data
-
New JSCEAL Infostealer Malware Targets Windows Systems to Steal Login Credentials
A sophisticated information-stealing tool known as JSCEAL has undergone significant developments in recent months, incorporating advanced anti-analysis techniques and a…
Read More » -
Surge in Attacks Targeting RSC-Enabled Services Worldwide
In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execution (RCE), was publicly…
Read More » -
New DroidLock Malware Locks Android Devices and Demands Ransom Payment
A new and sophisticated threat campaign has been identified by the zLabs research team, targeting Spanish Android users with a…
Read More » -
644K+ Websites at Risk Due to Critical React Server Components Flaw
A critical vulnerability known as “React2Shell” has been identified by the Shadowserver Foundation, posing a significant threat to a massive…
Read More » -
New “Spiderman” Phishing Kit Lets Hackers Build Fake Bank Login Pages Instantly
A new and sophisticated phishing toolkit, known as “Spiderman,” has been identified as a significant threat to European banking customers.…
Read More » -
High-Risk Ivanti EPM Vulnerability Opens Door to Admin Session Hijacking
A critical stored cross-site scripting (XSS) vulnerability has been discovered in Ivanti Endpoint Manager (EPM), allowing unauthenticated attackers to hijack…
Read More » -
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws
Zoom has released security patches to address two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. These…
Read More » -
Akira Group Targets Hyper-V and VMware ESXi with Ransomware Exploiting Vulnerabilities
Hypervisors, the invisible backbone of modern corporate IT, have become the new primary battleground for ransomware groups. According to new…
Read More » -
Hackers Exploit Delivery Receipts in Messaging Apps to Steal Users’ Private Information
A severe security flaw has been uncovered, putting billions of WhatsApp and Signal users worldwide at risk of being secretly…
Read More » -
Hackers Exploit Multiple Ad Networks to Distribute Triada Malware to Android Users
Adex, a leading anti-fraud and traffic-quality platform under AdTech Holding, has successfully identified and neutralized a complex, multi-year malware operation…
Read More » -
Apple, Google, and Samsung May Soon Activate Always-On GPS in India
India’s government is considering a proposal to require smartphone manufacturers to enable satellite location tracking on all devices permanently, which…
Read More » -
LOLPROX Unveils Undetected Exploitation Routes for Stealthy Hypervisor Attacks
A new security analysis has unveiled “LOLPROX,” a comprehensive catalog of “Living Off The Land” (LOL) techniques specifically targeting Proxmox…
Read More » -
Threat Actors Distribute CoinMiner Malware through USB Drives to Infect Workstations
Cybercriminals continue to exploit USB drives as infection vectors, with recent campaigns delivering sophisticated CoinMiner malware that establishes persistent cryptocurrency-mining…
Read More » -
Beyond CVEs – Turning Visibility into Action with ASM
Torrance, California, USA, December 5th, 2025, CyberNewsWire Criminal IP will host a live webinar on December 16 at 11:00 AM…
Read More » -
FvncBot Android Malware Steals Keystrokes and Injects Harmful Payloads
A newly discovered Android banking trojan, FvncBot, has emerged as a sophisticated threat targeting mobile banking users in Poland. Researchers…
Read More »