Cyber Security News

A new report from FortiGuard Labs reveals that Chinese hackers are actively targeting Linux devices with a sophisticated SSH backdoor dubbed ELF/Sshdinjector.A!tr. This malware, attributed to the DaggerFly espionage group, has been used in the Lunar Peek campaign since mid-November 2024, primarily targeting network appliances and IoT devices. The attack involves several malicious components working […]

The post Chinese Hackers Attacking Linux Devices With New SSH Backdoor appeared first on Cyber Security News.

IBM has released critical security updates addressing multiple vulnerabilities in its Cloud Pak for Business Automation software.  These vulnerabilities, if exploited, could allow attackers to access sensitive data, disrupt operations, or compromise system integrity. The fixes are part of the latest interim fixes (iFixes) for versions 21.0.3 and 24.0.0. The vulnerabilities affect several components within […]

The post Multiple IBM Cloud Pak Vulnerabilities Let Attackers Execute Remote Code appeared first on Cyber Security News.

Aembit, the non-human identity and access management (IAM) company, today announced that Michael Trites has joined the company as senior vice president of global sales. In this role, Trites will lead Aembit’s global sales strategy, driving adoption of its industry-first Workload IAM Platform. Trites brings over two decades of experience scaling sales organizations at high-growth […]

The post Michael Trites Joins Aembit as Senior Vice President of Global Sales appeared first on Cyber Security News.

A critical vulnerability in Apple’s macOS kernel (XNU), tracked as CVE-2025-24118, has been disclosed, potentially allowing attackers to escalate privileges, corrupt memory, and even execute kernel-level code.  The flaw, affecting macOS Sonoma versions earlier than 14.7.3, macOS Sequoia versions earlier than 15.3, and iPadOS versions earlier than 17.7.4, was discovered by Joseph Ravichandran (@0xjprx), a […]

The post Apple’s macOS Kernel Vulnerability Let Attackers Escalate Privileges – PoC Released appeared first on Cyber Security News.

Sophos, a global leader in cybersecurity solutions, has finalized its acquisition of SecureWorks, a prominent managed security services provider, in an all-cash transaction valued at $859 million.  Sophos is now the top pure-play provider of Managed Detection and Response (MDR) services, serving more than 28,000 businesses worldwide due to this strategic approach. The acquisition brings […]

The post Sophos Acquires Secureworks for $859 Million appeared first on Cyber Security News.

In an impressive demonstration of cost-effective AI research, a group of researchers has successfully replicated DeepSeek’s R1-Zero model for just $30. Dubbed TinyZero, this project focuses on countdown and multiplication tasks, leveraging reinforcement learning (RL) to enable a 3-billion-parameter (3B) base language model (LM) to develop self-verification and search abilities autonomously. Built on the veRL […]

The post TinyZero – Researchers Replicated DeepSeek’s R1-Zero Model for Just $30 appeared first on Cyber Security News.

The eSentire Threat Response Unit (TRU) revealed that threat actors are actively exploiting a six-year-old IIS vulnerability in Progress Telerik UI for ASP.NET AJAX to gain remote access to systems. This vulnerability, identified as CVE-2019-18935, allows attackers to execute arbitrary code on vulnerable servers, posing a significant risk to organizations that have not updated their […]

The post Hackers Exploiting A Six-Year-Old IIS Vulnerability To Gain Remote Access appeared first on Cyber Security News.

A critical security vulnerability has been identified in nearly all Microsoft Sysinternals tools, presenting a significant risk to IT administrators and developers who rely on these utilities for system analysis and troubleshooting. This vulnerability, outlining how attackers can exploit DLL injection techniques to execute malicious code, has been meticulously researched, verified, and demonstrated in a […]

The post 0-Day Vulnerabilities in Microsoft Sysinternals Tools Allow Attackers To Launch DLL Injection Attacks on Windows appeared first on Cyber Security News.

A critical vulnerability, identified as CVE-2025-23114, has been discovered in the Veeam Updater component, a key element of multiple Veeam backup solutions.  This flaw enables attackers to execute arbitrary code on affected servers through a Man-in-the-Middle (MitM) attack, potentially granting root-level permissions.  The vulnerability has been assigned a severity score of 9.0, underscoring its significant […]

The post Critical Veeam Backup Vulnerability Let Attackers Execute Arbitrary Code to Gain Root Access appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with international cybersecurity authorities, has issued comprehensive guidance aimed at securing network edge devices.  These devices, which include firewalls, routers, VPN gateways, Internet of Things (IoT) devices, internet-facing servers, and operational technology (OT) systems, are critical to maintaining the security and integrity of enterprise networks. The […]

The post CISA Releases Guidance to Protect Firewalls, Routers, & Internet-Facing Servers appeared first on Cyber Security News.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog, adding several newly identified vulnerabilities to its authoritative list of security flaws exploited in the wild. This catalog Developed to assist cybersecurity professionals in prioritizing vulnerability management, the KEV catalog serves as a critical resource for organizations aiming to […]

The post CISA Adds Apache, Microsoft Vulnerabilities to Its Database that Are Actively Exploited in the Wild appeared first on Cyber Security News.

The Google Chrome team has officially released Chrome 133, now available on the stable channel for Windows, Mac, and Linux. This update, version 133.0.6943.53 for Linux and 133.0.6943.53/54 for Windows and Mac, brings a host of improvements and critical security fixes. Users are strongly urged to update their browsers immediately to protect against newly discovered […]

The post Chrome Use-After-Free Vulnerabilities Let Attackers Execute Remote Code – Update Now appeared first on Cyber Security News.

AMD has disclosed a high-severity vulnerability (CVE-2024-56161) in its Secure Encrypted Virtualization (SEV) technology, which could allow attackers with administrative privileges to inject malicious CPU microcode.  This flaw compromises the confidentiality and integrity of virtual machines (VMs) protected by SEV-SNP, a security feature designed to safeguard sensitive workloads in virtualized environments. The issue stems from […]

The post AMD SEV Vulnerability Allows Malicious CPU Microcode Injection as Admin appeared first on Cyber Security News.

An organization’s cyber security operation center (SOC) is a unit in charge of cyber threat prevention and mitigation.  Within this framework, several critical tasks imply gathering and analyzing data on threats, incidents and attacks. This process is usually referred to as threat intelligence. It is not limited to mere collection of information. It aims to […]

The post 3 SOC Challenges Solved by Threat Intelligence appeared first on Cyber Security News.

A new, highly sophisticated malware known as Tiny FUD has been identified, targeting macOS users with advanced evasion techniques that allow it to bypass traditional antivirus and security tools. This malware leverages process name spoofing, DYLD injection, and C2-based command execution to remain undetected. While this malware is particularly dangerous due to its ability to […]

The post New Tiny FUD Attacking macOS Users Bypassing Antivirus and Security Tools appeared first on Cyber Security News.

Hackers have increasingly been using HTTP client tools to orchestrate sophisticated account takeover attacks on Microsoft 365 environments. A staggering 78% of Microsoft 365 tenants have been targeted at least once by such attacks, highlighting the evolving tactics of threat actors. HTTP client tools are software applications or libraries that enable users to send HTTP […]

The post Hackers Using HTTP Client Tools To Takeover Microsoft 365 Accounts appeared first on Cyber Security News.

A critical security flaw, identified as CVE-2025-21298, has been disclosed in Microsoft’s Windows Object Linking and Embedding (OLE) technology.  This zero-click vulnerability, which carries a CVSS score of 9.8, allows attackers to execute arbitrary code remotely by exploiting Microsoft Outlook and other applications.  The flaw has raised alarms across the cybersecurity community due to its […]

The post Critical Windows OLE Zero-Click Vulnerability Let Attacker to Execute Arbitrary Code appeared first on Cyber Security News.

SpyCloud’s Identity Threat Protection solutions spearhead a holistic identity approach to security, illuminating correlated hidden identity exposures and facilitating fast, automated remediation. SpyCloud, a leading identity threat protection company, announced key innovations in its portfolio, pioneering the shift to holistic identity threat protection. By operationalizing its vast collection of darknet data with automated identity analytics […]

The post SpyCloud Pioneers the Shift to Holistic Identity Threat Protection appeared first on Cyber Security News.

Researchers from the Anthropic Safeguards Research Team have developed a new approach to protect AI models from universal jailbreaks. This innovative method, known as Constitutional Classifiers, has shown remarkable resilience against thousands of hours of human red teaming and synthetic evaluations. Universal jailbreaks refer to inputs designed to bypass the safety guardrails of AI models, […]

The post Researchers Uncovers New Methods To Defend AI Models Against Universal Jailbreaks appeared first on Cyber Security News.

A critical security flaw in Apple’s service ticket portal has come to light, potentially exposing the sensitive data of millions of users.  The vulnerability, rooted in a combination of Insecure Direct Object Reference (IDOR) and privilege escalation, allowed unauthorized access to user information, including Mac serial numbers, IMEI numbers, and service ticket details. When Virtuvil, […]

The post Apple Service Ticket Portal Vulnerability Exposes Millions of Users Data appeared first on Cyber Security News.