Cybersecurity News
-
Fake Coinbase Migration Messages Target Users to Steal Wallet Credentials
A sophisticated phishing campaign is currently targeting cryptocurrency investors with fraudulent emails claiming to be from Coinbase. The scam attempts to trick users into transferring their funds to wallets controlled…
Read More » -
Crypto Platform OKX Suspends Tool Abused by North Korean Hackers
Cryptocurrency platform OKX has announced the temporary suspension of its Decentralized Exchange (DEX) aggregator tool. This decision comes on the heels of coordinated attacks by certain media outlets and unsuccessful…
Read More » -
Hackers Rapidly Adopt ClickFix Technique for Sophisticated Attacks
In recent months, a sophisticated social engineering technique known as ClickFix has gained significant traction among cybercriminals and nation-state-sponsored groups. This method exploits human psychology by presenting users with fake…
Read More » -
Hackers Exploit Tomcat Vulnerability to Hijack Apache Servers
A recent and significant cybersecurity threat has emerged involving a critical vulnerability in Apache Tomcat, identified as CVE-2025-24813. This vulnerability allows for remote code execution, potentially allowing hackers to hijack…
Read More » -
Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication
A critical security vulnerability has been identified in the ruby-saml library, a popular tool used for Single Sign-On (SSO) via Security Assertion Markup Language (SAML) on the service provider side.…
Read More » -
Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells
The notorious Lazarus group has been identified as leveraging compromised IIS servers to deploy malicious ASP web shells. These sophisticated attacks have been reported to facilitate the spread of malware,…
Read More » -
New Context Compliance Exploit Jailbreaks Major AI Models
Microsoft researchers have uncovered a surprisingly straightforward method that can bypass safety guardrails in most leading AI systems. In a technical blog post published on March 13, 2025, Microsoft’s Mark…
Read More » -
DeepSeek R1 Jailbreaked to Create Malware, Including Keyloggers and Ransomware
The increasing popularity of generative artificial intelligence (GenAI) tools, such as OpenAI’s ChatGPT and Google’s Gemini, has attracted cybercriminals seeking to exploit these technologies for malicious purposes. Despite the guardrails…
Read More » -
Cisco Warns of Critical IOS XR Vulnerability Enabling DoS Attacks
Cisco has issued a security advisory warning of a vulnerability in its IOS XR Software that could allow attackers to launch denial-of-service (DoS) attacks. The vulnerability, identified as CVE-2025-20115, affects…
Read More » -
Edimax Camera RCE Vulnerability Exploited to Spread Mirai Malware
A recent alert from the Akamai Security Intelligence and Response Team (SIRT) has highlighted the exploitation of a severe command injection vulnerability in Edimax Internet of Things (IoT) devices. This…
Read More » -
AWS SNS Exploited for Data Exfiltration and Phishing Attacks
Amazon Web Services’ Simple Notification Service (AWS SNS) is a versatile cloud-based pub/sub service that facilitates communication between applications and users. While its scalability and integration capabilities make it a…
Read More » -
Hackers Exploiting Exposed Jupyter Notebooks to Deploy Cryptominers
Cado Security Labs has identified a sophisticated cryptomining campaign exploiting misconfigured Jupyter Notebooks, targeting both Windows and Linux systems. The attack utilizes multiple stages of obfuscation, including encrypted payloads and…
Read More » -
U.S. Charges LockBit Ransomware Developer in Cybercrime Crackdown
The U.S. Department of Justice has charged Rostislav Panev, a dual Russian and Israeli national, for his role as a developer of the notorious LockBit ransomware group. Panev, 51, was…
Read More » -
Using AI-Driven Cybersecurity Training to Counter Emerging Threats
As Artificial Intelligence (AI)-powered cyber threats surge, INE Security, a global leader in cybersecurity training and certification, is launching a new initiative to help organizations rethink cybersecurity training and workforce…
Read More » -
Blind Eagle Targets Organizations with Weaponized .URL Files to Steal User Hashes
In a significant development in the cybersecurity landscape, APT-C-36, more commonly known as Blind Eagle, has intensified its operations targeting Colombian governmental, financial, and critical infrastructure organizations. Active since 2018,…
Read More » -
Aptori Now on Google Cloud Marketplace for AI-Powered Security and Automated Risk Remediation
Aptori’s AI-Driven AppSec Platform Proactively Eliminates Vulnerabilities to Minimize Risk and Ensure Compliance. Aptori, a leader in AI-driven application security, today announced the launch of its AI-driven AppSec Platform on Google Cloud Marketplace as…
Read More » -
CYREBRO’s AI-Native MDR Platform Earns Silver at the 2025 Globee Cybersecurity Awards
CYREBRO, the AI-native Managed Detection and Response (MDR) solution, announced today that it won Silver in the category of Security Operations Center (SOC) solutions at the annual 2025 Globee Awards.…
Read More » -
Jaguar Land Rover Allegedly Hit by Cyberattack, Hacker Claims
A threat actor known as “Rey” has come forward on a prominent dark web forum, claiming responsibility for a significant cyberattack on Jaguar Land Rover. The British multinational automotive company,…
Read More » -
Critical Veritas Vulnerability Allows Attackers to Execute Malicious Code
A critical vulnerability has been discovered in Veritas’ Arctera InfoScale product, a solution widely used for disaster recovery and high availability scenarios. The issue lies in the insecure deserialization of…
Read More » -
Microsoft’s Time Travel Debugging Tool Vulnerability Let Attackers Execute Code Remotely
Microsoft’s Time Travel Debugging (TTD) framework, a powerful tool for recording and replaying Windows program executions, has been found to harbor subtle yet significant bugs in its CPU instruction emulation…
Read More »