Cybersecurity News
-
Top 10 Best Cloud Workload Protection Platforms (CWPP) in 2025
The cloud landscape in 2025 continues its unprecedented growth, with organizations of all sizes rapidly migrating critical workloads to public, private, and hybrid cloud environments. While cloud providers meticulously secure…
Read More » -
Hackers Exploit WordPress Arbitrary Installation Vulnerabilities in the Wild
Cybersecurity firm Wordfence has uncovered a renewed wave of mass exploitation targeting critical vulnerabilities in two popular WordPress plugins, allowing unauthenticated attackers to install malicious software and potentially seize control…
Read More » -
Top 10 Best Cloud Penetration Testing Providers in 2025
The rapid migration to cloud environments – AWS, Azure, and GCP being the dominant players continues unabated in 2025. While cloud providers offer robust underlying infrastructure security, the shared responsibility…
Read More » -
Top 10 Best Cloud Security Companies For AWS, Azure And GCP in 2025
Organizations are not just adopting cloud; they are embracing multi-cloud and hybrid strategies as the new norm, distributing workloads across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform…
Read More » -
Top 10 Best Security Operations Center (SOC) as a Service Providers in 2025
In 2025, the digital landscape is more complex and perilous than ever. Organizations face an unrelenting barrage of sophisticated cyber threats, from advanced ransomware campaigns to nation-state-backed attacks. As a…
Read More » -
Vulnerability in Perplexity’s Comet Browser Screenshot Feature Allows Malicious Prompt Injection
Researchers have discovered a critical security vulnerability in Perplexity’s Comet AI browser that allows attackers to inject malicious commands through hidden text in screenshots. The vulnerability, disclosed on October 21,…
Read More » -
SideWinder Leverages ClickOnce Installer to Deliver StealerBot Malware
The notorious SideWinder advanced persistent threat (APT) group has evolved its cyber espionage tactics with a sophisticated new attack method, combining PDF lures with ClickOnce technology to deploy StealerBot malware…
Read More » -
Threat Actors Advancing Email Phishing Attacks to Bypass Security Filters
Cybercriminals continue to evolve their email phishing arsenals, reviving legacy tactics while layering on advanced evasions to slip past automated filters and human scrutiny. In 2025, attackers are noted tried-and-true…
Read More » -
Direct Memory Attacks Used to Capture Browser Credentials
On October 6, 2025, the cybercriminal developer known as “Loadbaks” announced the release of Vidar Stealer v2.0 on underground forums, introducing a sophisticated information-stealing malware that employs direct memory injection…
Read More » -
PassiveNeuron Targets High-Profile Servers to Deploy Malware
A sophisticated cyberespionage campaign dubbed PassiveNeuron has emerged from the shadows after months of dormancy, with security researchers uncovering fresh details about its operations and attack methods. The campaign, first…
Read More » -
Cavalry Werewolf APT Targets Multiple Sectors Using FoalShell and StallionRAT
From May to August 2025, an advanced persistent threat group known as Cavalry Werewolf—also tracked as YoroTrooper and Silent Lynx—executed a sophisticated attack campaign targeting Russia’s public sector and vital…
Read More » -
Massive AWS Outage Halt The Internet
A catastrophic Amazon Web Services (AWS) outage struck on October 20, 2025, bringing down major platforms like Snapchat, Amazon Prime Video, and Canva, and revealing the internet’s dangerous dependence on…
Read More » -
Volkswagen Allegedly Hacked in Ransomware Attack as 8Base Claims Data Leak
Volkswagen Group is investigating claims from the 8Base ransomware group, which asserts it has stolen sensitive company data. While the German automaker has stated that its core IT systems are…
Read More » -
Windows 11 24H2/25H2 Update Breaks Mouse and Keyboard in Recovery Mode
Microsoft’s latest cumulative update for Windows 11, KB5066835, is causing significant disruptions for users, most notably by rendering USB keyboards and mice useless within the Windows Recovery Environment (WinRE). The…
Read More » -
ClickFake Interview Campaign Used by Threat Actors to Deliver OtterCandy Malware
A North Korean-linked group, WaterPlum’s Cluster B, has evolved its tactics by introducing OtterCandy—a Node.js–based RAT and information stealer—through the ClickFake Interview campaign, with significant enhancements observed in August 2025.…
Read More »