AndroRAT, has emerged as a critical cybersecurity threat, leveraging sophisticated techniques to steal device unlock patterns, PINs, and passcodes.  The malware, first documented in 2012 as an open-source university…

Read more →

A critical information disclosure vulnerability in Docusnap, a widely used IT inventory management solution, allows attackers to decrypt sensitive system data collected from Windows hosts.  Designated as CVE-2025-26849, the flaw stems from the use of a static encryption key to…

Read more →

Researchers from Splunk have identified a sophisticated malware campaign targeting over 4,000 Internet Service Providers (ISPs) primarily located on the West Coast of the United States and in China. The campaign, which originated from Eastern Europe, uses a combination of…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding CVE-2018-8639, a privilege escalation vulnerability in the Microsoft Windows Win32k component, which threat actors are actively exploiting to execute arbitrary code in kernel mode.  Added to CISA’s Known…

Read more →

A staggering 33.3 million attacks involving malware, adware, and unwanted mobile software were prevented throughout 2024. This alarming figure translates to an average of 2.8 million attempted attacks per month, highlighting the persistent and evolving threat landscape facing mobile device…

Read more →

IBM has issued urgent security advisories for two high-severity vulnerabilities (CVE-2025-0159, CVE-2025-0160) affecting its Storage Virtualize product suite, including SAN Volume Controller, Storwize, and FlashSystem families.  These flaws enable attackers to bypass authentication and execute arbitrary code remotely via the…

Read more →

A critical zero-day vulnerability in BigAntSoft’s BigAnt Server (CVE-2025-0364) allows unauthenticated attackers to execute arbitrary code on affected systems through a chain of SaaS registration abuses and PHP file uploads.  The flaw, discovered by VulnCheck researchers during an analysis of…

Read more →

Several sophisticated multi-stage malware campaigns were revealed by recent findings from Palo Alto Networks’ Unit 42 have employing advanced encryption techniques to evade detection. Threat actors are increasingly using the Advanced Encryption Standard (AES) in combination with code virtualization to…

Read more →

Google has issued an urgent security alert for CVE-2024-43093 and CVE-2024-50302, two critical Android vulnerabilities actively exploited in coordinated attacks targeting devices running Android 12 through 15.  Patched in the March 2025 Android Security Bulletin (security patch level 2025-03-05), these…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory, warning that a critical command injection vulnerability in Cisco Small Business RV Series Routers tracked as CVE-2023-20118 is being actively exploited in the wild.  The flaw, which carries…

Read more →

Five critical memory vulnerabilities in Paragon Partition Manager’s BioNTdrv.sys driver have been discovered, allowing attackers to escalate privileges and cause denial-of-service conditions on affected systems. The vulnerabilities, identified in versions prior to 2.0.0, were officially disclosed on February 28, 2025,…

Read more →

Cybersecurity experts have recently observed a concerning trend in attack methodologies, with threat actors increasingly leveraging fileless techniques that weaponize PowerShell and legitimate Microsoft applications to deploy malware while evading detection. These sophisticated attacks operate primarily in memory, leaving minimal…

Read more →

A sophisticated phishing campaign in which threat actors are utilizing a multi-stage attack chain that combines social engineering tactics with modified open-source tools to compromise Windows systems. The campaign, active as of March 2025, employs the ClickFix technique to deceive…

Read more →

Google is advancing its email privacy arsenal with the development of Shielded Email, a feature designed to generate disposable email aliases for users signing up for apps and services.  First uncovered in a Google Play Services v24.45.33 APK teardown by…

Read more →

The United States has paused offensive cyber operations against Russia under an order from Defense Secretary Pete Hegseth, causing debates over geopolitical strategy and domestic cybersecurity priorities.  While U.S. Cyber Command—a Unified Combatant Command overseeing military cyber operations—adheres to the…

Read more →

The cybersecurity landscape of 2024 witnessed an unprecedented increase in mass internet exploitation, driven by attackers’ ability to automate vulnerability exploits within hours of disclosure.  GreyNoise’s 2025 Mass Internet Exploitation Report reveals a systematic industrialization of cyberattacks, with threat actors…

Read more →

Security researchers have uncovered three critical vulnerabilities in Extreme Networks’ IQ Engine (HiveOS) that collectively enable authenticated attackers to escalate privileges, decrypt passwords, and execute arbitrary commands on affected systems.  The flaws—tracked as CVE-2025-27229, CVE-2025-27228, and CVE-2025-27227—were disclosed through coordinated…

Read more →

Cybersecurity firm Silent Push have confirmed recently that North Korean IT workers continue to utilize Astrill VPN services to hide their true IP addresses when seeking employment with international companies. This finding, originally reported by Google’s Mandiant in September 2024,…

Read more →

Unit 42, the threat intelligence team at Palo Alto Networks, has identified a sophisticated threat actor group named JavaGhost that has evolved from website defacement to executing persistent phishing campaigns using compromised AWS environments. The group, active since at least…

Read more →

A massive cybersecurity breach has compromised over 35,000 websites, injecting malicious scripts that completely hijack users’ browser windows and redirect them to Chinese-language gambling platforms. The attack, identified on February 20th, 2025, appears to target regions where Mandarin is common,…

Read more →

U.S. Army Specialist Cameron John Wagenius, 21, is charged with federal offenses for allegedly hacking at least 15 telecom companies and trying to extort a major provider while leveraging stolen call detail records (CDRs) of high-ranking officials. The U.S. Department…

Read more →

A newly disclosed edge case in Substack’s custom domain implementation allows threat actors to hijack inactive subdomains, potentially enabling content spoofing, phishing campaigns, and brand impersonation.  The researcher identified 1,426 vulnerable domains – representing 8% of all Substack-associated custom domains…

Read more →

MediaTek has issued urgent security advisories warning of multiple high-severity vulnerabilities in its system-on-chip (SoC) architectures, including flaws that enable local privilege escalation (LPE) and remote code execution (RCE).  The March 2025 Product Security Bulletin highlights three high severity vulnerabilities…

Read more →

A critical security vulnerability (CVE-2022-46337) in Apache Derby, an open-source relational database implemented entirely in Java, has exposed systems to authentication bypass attacks via LDAP injection.  The flaw, rated with a CVSS score of 9.1, enables attackers to craft malicious…

Read more →

Threat actors have simultaneously released major updates for two prominent info-stealers, Vidar and StealC, marking their transition to version 2.0.  These updates, announced in late February 2025, introduce redesigned builds, modernized features, and enhanced capabilities.  However, cybersecurity experts have uncovered…

Read more →

Have you ever wondered why businesses still face cyber threats, even with the latest security software?  Cybercriminals are always finding new ways to attack. To stay safe, companies need strong and adaptable security measures. Many businesses rely on off-the-shelf security…

Read more →

Security researchers have released a sophisticated new kernel exploit targeting Apple iOS devices, dubbed Trigon, which leverages a critical vulnerability in the XNU kernel’s virtual memory subsystem.  The exploit, linked to the ith “Operation Triangulation” spyware campaign that first weaponized…

Read more →

Threat actors have actively exploited CVE-2025-21333, a critical vulnerability in Microsoft’s Windows Hyper-V NT Kernel Integration Virtual Service Provider (VSP).  This heap-based buffer overflow vulnerability allows local attackers to escalate their privileges to the SYSTEM level, posing a significant security…

Read more →

A critical remote code execution (RCE) vulnerability has been discovered in the Wazuh server, a popular open-source security platform used for threat detection and compliance monitoring. Identified as CVE-2025-24016, this flaw allows attackers with API access to execute arbitrary Python…

Read more →

Amnesty International’s Security Lab has uncovered a sophisticated cyber-espionage campaign in Serbia, where authorities used a zero-day exploit chain developed by Cellebrite to unlock the Android phone of a student activist. The attack, which occurred on December 25, 2024, leveraged…

Read more →

Angel One, a leading financial services platform, disclosed a breach involving unauthorized access to specific client data after some of its Amazon Web Services (AWS) resources were compromised. The incident was discovered on February 27, 2025, when the company received…

Read more →

Microsoft has initiated legal proceedings against a global cybercrime syndicate accused of developing sophisticated tools to bypass safety protocols in its Azure OpenAI Service.  The complaint, filed in the U.S. District Court for the Eastern District of Virginia, alleges that…

Read more →

Security researchers have uncovered a coordinated attack campaign exploiting vulnerabilities in Google’s advertising ecosystem and PayPal’s merchant tools to steal sensitive user data.  The operation leverages Google Search ads impersonating PayPal’s official support channels and abuses PayPal’s no-code checkout system…

Read more →

Microsoft has confirmed that Skype will be permanently retired on May 5, 2025. The move underscores the company’s strategic shift toward consolidating its consumer communication tools under Microsoft Teams, a unified platform designed to bridge personal, educational, and professional collaboration.…

Read more →

A cyber attack leveraging Check Point’s patched CVE-2024-24919 vulnerability has targeted organizations across Europe, Africa, and the Americas. Security analysts have observed direct linkages to Chinese state-sponsored threat actors.  The intrusion chain, which deploys the ShadowPad backdoor and NailaoLocker ransomware,…

Read more →

A critical vulnerability tracked as CVE-2024-48248, has been discovered in the Nakivo Backup & Replication tool, exposing systems to unauthenticated arbitrary file read attacks. Security researchers from watchTowr Labs disclosed the flaw, which affects version 10.11.3.86570 and potentially earlier versions…

Read more →

Ping Identity has issued an urgent security advisory for its PingAM Java Agent, revealing a critical severity vulnerability (CVE-2025-20059) that enables attackers to bypass policy enforcement mechanisms and gain unauthorized access to protected resources.  The flaw, classified as a Relative…

Read more →

A surge in “Pass-the-Cookie” (PTC) attacks is undermining multi-factor authentication (MFA), enabling cybercriminals to hijack session cookies and bypass security measures to access sensitive accounts. Recent advisories from the FBI and cybersecurity firms highlight how attackers exploit stolen browser cookies…

Read more →

Security researchers have uncovered a new campaign leveraging the Njrat remote access trojan (RAT) to abuse Microsoft’s developer-oriented Dev Tunnels service for covert command-and-control (C2) communications.  Historically associated with credential theft and USB-based propagation, the malware now utilizes Microsoft’s infrastructure…

Read more →

A new variant of the Poco RAT malware has emerged as a significant threat to Spanish-speaking organizations across Latin America, leveraging sophisticated PDF decoys and cloud-based delivery systems to infiltrate networks and exfiltrate sensitive data.  Linked to the cyber-mercenary group…

Read more →

Telegram remains the undisputed leader in cybercriminal communications, with recent analysis revealing over 80 million unique identifiers and links to Telegram channels shared across underground forums, a figure exceeding competitors like Discord (2.8 million links) and Session (450,000 IDs).  While…

Read more →

Lynx, a new ransomware variant, has been rising through the ranks of cyber threats since its initial release in mid-2024.   Operating under a Ransomware-as-a-Service (RaaS) model, Lynx targets organizations globally through double extortion campaigns, combining file encryption with systematic data…

Read more →

A sophisticated malware operation exploiting GitHub’s repository system has been uncovered, leveraging fake software cracks and gaming mods to deploy the Redox information stealer across 1,100+ repositories.  The campaign utilizes social engineering tactics and code obfuscation to harvest sensitive credentials,…

Read more →

A sophisticated botnet operation has compromised 1.6 million Android TV devices across 226 nations, leveraging advanced domain generation algorithms and cryptographic evasion techniques to create the largest known IoT threat since the 2016 Mirai attacks.  Dubbed Vo1d, this operation represents…

Read more →

Web filtering solutions involve monitoring and filtering internet traffic to prevent users from accessing specific websites, applications, or types of content that may be deemed inappropriate, unsafe, or non-compliant with organizational guidelines. Web filtering solutions are crucial in managing and…

Read more →

A study published ahead of NDSS 2025 revealed a critical vulnerability in China’s Great Firewall (GFW) DNS injection subsystem, called Wallbleed, which allowed sensitive memory data leaks for over two years before being patched in March 2024. The flaw exposed…

Read more →

Since late 2024, a sophisticated phishing operation leveraging 260 domains to host over 5,000 weaponized PDF files has targeted users across North America, Asia, and Southern Europe.  The campaign employs fake CAPTCHA screens, search engine optimization (SEO) poisoning, and PowerShell-based…

Read more →

A recent analysis uncovered 11,908 live DeepSeek API keys, passwords, and authentication tokens embedded in publicly scraped web data. According to cybersecurity firm Truffle Security, the study highlights how AI models trained on unfiltered internet snapshots risk internalizing and potentially…

Read more →

Dynamic malware analysis tools are critical for detecting and understanding modern cyber threats. These tools execute suspicious software in isolated environments to monitor its behavior, such as file modifications, network activity, or registry changes. Below is a list of the…

Read more →

Microsoft has addressed a significant issue affecting users of classic Outlook on devices running Windows 11, version 24H2. After installing recent Windows updates, including the January 2025 non-security preview update (KB5050094) and the February 11, 2025 update (KB5051987), many users…

Read more →

A cross-site scripting (XSS) vulnerability within the Krpano framework, a popular tool for embedding 360° images and creating virtual tours, has been exploited to inject malicious scripts into over 350 websites. This widespread campaign manipulates search engine results and spreads…

Read more →

A recent surge in user reports has revealed that Google’s Android System SafetyCore—a system service designed to enable on-device content scanning—has been silently installed on Android devices running Android 9 and later since October 2024.  The app, identified by the…

Read more →

The Open Source Security Foundation (OpenSSF) has launched the Open Source Project Security Baseline (OSPS Baseline), a tiered framework designed to standardize security practices for Linux and other open-source projects.  This initiative, aligned with global cybersecurity regulations like the EU…

Read more →

A new wave of phishing attacks impersonating Japanese electronics retail giant Yodobashi Camera has emerged, leveraging urgency and brand trust to steal customer credentials. Cybersecurity firm Symantec reported the campaign, which uses emails titled “Yodobashi.com: ‘Customer Information’ Change Request Notification”…

Read more →

A new attack dubbed nRootTag has exposed over 1.5 billion Apple devices, including iPhones, iPads, Apple Watches, and Macs, to covert tracking by malicious actors.  To be Detailed in a forthcoming USENIX Security Symposium 2025 paper by researchers Junming Chen,…

Read more →

Cisco Systems has issued a critical security advisory addressing a command injection vulnerability in its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode.  Designated as CVE-2025-20161, the flaw allows authenticated local attackers with administrative privileges to execute…

Read more →

A major development in wireless security research has revealed a sophisticated Wi-Fi jamming technique capable of disabling individual devices with millimeter-level precision, leveraging emerging Reconfigurable Intelligent Surface (RIS) technology. Developed by researchers at Ruhr University Bochum and the Max Planck…

Read more →

Authorities arrested a prolific hacker responsible for over 90 data breaches across 65 organizations in the Asia-Pacific region and 25 additional global targets.  The cybercriminal, operating under aliases ALTDOS, DESORDEN, GHOSTR, and 0mid16B, exfiltrated 13 terabytes of sensitive data between…

Read more →

A North Korea-aligned cybercriminal campaign dubbed DeceptiveDevelopment has been targeting freelance software developers through fake job interviews since early 2024. Posing as recruiters on platforms like LinkedIn, Upwork, and cryptocurrency-focused job boards, attackers lure victims with promising job opportunities or…

Read more →