web

December 11, 2025

New “Spiderman” Phishing Kit Lets Hackers Build Fake Bank Login Pages Instantly

A new and sophisticated phishing toolkit, known as “Spiderman,” has been identified as a significant threat to European banking customers.…
Read More »
December 11, 2025

High-Risk Ivanti EPM Vulnerability Opens Door to Admin Session Hijacking

A critical stored cross-site scripting (XSS) vulnerability has been discovered in Ivanti Endpoint Manager (EPM), allowing unauthenticated attackers to hijack…
Read More »
December 11, 2025

AI-Powered Analysis Exposes Massive 5,000-Domain Chinese Malware Operation

DomainTools Investigations has uncovered critical findings regarding the expansion of a massive malware-delivery network targeting Chinese-speaking users worldwide, which has…
Read More »
December 7, 2025

Beyond CVEs – Turning Visibility into Action with ASM

Torrance, California, USA, December 5th, 2025, CyberNewsWire Criminal IP will host a live webinar on December 16 at 11:00 AM…
Read More »
December 7, 2025

FvncBot Android Malware Steals Keystrokes and Injects Harmful Payloads

A newly discovered Android banking trojan, FvncBot, has emerged as a sophisticated threat targeting mobile banking users in Poland. Researchers…
Read More »
December 7, 2025

Barts Health NHS Reveals Data Breach Linked to Oracle Zero-Day Exploited by Clop Ransomware

Barts Health NHS Trust has disclosed a significant data breach affecting patient and staff information after the Cl0p ransomware gang…
Read More »
December 6, 2025

2.15M Next.js Web Services Exposed Online, Active Attacks Reported

Security teams worldwide are rushing to patch systems after the disclosure of a critical React vulnerability, CVE-2025-55182, widely known as…
Read More »
December 5, 2025

CISA, NSA Alert on BRICKSTORM Malware Targeting VMware ESXi and Windows Systems

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), joined by Canadian cyber authorities, have issued…
Read More »
December 5, 2025

Corporate Users 3x More Likely Targeted by Phishing Than Malware – SpyCloud Report

Austin, TX, USA, December 4th, 2025, CyberNewsWire Phishing has surged 400% year-over-year, highlighting need for real-time visibility into identity exposures.…
Read More »
December 4, 2025

New Scanner Released to Detect Exposed ReactJS and Next.js RSC Endpoints (CVE-2025-55182)

Security researchers have released a specialized scanning tool to identify vulnerable React Server Component (RSC) endpoints in modern web applications,…
Read More »
November 28, 2025

Cybercriminals Register 18,000 Holiday-Themed Domains to Launch Seasonal Scams

The holiday season has always been a magnet for increased online activity, but 2025 marks a new high-water mark in…
Read More »
November 28, 2025

Microsoft Blocks External Scripts in Entra ID Logins to Boost Security

Microsoft has announced a significant security change to the Microsoft Entra ID sign-in experience that will block external scripts from…
Read More »
November 28, 2025

Quttera Launches “Evidence-as-Code” API to Automate Security Compliance for SOC 2 and PCI DSS v4.0

New API capabilities and AI-powered Threat Encyclopedia eliminate manual audit preparation, providing real-time compliance evidence and instant threat intelligence Quttera…
Read More »
November 27, 2025

ByteToBreach Offers Stolen Global Airline, Banking, and Government Records

A cybercriminal operating under the alias ByteToBreach has emerged as a prominent figure in the underground data trade, orchestrating a…
Read More »
November 26, 2025

Chrome Extension Malware Secretly Adds Hidden SOL Fees to Solana Swap Transactions

Security researchers at Socket have uncovered a deceptive Chrome extension called Crypto Copilot that masquerades as a legitimate Solana trading…
Read More »
November 26, 2025

A Novel Exploit Leveraging URL Fragments To Deceive AI Browsers

Security researchers at Cato CTRL have uncovered HashJack. This innovative indirect prompt-injection attack hides harmful commands in the fragment portion…
Read More »
November 24, 2025

Metasploit Releases New Exploit for Fresh FortiWeb 0-Day Vulnerabilities

Rapid7’s Metasploit team has released a new exploit module targeting critical zero-day vulnerabilities in Fortinet’s FortiWeb web application firewall, chaining…
Read More »
November 22, 2025

AI-Driven Obfuscated Malicious Apps Bypassing Antivirus Detection to Deliver Malicious Payloads

Cybersecurity researchers have identified a sophisticated malware campaign leveraging artificial intelligence to enhance obfuscation techniques, enabling malicious applications to circumvent…
Read More »
November 14, 2025

Cisco Catalyst Center Vulnerability Allows Attackers to Escalate Privileges

A critical security vulnerability has been identified in the Cisco Catalyst Center Virtual Appliance that could enable authenticated, remote attackers…
Read More »
November 14, 2025

Analysis of Multi-Stage Phishing Kits Leveraging Telegram for Credential Theft and Evasion Techniques

Researchers at Group-IB have uncovered a sophisticated phishing framework that demonstrates how cybercriminals are industrializing credential theft through automation, evasion…
Read More »

Previous page Next page