Cybersecurity News
-
61 Vulnerabilities Including 25 RCE’s Fixed
Microsoft has released its highly anticipated Patch Tuesday security updates for February 2025, addressing a wide range of vulnerabilities across its products and services. This month’s release includes fixes for…
Read More » -
Akira Ransomware Dominates January 2025 as the Most Active Ransomware Threat
January 2025 marked a pivotal month in the ransomware landscape, with Akira emerging as the most active and dominant threat actor. The group was responsible for 72 attacks globally, a…
Read More » -
Apple iOS 0-day Vulnerability Exploited Wild in Extremely Sophisticated Attack
Apple has released emergency security updates to address a zero-day vulnerability, CVE-2025-24200, that has been actively exploited in targeted attacks against iPhone and iPad users. The vulnerability allows attackers to…
Read More » -
Ghidra 11.3 Released – A Major Update to NSA’s Open-Source Tool
The National Security Agency (NSA) has officially released Ghidra 11.3, the latest iteration of its open-source software reverse engineering (SRE) framework. Known for its robust capabilities in analyzing compiled code…
Read More » -
New Scareware Attack Targeting Mobile Users to Deploy Malicious Antivirus Apps
A new wave of scareware attacks has emerged, targeting unsuspecting mobile users with fake antivirus applications designed to exploit fear and trick victims into downloading malicious software. Scareware, a type…
Read More » -
UK Forces Apple Create Global Backdoor to Spy on Encrypted iCloud Data
United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all encrypted content stored in its iCloud service. The demand, issued under the U.K.’s controversial Investigatory Powers…
Read More » -
Cybercriminals Target IIS Servers to Spread BadIIS Malware
A recent wave of cyberattacks has revealed the exploitation of Microsoft Internet Information Services (IIS) servers by threat actors deploying the BadIIS malware. This campaign, attributed to Chinese-speaking groups, leverages…
Read More » -
A Novel Defense Against Backdoor Attacks
Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is transmitted by focusing on the meaning of data rather than raw content. Unlike traditional communication methods,…
Read More » -
Real-World AD Breaches and the Future of Cybersecurity
Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning and automation capabilities to simulate sophisticated cyberattacks. Recent research demonstrates how autonomous LLM-driven systems can effectively…
Read More » -
Hackers Exploiting SimpleHelp Vulnerabilities to Deploy Malware on Systems
Cybercriminals are actively exploiting vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) software to infiltrate networks, create unauthorized administrator accounts, and deploy malware, including the Sliver backdoor. These flaws, identified…
Read More » -
Cisco IOS SNMP Vulnerabilities Allow Attackers to Launch DoS Attacks”
Cisco has disclosed multiple vulnerabilities in its Simple Network Management Protocol (SNMP) subsystem affecting Cisco IOS, IOS XE, and IOS XR software. These flaws, identified as high-severity, could allow an…
Read More » -
Hackers Can Exploit GPU Flaws to Gain Full Control of Your Device
Several critical vulnerabilities affecting Mali Graphics Processing Units (GPUs) have surfaced, allowing hackers to exploit flaws in GPU drivers to gain full control of devices. The vulnerabilities tracked as CVE-2022-22706 and CVE-2021-39793, expose…
Read More » -
1- Click RCE Vulnerability In Voyager PHP Allow Attackers Execute Arbitrary code in Server
A recently disclosed security vulnerability in the Voyager PHP package, a popular tool for managing Laravel applications, has raised significant concerns regarding the potential for remote code execution (RCE) on…
Read More » -
Apache Cassandra Vulnerability Allows Attackers to Gain Access Data Centers
In a recent security advisory, a moderate-severity vulnerability has been identified in Apache Cassandra, potentially allowing unauthorized users to access restricted data centers or IP/CIDR groups. This flaw, designated CVE-2025-24860,…
Read More » -
FlexibleFerret Malware Attacking macOS Users, Evading XProtect Detections
A new macOS malware variant, dubbed “FlexibleFerret,” has been identified targeting developers and job seekers as part of an ongoing North Korean phishing campaign. Despite Apple’s recent signature updates to…
Read More » -
Hackers Exploiting DNS Poisoning to Compromise Active Directory Environments
A groundbreaking technique for Kerberos relaying over HTTP, leveraging multicast poisoning, has been recently detailed by cybersecurity researchers. Introduced by James Forshaw and further developed using the Responder and krbrelayx…
Read More » -
Hackers Impersonate Top Tax Firm with 40,000 Phishing Messages to Steal Credentials.
Proofpoint researchers have identified a marked increase in phishing campaigns and malicious domain registrations designed to exploit tax filing season. These operations, targeting countries such as the UK, US, Switzerland,…
Read More »