Cyber Security News

Over the past several years, a concerted campaign by Chinese state-sponsored Advanced Persistent Threat (APT) groups has exploited critical vulnerabilities in enterprise-grade routers to establish long-term footholds within global telecommunications and government networks. These actors, often identified under monikers such as Salt Typhoon and OPERATOR PANDA, have systematically targeted provider edge (PE) and customer edge […]

The post Chinese APT Hackers Exploit Router Vulnerabilities to Infiltrate Enterprise Environments appeared first on Cyber Security News.

A sophisticated phishing campaign targeting PayPal’s massive user base has emerged, utilizing deceptive “Set up your account profile” emails to compromise user accounts through an ingenious secondary user addition scheme. The attack leverages advanced email spoofing techniques and psychological manipulation tactics to bypass traditional security awareness measures, representing a significant evolution in financial fraud methodologies. […]

The post Threat Actors Attack PayPal Users in New Account Profile Set up Scam appeared first on Cyber Security News.

Emerging quietly in mid-2025, the XWorm backdoor has evolved into a deceptively sophisticated threat that preys on both user confidence and system conventions. Initial reports surfaced when organizations noted a sudden uptick in obscure .lnk-based phishing emails masquerading as benign documents. Security teams quickly observed that these shortcuts triggered hidden PowerShell routines rather than opening […]

The post XWorm Malware With New Infection Chain Evade Detection Exploiting User and System Trust appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a critical vulnerability in the artificial intelligence supply chain that enables attackers to achieve remote code execution across major cloud platforms including Microsoft Azure AI Foundry, Google Vertex AI, and thousands of open-source projects. The newly discovered attack method, termed “Model Namespace Reuse,” exploits a fundamental flaw in how AI platforms […]

The post New Namespace Reuse Vulnerability Allows Remote Code Execution in Microsoft Azure AI, Google Vertex AI, and Hugging Face appeared first on Cyber Security News.

The discovery of three improperly issued TLS certificates for 1.1.1.1, the popular public DNS service from Cloudflare, and the Asia Pacific Network Information Centre (APNIC). The certificates, which were issued in May 2025, could allow attackers to intercept and decrypt encrypted DNS lookups, potentially exposing users’ browsing habits. The existence of the unauthorized certificates was […]

The post Mis-issued TLS Certificates for 1.1.1.1 DNS Service Enable Attackers to Decrypt Traffic appeared first on Cyber Security News.

A comprehensive security investigation has uncovered a disturbing reality in the artificial intelligence infrastructure landscape: more than 1,100 instances of Ollama, a popular framework for running large language models locally, have been discovered exposed directly to the internet. This widespread exposure represents a significant security breach that affects organizations across multiple countries and continents. The […]

The post 1,100 Ollama AI Servers Exposed to Internet With 20% of Them are Vulnerable appeared first on Cyber Security News.

A sophisticated new ransomware strain known as Dire Wolf has emerged as a significant threat to organizations worldwide, combining advanced encryption techniques with destructive anti-recovery capabilities. The malware group first appeared in May 2025 and has since targeted 16 organizations across diverse industries including manufacturing, IT, construction, and finance in regions spanning Asia, Australia, Italy, […]

The post New Dire Wolf Ransomware Attack Windows Systems, Deletes Event Logs and Backup-Related Data appeared first on Cyber Security News.

A critical security vulnerability affecting Apache DolphinScheduler’s default permission system has been identified and patched, prompting urgent update recommendations from the Apache Software Foundation. The vulnerability, which stems from overly permissive default configurations in the popular workflow scheduling platform, allows unauthorized users to execute arbitrary workflows and access sensitive system resources without proper authentication controls. […]

The post Apache DolphinScheduler Default Permissions Vulnerability Fixed – Update Now appeared first on Cyber Security News.

The U.S. District Court for the District of Columbia has ordered Google to share critical search data with competitors while allowing the tech giant to retain ownership of its Chrome browser. The decision, announced Tuesday by the Department of Justice’s Antitrust Division, represents a significant victory in the government’s ongoing battle against Google’s search monopoly […]

The post Google Won’t Be Forced to Sell Chrome, But Must Share Search Data With Rivals appeared first on Cyber Security News.

A sophisticated backdoor linked to the notorious Russian cyber-espionage group APT28 allows attackers to exfiltrate data, upload files, and execute commands on compromised computers. The new, sophisticated backdoor targets Microsoft Outlook, which allows threat actors to steal data and take control of a victim’s machine. The malware, dubbed “NotDoor,” has been attributed to the Russian […]

The post New ‘NotDoor’ Malware Attacks Outlook Users to Exfiltrate Data and Compromise Computers appeared first on Cyber Security News.

A sophisticated new backdoor malware has emerged from the shadows, operating undetected for over 20 months while infiltrating networks through an ingenious dual-mode activation system. Initially discovered masquerading as a Mirai variant, MystRodX represents a significant evolution in stealth malware design, utilizing DNS queries and ICMP packets as covert communication channels to evade traditional security […]

The post MystRodX Leveraging DNS and ICMP to Steal Sensitive Data From Hacked Systems appeared first on Cyber Security News.

A sophisticated phishing operation has been running undetected for over three years across Google Cloud and Cloudflare infrastructure, impersonating major corporations including defense contractor Lockheed Martin. The campaign, which utilized advanced cloaking techniques and compromised expired domains, demonstrates a concerning failure in detection capabilities by two of the internet’s largest service providers. The operation began […]

The post Phishing Campaign Went Undetected for Over 3 Years on Google Cloud and Cloudflare appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory warning about a critical vulnerability in SunPower PVS6 solar power devices that could allow attackers to gain complete control over the systems. The flaw, tracked as CVE-2025-9696, stems from the use of hardcoded credentials in the device’s BluetoothLE interface, presenting a significant threat […]

The post CISA Warns of Critical SunPower Device Vulnerability Let Attackers Gain Full Device Access appeared first on Cyber Security News.

Binance, the world’s largest cryptocurrency exchange by volume, continues to hit new milestones, with regards to the platform’s active user base. For example, Binance recently hit the 275 million registered users milestone. However, where Binance may be really knocking it out of the park, in terms of hitting userbase milestones, may be with the company’s […]

The post Binance Hits 100M+ App Downloads: A Milestone Powering Crypto’s Global Reach appeared first on Cyber Security News.

Phishing has moved far beyond suspicious links. Today, attackers hide inside the files employees trust most; PDFs. On the surface, they look like invoices, contracts, or reports. But once opened, these documents can trigger hidden scripts, redirect to fake login pages, or quietly steal credentials. The danger lies in how convincing they are. PDFs often […]

The post Attackers Are Abusing Malicious PDFs: Here’s How to Spot Them Early appeared first on Cyber Security News.

A sophisticated new Python-based information stealer has emerged in the cybersecurity landscape, demonstrating advanced capabilities for data exfiltration through Discord channels. The malware, identified as “Inf0s3c Stealer,” represents a significant evolution in the realm of data theft tools, combining traditional system reconnaissance techniques with modern communication platforms to avoid detection while efficiently harvesting sensitive information […]

The post New Stealthy Python Malware Leverages Discord to Steal Data From Windows Machines appeared first on Cyber Security News.

Cybersecurity researchers began detecting an alarming surge in early April 2025 in UDP flood traffic emanating from compromised network video recorders (NVRs) and other edge devices. Within milliseconds of infection, these devices were weaponized to direct overwhelming volumes of packets at unsuspecting targets, leading to service disruptions and massive bandwidth consumption. Bitsight analysts identified this […]

The post RapperBot Hijacking Devices to Launch DDoS Attack In a Split Second appeared first on Cyber Security News.

PagerDuty, a leader in digital operations management, has confirmed a security incident that resulted in unauthorized access to some of its data stored in Salesforce. The company stated that no PagerDuty platform credentials were compromised and that the breach resulted from a vulnerability in a third-party application, Salesloft Drift. The incident’s timeline began on August […]

The post PagerDuty Confirms Data Breach After Third-Party App Vulnerability Exposes Salesforce Data appeared first on Cyber Security News.

OpenAI announced today its definitive agreement to acquire Statsig, a product experimentation and analytics platform, for $1.1 billion. The acquisition is a key move by the leader in artificial intelligence. It aims to add strong data tools to its system. This will help speed up the creation and launch of AI-based products. Statsig, founded in […]

The post OpenAI Set to Acquire Analytics Platform Statsig in $1.1 Billion Agreement appeared first on Cyber Security News.

Google has officially promoted Chrome 140 to the stable channel, initiating a multi-platform rollout for Windows, Mac, Linux, Android, and iOS. The update brings the usual stability and performance improvements, but the headline feature is a critical security patch addressing six vulnerabilities, including one high-severity flaw that could allow for remote code execution. Users are […]

The post Chrome 140 Released With Fix For Six Vulnerabilities that Enable Remote Code Execution Attacks appeared first on Cyber Security News.