Cybersecurity News
-
Ransomware Actors Combine Legitimate Tools with Custom Malware to Evade Detection
Operators behind the Crypto24 strain are employing highly coordinated, multi-stage attacks that blend legitimate system tools with bespoke malware to infiltrate networks, maintain persistence, and evade endpoint detection and response…
Read More » -
New NFC-Based PhantomCard Malware Targets Android Banking Users
ThreatFabric analysts have uncovered PhantomCard, a sophisticated NFC-based Trojan designed to relay sensitive card data from victims’ devices to cybercriminals. This malware, which primarily targets banking customers in Brazil but…
Read More » -
Windows Out-of-Box-Experience Flaw Enables Full Administrative Command Prompt Access
A newly documented vulnerability in Windows’ Out-of-Box-Experience (OOBE) allows users to bypass security restrictions and gain full administrative access to command prompt functionality, even when Microsoft’s intended protective measures are…
Read More » -
Adobe’s August 2025 Patch Tuesday Fixes 60 Vulnerabilities Across Multiple Products
Adobe has rolled out its August 2025 Patch Tuesday updates, addressing a total of 60 vulnerabilities across a wide array of products, including key creative tools and enterprise solutions. These…
Read More » -
Law Enforcement Seizes BlackSuit Ransomware Servers Targeting U.S. Critical Infrastructure
The U.S. Department of Justice, in collaboration with multiple domestic and international law enforcement agencies, announced the seizure of critical infrastructure associated with the BlackSuit ransomware group, formerly known as…
Read More » -
Electronic Arts Blocks 300,000 Cheating Attempts After Battlefield 6 Beta Launch
Electronic Arts’ SPEAR Anti-Cheat Team has released a noteworthy update, stating that since the Battlefield 6 Open Beta Early Access launch, the company’s Javelin anti-cheat technology has successfully prevented over…
Read More » -
Royal Enfield Reportedly Targeted in Ransomware Attack, Hackers Claim Data Encryption
Royal Enfield, the storied motorcycle manufacturer celebrated for its classic designs and global fan base, is reportedly grappling with a significant cybersecurity breach. A hacker collective posted a “Complete Breach…
Read More » -
Win-DoS’ Zero-Click Exploit Could Weaponize Windows Infrastructure for DDoS Attacks
Security researchers have uncovered a “zero-click” denial-of-service chain that can silently turn thousands of Microsoft Windows Domain Controllers (DCs) into a globe-spanning botnet, raising fresh alarms in a year already…
Read More » -
Malware Campaign Masquerades as Tesla in Poisoned Google Ads
A malware operation has surfaced in the context of a complex cyber threat landscape, using tainted Google Ads to pose as Tesla and trick consumers into placing fictitious preorders for…
Read More » -
Over 28,000 Microsoft Exchange Servers Exposed Online to CVE-2025-53786 Vulnerability
The cybersecurity community faces a significant threat as scanning data reveals over 28,000 unpatched Microsoft Exchange servers remain exposed on the public internet, vulnerable to a critical security flaw designated…
Read More » -
Multiple Zero-Day Exploits Discover That Bypass BitLocker, Exposing All Encrypted Data
Microsoft security researchers have uncovered four critical vulnerabilities in Windows BitLocker that could allow attackers with physical access to bypass the encryption system and extract sensitive data. The findings, revealed…
Read More » -
CISA Issues 10 ICS Advisories Detailing Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has released ten industrial control systems (ICS) advisories on August 7, 2025, highlighting critical vulnerabilities across various industrial automation and control platforms. These…
Read More » -
Hacker Extradited to U.S. for $2.5 Million Tax Fraud Scheme
Chukwuemeka Victor Amachukwu, also known as Chukwuemeka Victor Eletuo and So Kwan Leung, was extradited from France to the United States to face charges related to sophisticated hacking, wire fraud,…
Read More » -
‘Ghost Calls’ Attack Exploits Web Conferencing as Hidden Command-and-Control Channel
Security researchers have unveiled a sophisticated new attack technique called “Ghost Calls” that exploits popular web conferencing platforms to establish covert command-and-control (C2) channels, effectively turning trusted business communication tools…
Read More »