credential

November 1, 2025

New Email Security Technique Prevents Phishing Attacks Behind NPM Breach

The discovery of a large-scale NPM ecosystem compromise in September 2025 has renewed focus on email security as the critical…
Read More »
October 31, 2025

WhatsApp Implements Passkey System to Boost Backup Privacy

WhatsApp has announced a significant security upgrade that makes protecting your chat backups simpler and more secure than ever before.…
Read More »
October 30, 2025

Threat Actors Abuse AzureHound Tool to Enumerate Azure and Entra ID Environments

The cybersecurity landscape continues to shift toward cloud-based attacks, with threat actors increasingly exploiting legitimate security tools for malicious reconnaissance.…
Read More »
October 30, 2025

Sweet Security Brings Runtime-CNAPP Power to Windows

Tel Aviv, Israel, October 29th, 2025, CyberNewsWire Sweet Security Brings Runtime-CNAPP Power to Windows Sweet Security, a leader in Runtime…
Read More »
October 29, 2025

Massive Tata Motors Data Leak Exposes 70+ TB of Sensitive Information

Tata Motors, India’s largest automaker and a major player in the global automotive industry, suffered a catastrophic data exposure that…
Read More »
October 29, 2025

New Android Malware Mimics Human Behavior to Bypass Biometric Security

A sophisticated new Android banking Trojan named Herodotus has emerged as a significant threat to mobile users, introducing a novel…
Read More »
October 28, 2025

New GhostGrab Android Malware Silently Steals Banking Login Details and Intercept SMS for OTPs

A sophisticated new Android malware family called GhostGrab is actively targeting mobile users with a dual-monetization strategy that combines covert…
Read More »
October 27, 2025

Qilin Ransomware Exploits MSPaint and Notepad to Locate Sensitive Files

In the latter half of 2025, the Qilin ransomware group has solidified its standing as a formidable threat, continuing to…
Read More »
October 25, 2025

Top 10 Best Cloud Penetration Testing Providers in 2025

The rapid migration to cloud environments – AWS, Azure, and GCP being the dominant players continues unabated in 2025. While…
Read More »
October 24, 2025

Phishing Campaign Uses Unique UUIDs to Evade Secure Email Gateways

A sophisticated new phishing attack discovered in early February 2025 is successfully bypassing Secure Email Gateways (SEGs) and evading perimeter…
Read More »
October 23, 2025

Caminho Malware Loader Conceals .NET Payloads inside Images via LSB Steganography

Cybersecurity researchers at Arctic Wolf Labs have uncovered a cunning new threat dubbed Caminho, a Brazilian Loader-as-a-Service (LaaS) that’s turning…
Read More »
October 23, 2025

Injecting Malicious Code into RMClient to Evade EDR

CyberProof researchers detected a significant surge in Remcos (Remote Control & Surveillance Software) campaigns throughout September and October 2025, exploiting…
Read More »
October 22, 2025

Threat Actors Advancing Email Phishing Attacks to Bypass Security Filters

Cybercriminals continue to evolve their email phishing arsenals, reviving legacy tactics while layering on advanced evasions to slip past automated…
Read More »
October 22, 2025

Direct Memory Attacks Used to Capture Browser Credentials

On October 6, 2025, the cybercriminal developer known as “Loadbaks” announced the release of Vidar Stealer v2.0 on underground forums,…
Read More »
October 19, 2025

ClickFake Interview Campaign Used by Threat Actors to Deliver OtterCandy Malware

A North Korean-linked group, WaterPlum’s Cluster B, has evolved its tactics by introducing OtterCandy—a Node.js–based RAT and information stealer—through the…
Read More »
October 19, 2025

TikTok Videos Weaponized to Deliver Self-Compiling PowerShell Malware

Attackers are exploiting TikTok’s massive reach to trick users into executing malware through seemingly innocuous videos. In one popular TikTok…
Read More »
October 19, 2025

Critical Zimbra SSRF Flaw Exposes Sensitive Data

Zimbra has released an emergency security patch to address a critical Server-Side Request Forgery (SSRF) vulnerability that could allow attackers…
Read More »
October 16, 2025

MCPTotal Launches to Power Secure Enterprise MCP Workflows

MCPTotal, a comprehensive secure Model Context Protocol (MCP) platform, today announced its flagship platform to help businesses adopt and secure…
Read More »
October 15, 2025

GhostBat RAT Android Malware Poses as Fake RTO Apps to Steal Banking Data from Indian Users

The GhostBat RAT campaign leverages diverse infection vectors—WhatsApp, SMS with shortened URLs, GitHub-hosted APKs, and compromised websites—to distribute malicious Android…
Read More »
October 14, 2025

Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads

In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that…
Read More »

Previous page Next page