Cyber Security News

A critical cross-site scripting (XSS) vulnerability has been discovered in the popular LiteSpeed Cache plugin for WordPress, affecting millions of websites worldwide. The vulnerability, tracked as CVE-2025-12450, poses a significant risk to site visitors and administrators alike. The LiteSpeed Cache plugin is one of the most widely used performance optimization tools in the WordPress ecosystem, […]

The post WordPress Plugin Vulnerability Exposes 7 Million Sites to XSS Attack appeared first on Cyber Security News.

A new open-source tool called HikvisionExploiter has emerged, designed to automate attacks on vulnerable Hikvision IP cameras. Released on GitHub in mid-2024 but gaining renewed attention amid 2025’s surge in camera exploits, this Python-based utility targets unauthenticated endpoints in cameras running outdated firmware, such as version 3.1.3.150324. Developed for researchers and red teamers, it streamlines […]

The post Hikvision Exploiter – An Automated Exploitation Toolkit Targeting Hikvision IP Cameras appeared first on Cyber Security News.

The npm ecosystem faces a sophisticated new threat as ten malicious packages have emerged, each designed to automatically execute during installation and deploy a comprehensive credential harvesting operation. This attack campaign represents a significant evolution in supply chain compromises, combining multiple layers of obfuscation with cross-platform compatibility to target developers across Windows, Linux, and macOS […]

The post 10 Malicious npm Packages with Auto-Run Feature on Install Deploys Multi-Stage Credential Harvester appeared first on Cyber Security News.

Google has announced a significant security initiative that will fundamentally change how Chrome handles unsecured web connections. Beginning with Chrome 154’s release in October 2026, the browser will enable the “Always Use Secure Connections” feature by default, requiring users to approve access to any public website lacking HTTPS encryption before proceeding. This strategic shift represents […]

The post Chrome to Alert Users “Always Use Secure Connections” While Opening Public HTTP Sites appeared first on Cyber Security News.

A persistent vulnerability related to DLL hijacking has been identified in the Narrator accessibility tool, which has been a significant concern over time. This flaw allows malicious actors to exploit the tool, potentially compromising the security of systems that rely on it for accessibility features. Noted initially in reports dating back to 2013 by expert […]

The post Windows Accessibility Flaw Allows Stealthy Persistence and Lateral Movement via Narrator DLL Hijack appeared first on Cyber Security News.

CISA has added two critical vulnerabilities affecting Dassault Systèmes DELMIA Apriso to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting these security flaws in real-world attacks. The alert, issued on October 28, 2025, requires federal agencies to implement mitigations by November 18, 2025, while urging all organizations using the affected software […]

The post CISA Warns of Dassault Systèmes Vulnerabilities Actively Exploited in Attacks appeared first on Cyber Security News.

A threat actor has claimed responsibility for breaching HSBC USA, alleging possession of a vast database containing sensitive customer personal identifiable information (PII) and financial details. The hacker posted screenshots and data samples on a dark web leak forum, asserting the breach involved coordinated efforts to extract records from the bank’s systems. This incident, reported […]

The post Hackers Allegedly Claim Breach Of HSBC USA Customers’ Records Including Financial Details appeared first on Cyber Security News.

A vulnerability in Google Messages on Wear OS devices allows any installed app to silently send SMS, MMS, or RCS messages on behalf of the user. Dubbed CVE-2025-12080, the issue stems from improper handling of ACTION_SENDTO intents using URI schemes like sms:, smsto:, mms:, and mmsto:. This misconfiguration bypasses user confirmation and permission checks, enabling […]

The post Google Wear OS Message App Vulnerability Let Any Installed App To Send SMS Behalf Of User appeared first on Cyber Security News.

The Beast ransomware group has emerged as a significant threat in the cybersecurity landscape, evolving from the Monster ransomware strain to establish itself as a formidable Ransomware-as-a-Service operation. Officially launched in February 2025, the group rapidly expanded their infrastructure by deploying a Tor-based data leak site in July, solidifying their presence in the underground ransomware […]

The post New Beast Ransomware Actively Scans for Active SMB Port from Breached System to Spread Across Network appeared first on Cyber Security News.

Australia’s competition regulator has filed legal proceedings against Microsoft for allegedly misleading approximately 2.7 million Australian consumers regarding subscription options and pricing for Microsoft 365 plans. The Australian Competition and Consumer Commission claims that Microsoft deliberately concealed the availability of cheaper alternative plans when integrating its AI assistant Copilot into subscription offerings. The core of […]

The post Microsoft Sued for Allegedly Misleading Millions to Subscribe for Microsoft 365 Subscriptions appeared first on Cyber Security News.

A critical vulnerability in Magento, the popular e-commerce platform, is now rebranded as Adobe Commerce. Dubbed SessionReaper and tracked as CVE-2025-54236, this improper input validation flaw allows attackers to hijack user sessions and, in some cases, execute malicious code remotely. The discovery highlights the ongoing risks to online retailers, with over 250 Magento stores reportedly […]

The post Magento Input Validation Vulnerability Exploited In Wild To Hijack Session And Execute Malicious Codes appeared first on Cyber Security News.

Microsoft has issued a critical security update for ASP.NET Core to address CVE-2025-55315, a high-severity flaw that enables HTTP request smuggling and could allow attackers to bypass key security controls. Disclosed on October 14, 2025, this vulnerability has a CVSS v3.1 score of 9.9, making it one of the most severe issues ever reported in […]

The post Microsoft Details ASP.NET Vulnerability That Enables Attackers To Smuggle HTTP Requests appeared first on Cyber Security News.

Docker Compose, a cornerstone tool for developers managing containerized application harbors a high-severity vulnerability that lets attackers overwrite files anywhere on a host system. Discovered in early October 2025 by Imperva, the issue stems from improper handling of remote artifacts in Docker’s OCI support, enabling path traversal attacks without even launching containers. Assigned CVE-2025-62725 with […]

The post Docker Compose Vulnerability Allow Attacks To Overwrite Arbitrary Files appeared first on Cyber Security News.

A sophisticated information-stealing malware named Anivia Stealer has emerged on underground forums, marketed by a threat actor known as ZeroTrace. The malware represents a dangerous evolution in credential theft operations, specifically designed to compromise Windows systems from legacy XP installations through the latest Windows 11 environments. Built using C++17, Anivia Stealer incorporates advanced evasion techniques […]

The post Threat Actors Advertising Anivia Stealer Malware on Dark Web bypassing UAC Controls appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated phishing campaign that combines two emerging attack techniques to bypass conventional security defenses. The hybrid approach merges FileFix social engineering tactics with cache smuggling to deliver malware payloads without triggering network-based detection systems. This evolution represents a significant shift in how threat actors are circumventing endpoint detection and response […]

The post Threat Actors Merging FileFix and Cache Smuggling Attacks to Evade Security Controls appeared first on Cyber Security News.

A sophisticated Android banking trojan dubbed GhostGrab has emerged in the threat landscape, targeting financial institutions across multiple regions with advanced credential theft capabilities. The malware operates silently on infected devices, harvesting sensitive banking credentials while intercepting one-time passwords through SMS messages. Security teams have observed active campaigns distributing GhostGrab through compromised application stores and […]

The post New GhostGrab Android Malware Silently Steals Banking Login Details and Intercept SMS for OTPs appeared first on Cyber Security News.

The BlueNoroff threat group, also tracked as Sapphire Sleet, APT38, and TA444, has significantly evolved its targeting capabilities with sophisticated new infiltration strategies designed specifically to compromise C-level executives and senior managers within the Web3 and blockchain sectors. The group, historically focused on financial gain through cryptocurrency theft, has unveiled two coordinated campaigns dubbed GhostCall […]

The post BlueNoroff Hackers Adopts New Infiltration Strategies To Attack C-Level Executives, and Managers appeared first on Cyber Security News.

Mozilla is implementing a significant transparency requirement for Firefox extensions, mandating that all new browser add-ons disclose their data collection practices to users before installation. Starting November 3rd, 2025, developers submitting fresh extensions to the Firefox ecosystem must declare whether their software collects or transmits personal data through a new standardized framework embedded in the […]

The post Mozilla Wants All New Firefox Extensions to Disclose Data Collection Policies appeared first on Cyber Security News.

A critical remote code execution (RCE) flaw in XWiki, a popular open-source wiki platform, was exploited in the wild to deploy cryptocurrency mining malware on compromised servers. The vulnerability, tracked as CVE-2025-24893, allows unauthenticated attackers to inject malicious templates and execute arbitrary code, bypassing authentication entirely. This discovery highlights the growing threat to web applications, […]

The post XWiki RCE Vulnerability Actively Exploted In Wild To Deliver Coinminer appeared first on Cyber Security News.

Organizations today face constant threats from malware, including ransomware, phishing attacks, and zero-day exploits. These threats are evolving faster than ever. Threat intelligence feeds emerge as a game-changer, delivering real-time, actionable data that empowers security teams to detect and neutralize attacks before they cause widespread damage. These feeds aggregate indicators of compromise such as IP […]

The post How Threat Intelligence Feeds Help Organizations Quickly Mitigate Malware Attacks appeared first on Cyber Security News.