malicious
-
Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal Tokens
On Friday, November 7th, Veracode Threat Research discovered a dangerous typosquatting campaign targeting developers using GitHub Actions. The malicious npm…
Read More » -
AppleScript Used to Deliver macOS Malware Disguised as Zoom & Teams Updates
Since Apple removed the popular “right-click and open” Gatekeeper override in August 2024, threat actors have shifted their tactics to…
Read More » -
Herodotus Android Banking Trojan Takes Over Devices, Outsmarts Security Tools
A new threat has surfaced in the mobile banking landscape Herodotus, a sophisticated Android banking Trojan that has been wreaking…
Read More » -
New Microsoft Teams Feature Exposes Users to Phishing and Malware Risks
Microsoft is poised to roll out a significant update to Teams, enabling users to initiate chats with anyone using just…
Read More » -
AI-Powered Cyber Threats Rise: Attackers Target Manufacturing Sector
A comprehensive new report reveals that manufacturing organizations are grappling with a dual challenge: rapidly adopting generative AI technologies while…
Read More » -
German ISP aurologic GmbH Identified as Key Hub for Malicious Hosting Infrastructure
German hosting provider aurologic GmbH has emerged as a critical hub within the global malicious infrastructure ecosystem, according to recent…
Read More » -
HTTP/2 ‘MadeYouReset’ Vulnerability Enable Denial-of-Service (DoS) Attacks
A critical vulnerability discovered across numerous HTTP/2 implementations has exposed a dangerous protocol-level vulnerability that enables threat actors to orchestrate…
Read More » -
Multiple Django Flaws Could Allow SQL Injection and Denial-of-Service Attacks
The Django development team has released critical security patches addressing two significant vulnerabilities that could expose applications to denial-of-service attacks…
Read More » -
Hackers Exploit AI Tools to Intensify Ransomware Attacks on European Organizations
European organizations are facing an unprecedented surge in ransomware attacks as cybercriminals increasingly adopt artificial intelligence and sophisticated social engineering…
Read More » -
Bob Flores, Former CTO of the CIA, Joins Brinker
Delaware, United States, November 4th, 2025, CyberNewsWire Brinker, the narrative intelligence company dedicated to combating disinformation and influence campaigns, announced…
Read More » -
Tactics Targeting M365 and Gmail
The Tycoon 2FA phishing kit represents one of the most sophisticated threats targeting enterprise environments today. This Phishing-as-a-Service (PhaaS) platform,…
Read More » -
Open VSX Registry Responds to Leaked Tokens and Malicious Extension Incident
The Open VSX team and Eclipse Foundation have addressed a significant security incident involving leaked authentication tokens and malicious extensions…
Read More » -
Hackers Actively Scanning TCP Ports 8530/8531 for WSUS CVE-2025-59287
Security researchers at the SANS Internet Storm Center have detected a significant spike in suspicious network traffic targeting Windows Server…
Read More » -
Cisco IOS XE Vulnerability Being Abused in the Wild to Plant BADCANDY
Cybersecurity authorities are raising urgent alarms as threat actors continue to exploit a critical vulnerability in Cisco IOS XE devices,…
Read More » -
CISA Alerts on Linux Kernel Vulnerability Exploited in Ransomware Attacks
The U.S. Cybersecurity and Infrastructure Security Agency has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog,…
Read More » -
Hackers Hide SSH–Tor Backdoor Inside Weaponized Military Documents
In October 2025, cybersecurity researchers at Cyble Research and Intelligence Labs (CRIL) uncovered a sophisticated malware campaign distributing weaponized ZIP…
Read More »