Cybersecurity News
-
Hackers Exploit NFC Technology to Steal Money from ATMs and POS Terminals
In a disturbing trend, cybercriminals, predominantly from Chinese underground networks, are exploiting Near Field Communication (NFC) technology to perpetrate large-scale fraud at ATMs and Point-of-Sale (POS) terminals. According to cyber…
Read More » -
Zyxel Releases Patches for Privilege Management Vulnerabilities in Firewalls
Zyxel, a leading provider of secure networking solutions, has released critical security patches to address two privilege management vulnerabilities in the USG FLEX H series firewalls. The flaws, tracked as…
Read More » -
Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans
The Sekoia TDR (Threat Detection & Research) team has reported on a sophisticated network infrastructure named “Cloudflare tunnel infrastructure to deliver multiple RATs” being exploited by cyber attackers since at…
Read More » -
Hackers Exploit Legitimate Microsoft Utility to Deliver Malicious DLL Payload
Hackers are now exploiting a legitimate Microsoft utility, mavinject.exe, to inject malicious DLLs into unsuspecting systems. This utility, intended for injecting DLLs in Application Virtualization (App-V) environments, has become a…
Read More » -
HPE Performance Cluster Manager Vulnerability Enables Unauthorized Access
Hewlett Packard Enterprise (HPE) has disclosed a severe security flaw in its Performance Cluster Manager (HPCM) software that could allow attackers to bypass authentication and gain unauthorized remote access to…
Read More » -
Infostealer Attacks Surge 84% Weekly Through Phishing Emails
The volume of infostealer malware distributed through phishing emails has surged by 84% week-on-week in 2024, according to the latest IBM X-Force report. This sharp increase not only signals a…
Read More » -
Security Awareness Metrics That Matter to the CISO
In today’s rapidly evolving threat landscape, Chief Information Security Officers (CISOs) are tasked with more than just deploying the latest security technologies; they must also foster a culture of security…
Read More » -
Critical PyTorch Vulnerability Allows Hackers to Run Remote Code
A newly disclosed critical vulnerability (CVE-2025-32434) in PyTorch, the widely used open-source machine learning framework, allows attackers to execute arbitrary code on systems loading AI models—even when safety measures like weights_only=True are…
Read More » -
Writing Effective Detection Rules With Sigma, YARA, and Suricata
In the ever-evolving world of cybersecurity, the ability to detect threats quickly and accurately is crucial for defending modern digital environments. Detection rules are the backbone of this proactive defense,…
Read More » -
New Android SuperCard X Malware Uses NFC-Relay Technique for POS & ATM Transactions
A new malware strain known as SuperCard X has emerged, utilizing an innovative Near-Field Communication (NFC)-relay attack to execute unauthorized transactions at Point-of-Sale (POS) systems and Automated Teller Machines (ATMs).…
Read More » -
Chinese Nexus Hackers Exploit Ivanti Connect Secure Flaw to Gain Access
In a sophisticated cyber-espionage operation, a group known as UNC5221, suspected to have China-nexus, has exploited a critical vulnerability in Ivanti Connect Secure VPN appliances. The exploit, identified as CVE-2025-22457,…
Read More » -
10 Best Cloud Security Solutions 2025
In today’s digital era, businesses are increasingly adopting cloud computing to store data, run applications, and manage infrastructure. However, as organizations shift to the cloud, they face new security challenges…
Read More » -
10 Best Patch Management Tools in 2025
In today’s digital landscape, maintaining secure and efficient IT systems is critical for organizations. Patch management tools play a vital role in achieving this by automating the process of identifying,…
Read More » -
How SMBs Can Improve SOC Maturity With Limited Resources
Small and Medium-sized Businesses (SMBs) have become prime targets for cybercriminals, being three times more likely to be targeted by phishing attacks than larger organizations. These attacks often serve as…
Read More » -
How To Detect Obfuscated Malware That Evades Static Analysis Tools
Obfuscated malware presents one of the most challenging threats in cybersecurity today. As static analysis tools have become standard components of security defenses, malware authors have responded by developing increasingly…
Read More » -
Ransomware Attacks Surge 126%, Targeting Consumer Goods and Services Sector
The cybersecurity landscape witnessed a dramatic escalation in ransomware attacks, marking a concerning trend for global businesses. According to a recent analysis by Check Point Research, ransomware incidents surged by…
Read More » -
Model Context Protocol Flaw Allows Attackers to Compromise Victim Systems
A critical vulnerability in the widely adopted Model Context Protocol (MCP), an open standard for integrating generative AI (GenAI) tools with external systems, has exposed organizations to risks of data…
Read More » -
Google Removes 5.5 Billion Malicious Ads, Suspends 700,000+ Offending Advertisers
Google has announced the removal of 5.5 billion malicious advertisements and the suspension of over 700,000 offending advertiser accounts in 2024, according to its recently released Ads Safety Report. This…
Read More » -
2 Apple Zero-Day Vulnerabilities Actively Exploited in “Extremely” Sophisticated iOS Attacks
Apple has urgently rolled out iOS 18.4.1 and iPadOS 18.4.1 to patch two zero-day vulnerabilities that were actively exploited in “extremely sophisticated” attacks aimed at specific iOS users. The flaws,…
Read More »