Cyber Security News

A surge in attacks exploiting iCalendar (.ics) files as a sophisticated threat vector that bypasses traditional email security defenses. These attacks leverage the trusted, plain-text nature of calendar invitations to deliver credential phishing campaigns, malware payloads, and zero-day exploits. Over the past year, calendar-based phishing has emerged as the third most common email social engineering […]

The post Hackers Weaponizing Calendar Files as New Attack Vector Bypassing Traditional Email Defenses appeared first on Cyber Security News.

A sophisticated supply chain attack has emerged, targeting industrial control systems through compromised .NET packages. The threat landscape shifted on November 5, 2025, when researchers identified nine malicious NuGet packages designed to inject destructive payloads into critical infrastructure environments. Published under the NuGet alias shanhai666 between 2023 and 2024, these packages accumulated nearly 9,500 downloads […]

The post Weaponized NuGet Packages Inject Time-Delayed Destructive Payloads to Attack ICS Systems appeared first on Cyber Security News.

A security vulnerability has been discovered in Zoom Workplace VDI Client for Windows that could allow attackers to gain elevated privileges on affected systems. The flaw, tracked as CVE-2025-64740, has been assigned a high severity rating with a CVSS score of 7.5, according to Zoom’s security bulletin ZSB-25042. The vulnerability stems from improper verification of […]

The post Zoom Workplace for Windows Vulnerability Allow Users to Escalate Privilege appeared first on Cyber Security News.

A critical vulnerability in Devolutions Server could allow attackers with low-level access to impersonate other user accounts by exploiting how the application handles authentication cookies before multi-factor authentication is completed. The security flaw, tracked as CVE-2025-12485, stems from improper privilege management during pre-MFA cookie handling. When users log in to Devolutions Server, the application generates temporary […]

The post Devolutions Server Vulnerability Let Attackers Impersonate Users Using Pre-MFA Cookie appeared first on Cyber Security News.

Cybercriminals are increasingly targeting websites to inject malicious links and boost their search engine optimization rankings through sophisticated blackhat SEO tactics. This campaign primarily focuses on online casino spam, which has become the most prevalent type of spam content affecting compromised websites. Attackers exploit vulnerabilities in WordPress installations to insert spam content promoting online casinos, […]

The post Threat Actors Actively Hacking Websites to Inject Malicious Links and Boost their SEO appeared first on Cyber Security News.

Francesco Nicodemo, a prominent political communications strategist and former Democratic Party communications director, has been identified as a new target in the expanding Paragon spyware surveillance campaign. The revelation marks a concerning escalation in the scope of sophisticated digital espionage operations targeting political figures in Italy. Nicodemo, who currently leads the communications agency Lievito, discovered […]

The post Italian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance Case appeared first on Cyber Security News.

The construction industry has emerged as a lucrative target for advanced persistent threat groups and organized cybercriminal networks seeking unauthorized access to corporate systems. State-sponsored APT groups from China, Russia, Iran, and North Korea are increasingly focusing their operations on the building and construction sector, exploiting the industry’s rapid digital transformation and heavy reliance on […]

The post APT Groups Attacking Construction Industry Networks to Steal RDP, SSH and Citrix Logins appeared first on Cyber Security News.

In early November 2025, Knownsec, one of China’s largest cybersecurity firms with direct government ties, experienced a catastrophic data breach that exposed over 12,000 classified documents. The incident revealed the scale and sophistication of state-sponsored cyber operations, including detailed information about cyber weapons, internal hacking tools, and a comprehensive global surveillance target list. This breach […]

The post Chinese Cybersecurity Firm Data Breach Exposes State-Sponsored Hackers Cyber Weapons and Target List appeared first on Cyber Security News.

The Open Web Application Security Project (OWASP) has unveiled the 2025 edition of its flagship OWASP Top 10 2025, marking the eighth installment and introducing significant updates to address evolving software security threats. Released on November 6, 2025, this revised version incorporates community survey input and expanded data analysis, highlighting two new categories while consolidating […]

The post OWASP Top 10 2025 – Revised Version Released With Two New Categories appeared first on Cyber Security News.

Menlo Park, CA, USA, November 10th, 2025, CyberNewsWire AccuKnox, a leader in Zero Trust Cloud-Native Application Protection Platforms (CNAPP), announced a strategic partnership with Incident Response Team SA DE CV (ShieldForce) and DeepRoot Technologies, a global cybersecurity service provider and managed services partner, to accelerate Zero Trust adoption and AI Security innovation across Mexico and parts […]

The post Incident Response Team (ShieldForce) Partners with AccuKnox for Zero Trust CNAPP in Latin America appeared first on Cyber Security News.

A critical security flaw has been discovered in the widely used npm package expr-eval, potentially exposing AI and natural language processing applications to remote code execution attacks. The vulnerability, tracked as CVE-2025-12735, allows attackers to execute arbitrary system commands through maliciously crafted input. The expr-eval library is a JavaScript tool designed to parse and evaluate mathematical […]

The post Critical Vulnerability in Popular NPM Library Exposes AI and NLP Apps to Remote Code Execution appeared first on Cyber Security News.

A critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization system. The flaw CVE-2025-64439 affects versions of langgraph-checkpoint before 3.0. It allows attackers to execute arbitrary Python code when untrusted data is deserialized. The vulnerability resides in LangGraph’s JsonPlusSerializer, the default serialization protocol used for checkpoint persistence. When the serializer encounters illegal […]

The post LangGraph Vulnerability Allows Malicious Python Code Execution During Deserialization appeared first on Cyber Security News.

Intel has filed a federal lawsuit against a former employee accused of downloading thousands of classified documents shortly after being terminated, raising serious concerns about corporate data security and insider threats. Jinfeng Luo, a software developer who has worked at Intel since 2014, was based in Seattle when the company notified him of his pending […]

The post Fired Intel Engineer Stolen 18,000 Files, Many of which Were Classified as “Top Secret” appeared first on Cyber Security News.

The manufacturing sector faces an escalating threat landscape as cybercriminals increasingly exploit cloud-based platforms and artificial intelligence services to conduct sophisticated attacks. A comprehensive analysis by Netskope Threat Labs reveals that approximately 22 out of every 10,000 manufacturing users encounter malicious content monthly, marking a significant rise in targeted campaigns specifically designed to compromise industrial […]

The post New Report Warns of Threat Actors Actively Adopting AI Platforms to Attack Manufacturing Companies appeared first on Cyber Security News.

HackGPT Enterprise is a new tool made for security teams focuses on being scalable and compliant, meeting the growing need for effective vulnerability assessments. The platform supports multi-model AI, including OpenAI’s GPT-4 and local LLMs like Ollama, enabling pattern recognition, anomaly detection, and zero-day vulnerability discovery. Developed by Yashab Alam, this cloud-native platform integrates advanced […]

The post HackGPT: AI-Powered Penetration Testing Platform Includes GPT-4 and Other AI Engines appeared first on Cyber Security News.

Welcome to this week’s edition of the Cybersecurity News Weekly Newsletter, where we dissect the latest threats shaking the digital landscape. As cyber risks evolve faster than ever, staying ahead means understanding the exploits that could target your devices, networks, and data. This roundup spotlights zero-day vulnerabilities in Android and Cisco systems, critical flaws in […]

The post Cybersecurity News Weekly Newsletter – Android and Cisco 0-Day, Teams Flaws, HackedGPT, and Whisper Leak appeared first on Cyber Security News.

A sophisticated side-channel attack that exposes the topics of conversations with AI chatbots, even when traffic is protected by end-to-end encryption. Dubbed “Whisper Leak,” this vulnerability allows eavesdroppers such as nation-state actors, ISPs, or Wi-Fi snoopers to infer sensitive prompt details from network packet sizes and timings. The discovery highlights growing privacy risks as AI […]

The post New Whisper Leak Toolkit Exposes User Prompts to Popular AI Agents within Encrypted Traffic appeared first on Cyber Security News.

QNAP has addressed seven critical zero-day vulnerabilities in its network-attached storage (NAS) operating systems, following their successful exploitation by security researchers at Pwn2Own Ireland 2025. These flaws, identified as CVE-2025-62847, CVE-2025-62848, CVE-2025-62849, and associated ZDI canonical entries ZDI-CAN-28353, ZDI-CAN-28435, ZDI-CAN-28436, enable remote code execution (RCE) and privilege escalation attacks against QTS 5.2.x, QuTS hero h5.2.x, […]

The post Seven QNAP Zero-Day Vulnerabilities Exploited at Pwn2Own 2025 Now Patched appeared first on Cyber Security News.

Scammers are targeting businesses with a new extortion scheme, and Google Maps is fighting back with a dedicated reporting tool. Google has introduced a feature that allows business owners to report ransom demands directly to malicious actors who threaten them with fake negative reviews. Cybercriminals have developed a sophisticated plan to extort money from businesses […]

The post Google Maps Adds Feature for Businesses to Report Ransom Demands Over Reviews appeared first on Cyber Security News.

A sophisticated spyware operation targeting Samsung Galaxy devices, dubbed LANDFALL, which exploited a zero-day vulnerability to infiltrate phones through seemingly innocuous images shared on WhatsApp. This campaign, active since mid-2024, allowed attackers to deploy commercial-grade Android malware capable of full device surveillance without user interaction. The discovery underscores ongoing threats from state-linked surveillance tools in […]

The post Hackers Hijack Samsung Galaxy Phones via 0-Day Exploit Using a Single WhatsApp Image appeared first on Cyber Security News.