Cyber Security News

Cybercriminals leveraged critical vulnerabilities in remote monitoring software to breach a managed service provider and attack multiple customers. Cybersecurity researchers at Sophos have revealed details of a sophisticated attack where threat actors exploited vulnerabilities in SimpleHelp remote monitoring and management (RMM) software to deploy DragonForce ransomware across multiple organizations through a managed service provider (MSP). […]

The post Hackers Exploit SimpleHelp RMM Tool to Deploy DragonForce Ransomware appeared first on Cyber Security News.

Zscaler Inc. announced on May 27, 2025, a definitive agreement to acquire Red Canary, a leading Managed Detection and Response (MDR) company, in a strategic move to enhance its AI-powered security operations capabilities.  The acquisition combines Zscaler’s Zero Trust Exchange platform with Red Canary’s threat detection expertise to create a unified, agile Security Operations Center […]

The post Zscaler Expands AI-Driven Security Operations with Red Canary Acquisition appeared first on Cyber Security News.

A sophisticated new Android malware strain called GhostSpy has emerged as a significant threat to mobile device security, demonstrating advanced capabilities that allow cybercriminals to achieve complete control over infected smartphones and tablets. This web-based Remote Access Trojan (RAT) employs a multi-stage infection process, beginning with a seemingly innocuous dropper application that silently escalates privileges […]

The post New Android Malware GhostSpy Let Attacker Take Full Control Over Infected Devices appeared first on Cyber Security News.

Dutch intelligence services have identified a previously unknown Russian hacking group responsible for cyberattacks on multiple Dutch organizations, including a significant breach of the national police system in September 2024 that compromised work-related contact information of officers. The Netherlands General Intelligence and Security Service (AIVD) and Military Intelligence and Security Service (MIVD) announced Tuesday that […]

The post Dutch Intelligence Exposes Russian “Laundry Bear” Hackers Behind Police Hack appeared first on Cyber Security News.

Threat intelligence is the cornerstone of proactive cyber defense, providing context to security events to prioritize response efforts. It’s about turning raw data into strategic insights that can be used to fortify network defenses against known and unknown threats.  The Value Of Threat Intelligence For Business  Solutions like ANY.RUN’s Threat Intelligence Lookup help organizations understand […]

The post How To Use Threat Intelligence Data From 15,000 Companies To Defend Yours  appeared first on Cyber Security News.

Check Point Software Technologies has announced the acquisition of Veriti Cybersecurity, marking a significant advancement in automated threat exposure management for enterprises facing increasingly sophisticated AI-driven cyber attacks. The transaction, expected to close by the end of Q2 2025, represents Check Point’s first acquisition under CEO Nadav Zafrir’s leadership and is estimated to exceed $100 […]

The post Check Point Acquires Veriti for Automated Threat Exposure Management appeared first on Cyber Security News.

Microsoft Threat Intelligence has unveiled a sophisticated Russian-affiliated cyberespionage group dubbed “Void Blizzard” (also known as LAUNDRY BEAR) that has been conducting widespread attacks against telecommunications and IT organizations since April 2024.  The threat actor has successfully compromised critical infrastructure across NATO member states and Ukraine, with operations spanning government agencies, defense contractors, healthcare systems, […]

The post Microsoft Warns of Void Blizzard Hackers Attacking Telecommunications & IT Organizations appeared first on Cyber Security News.

Security researchers have uncovered a critical vulnerability in Arm’s Mali GPU driver that allows malicious Android applications to bypass Memory Tagging Extension (MTE) protections and achieve arbitrary kernel code execution. The vulnerability, designated CVE-2025-0072, represents a significant threat to devices equipped with newer Arm Mali GPUs utilizing the Command Stream Frontend (CSF) architecture, including Google’s […]

The post Arm Mali GPU Vulnerability Let Bypass MTE and Gain Arbitrary Kernel Code Execution appeared first on Cyber Security News.

Microsoft has revolutionized its iconic Notepad application by introducing an AI-powered text generation feature called “Write,” marking a dramatic transformation for the minimalist text editor that has remained largely unchanged for decades.  The new functionality, powered by a variant of GPT technology, enables users to generate content directly within Notepad using natural language prompts. Currently […]

The post Windows 11 Notepad Gets AI Writer Using a Variant of ChatGPT or Microsoft’s AI Model appeared first on Cyber Security News.

A critical security vulnerability in the widely-used GitHub Model Context Protocol (MCP) server has been discovered, exposing users to sophisticated attacks that can compromise private repository data through malicious prompt injections. The vulnerability affects any agent system using the GitHub MCP integration, which has garnered significant attention with over 14,000 stars on GitHub, making it […]

The post GitHub MCP Server Vulnerability Let Attackers Access Private Repositories appeared first on Cyber Security News.

German sportswear giant Adidas has confirmed a significant data breach involving customer contact information accessed through a compromised third-party customer service provider.  The incident, disclosed on May 23, 2025, exposed contact details of consumers who had previously interacted with the company’s customer service help desk, though the breach did not compromise passwords, credit card data, […]

The post Adidas Data Breach – Customer Data Exposed Via Third-Party Service Provider appeared first on Cyber Security News.

Two critical security vulnerabilities discovered in the popular GIMP image editing software have been disclosed. These vulnerabilities allow remote attackers to execute arbitrary code on affected systems.  The vulnerabilities, identified as CVE-2025-2760 and CVE-2025-2761, were publicly disclosed on April 7th, 2025, and affect GIMP installations prior to version 3.0.0.  Both flaws require user interaction, specifically […]

The post GIMP Image Editor Vulnerability Let Remote Attackers Arbitrary Code appeared first on Cyber Security News.

Security researchers have unveiled significant vulnerabilities in .NET desktop applications that utilize CefSharp, a popular framework for embedding Chromium browsers within desktop applications, exposing millions of enterprise applications to potential remote code execution attacks. CefSharp, a lightweight .NET wrapper around the Chromium Embedded Framework, has emerged as a cornerstone technology for enterprises developing hybrid desktop […]

The post CefSharp Enumeration Tool Reveals Security Vulnerabilities in .NET Desktop Apps appeared first on Cyber Security News.

The Gujarat Anti-Terrorism Squad (ATS) has arrested an 18-year-old and a minor for orchestrating over 50 coordinated cyberattacks on Indian government websites during the recent military ‘Operation Sindoor’.  The main accused, Jasim Shahnawaz Ansari from Nadiad in Gujarat’s Kheda district, allegedly led multiple Distributed Denial-of-Service (DDoS) attacks targeting critical infrastructure websites while posting anti-national content […]

The post Gujarat Teen Behind 50+ Cyberattacks During ‘Operation Sindoor’ Arrested appeared first on Cyber Security News.

In a sophisticated cybersecurity attack uncovered this week, Russian threat actors have been observed exploiting multiple cloud service providers to deliver the notorious Lumma Stealer malware. The campaign utilizes legitimate cloud infrastructure—including Oracle Cloud Infrastructure (OCI), Scaleway Object Storage, and Tigris—to host malicious content that targets privileged users across various organizations. Security experts warn this […]

The post Russian Hackers Leverage Oracle Cloud Infrastructure to Scaleway Object Storage appeared first on Cyber Security News.

Halo Security, a leading provider of attack surface management and penetration testing services, today announced it has successfully achieved SOC 2 Type 1 compliance following a comprehensive audit by Insight Assurance. This certification validates that Halo Security’s security controls and practices are properly designed and implemented to meet the SOC 2 trust principles. “Security isn’t a destination; it’s […]

The post Halo Security Achieves SOC 2 Type 1 Compliance, Validating Security Controls for Its Attack Surface Management Platform appeared first on Cyber Security News.

A critical security vulnerability has been discovered in Netwrix Password Secure, an enterprise password management solution, allowing authenticated attackers to execute arbitrary code on victim machines. The vulnerability, identified as CVE-2025-26817, affects all versions of Netwrix Password Secure up to version 9.2.2, exposing organizations that haven’t updated to the latest release. The flaw resides in […]

The post Netwrix Password Manager Vulnerability Allows Authenticated Remote Code Execution appeared first on Cyber Security News.

Cisco disclosed a security vulnerability (CVE-2025-20255) affecting its Webex Meetings service that could allow remote attackers to manipulate cached HTTP responses.  The vulnerability, assigned a CVSS score of 4.3 (Medium severity), stems from improper handling of malicious HTTP requests in the client join services component.  Security researcher Matthew B. Johnson (d3d) is credited with discovering […]

The post Cisco Webex Meetings Vulnerability Let Attackers Manipulate HTTP Responses appeared first on Cyber Security News.

A sophisticated cyber threat group designated as UAT-6382 has been actively exploiting a critical zero-day vulnerability in Cityworks, a popular asset management system used by local governments across the United States. The vulnerability, tracked as CVE-2025-0994, allows remote code execution and has been under active exploitation since January 2025. The attackers have demonstrated a particular […]

The post UAT-638 Hackers Exploit Cityworks Zero-Day to Attack IIS Servers With VSHell Malware appeared first on Cyber Security News.

INE Security, a global leader in Cybersecurity training and certifications, has announced a strategic partnership with Abadnet Institute for Training, a Riyadh-based leader in specialized Information Technology, Cybersecurity, and Networking training. The collaboration leverages INE Security’s internationally recognized cybersecurity training content and Abadnet’s established presence in the Saudi Arabian market to deliver comprehensive cybersecurity education programs across the […]

The post INE Security Partners with Abadnet Institute for Cybersecurity Training Programs in Saudi Arabia appeared first on Cyber Security News.