Cyber Security News

In recent weeks, security analysts have observed a new wave of macOS attacks leveraging legitimately issued Extended Validation (EV) certificates to sign malicious disk images (DMGs). This technique allows malware authors to evade detection by VirusTotal and built-in macOS security checks. The campaign first surfaced when multiple samples appeared on threat intelligence feeds, each bearing […]

The post Hackers Abuse EV Certificates to Sign Completely Undetectable DMG Malware appeared first on Cyber Security News.

Allianz Life Insurance Company of North America has reported a significant data security incident that has exposed the sensitive personal information of an estimated 1.5 million customers, financial professionals, and employees. The breach involved unauthorized access to a cloud-based system, compromising highly sensitive data, including Social Security numbers. The incident occurred on July 16, 2025, […]

The post Allianz Life Data Breach Exposes Personal Records of 1.5 Million Users appeared first on Cyber Security News.

A new ransomware strain, dubbed FunkLocker, is leveraging artificial intelligence to expedite its development, while relying on the abuse of legitimate Windows utilities to disable security defenses and disrupt systems. The ransomware, attributed to a group known as FunkSec, highlights a growing trend of threat actors using AI to piece together malware with varying degrees […]

The post AI-Powered FunkLocker Ransomware Leverages Windows utilities to Disable Defenses appeared first on Cyber Security News.

Google has published a comprehensive guide aimed at fortifying organizational defenses against UNC6040, a sophisticated threat actor known for targeting cloud environments and enterprise networks. Emerging in late 2024, UNC6040 quickly garnered attention for its highly coordinated campaigns, which leverage advanced payload delivery methods and custom malware loaders. Initial investigations linked the group’s activity to […]

The post Google Releases Guide to Harden Security Strategy and Detection Capabilities Against UNC6040 appeared first on Cyber Security News.

Cisco’s Simple Network Management Protocol (SNMP) implementations in IOS and IOS XE have come under intense scrutiny following reports of active exploitation in the wild. First disclosed in August 2025, CVE-2025-20352 describes a critical buffer overflow in the SNMP engine that allows unauthenticated remote attackers to execute arbitrary code. The vulnerability arises when an oversized […]

The post CISA Warns of Cisco IOS and IOS XE SNMP Vulnerabilities Exploited in Attacks appeared first on Cyber Security News.

In recent weeks, a novel malware campaign dubbed MatrixPDF has surfaced, targeting Gmail users with carefully crafted emails that slip past conventional spam and phishing filters. This campaign has been active since mid-September 2025 and leverages PDF attachments that, when opened, initiate a stealthy infection chain designed to exfiltrate sensitive information and deliver additional payloads. […]

The post MatrixPDF Attacks Gmail Users Bypassing Email Filters and Fetch Malicious Payload appeared first on Cyber Security News.

WestJet announced a cybersecurity incident in which a sophisticated third-party actor gained unauthorized access to internal systems, exposing personal information of some customers.  The breach, discovered on June 13, 2025, has since been contained and remediated, but not before sensitive data elements were exfiltrated. WestJet Passenger Data Exposed WestJet’s security team first detected anomalous activity […]

The post WestJet Confirms Data Breach – Customers Personal Information Exposed appeared first on Cyber Security News.

Since mid-2025, cybersecurity researchers have tracked a resurgence of Patchwork Advanced Persistent Threat (APT) campaigns targeting government and telecommunications sectors across Asia and Eastern Europe. Initially leveraging spear-phishing emails containing malicious Office document attachments, this latest wave of activity has evolved into a multi-stage infection chain employing sophisticated persistence and payload retrieval tactics. The initial […]

The post Patchwork APT Using PowerShell Commands to Create Scheduled Task and Downloads Final Payload appeared first on Cyber Security News.

Red Hat published security advisory CVE-2025-10725, detailing an Important severity flaw in the OpenShift AI Service that could enable low-privileged attackers to elevate their permissions to full cluster administrator and compromise the entire platform.  With a CVSS v3 base score of 9.9, this vulnerability poses a critical risk for organizations leveraging Red Hat OpenShift AI […]

The post Red Hat Openshift AI Service Vulnerability Allow Attackers to Take Control of the Infrastructure appeared first on Cyber Security News.

Confidential computing promised to protect sensitive workloads in the public cloud. Yet a new low-cost hardware attack, Battering RAM, demonstrates that even up-to-date memory-encryption schemes on Intel and AMD processors can be defeated with a simple interposer costing under 50 dollars. Modern servers use DDR4 DRAM with hardware-backed encryption, such as Intel SGX’s Total Memory Encryption (TME) […]

The post New Battering RAM Attack Bypasses Latest Defenses on Intel and AMD Cloud Processors appeared first on Cyber Security News.

In recent weeks, security teams worldwide have observed a surge in covert operations orchestrated by a clandestine group known colloquially as the “Chinese Nexus” APT. This actor has been tailoring highly targeted campaigns against organizations in the finance, telecommunication, and manufacturing sectors, exploiting spear-phishing emails and compromised VPN credentials to gain initial footholds. Victims report […]

The post New Chinese Nexus APT Hackers Attacking Organizations to Deliver NET-STAR Malware Suite appeared first on Cyber Security News.

A sophisticated phishing campaign has emerged targeting job seekers through fake Google career recruitment opportunities, leveraging social engineering tactics to harvest Gmail credentials and personal information. The malicious operation exploits the trust associated with Google’s brand reputation, crafting convincing recruitment emails that direct victims to fraudulent login portals designed to capture authentication details. The attack […]

The post Hackers Posing as Google Careers Recruiter to Steal Gmail Login Details appeared first on Cyber Security News.

Microsoft is actively investigating and addressing widespread errors preventing users from accessing their mailboxes on Outlook.com. The company has been providing regular updates throughout the day, indicating that targeted infrastructure restarts are gradually restoring service. The issue, which began early on October 1, 2025, affects users attempting to log in or access their emails via […]

The post Microsoft Investigating Widespread Outlook.com Outage Preventing Users from Accessing Mailbox appeared first on Cyber Security News.

Hackers have recently leveraged a vulnerability in the web-based management interfaces of certain cellular routers to co-opt their built-in SMS functionality for nefarious purposes. By targeting exposed APIs, attackers are able to dispatch large volumes of malicious SMS messages containing weaponized links that lead to drive-by downloads or credential-stealing pages. This emerging threat vector exploits […]

The post Hackers Exploit Cellular Router’s API to Send Malicious SMS Messages With Weaponized Links appeared first on Cyber Security News.

A critical zero-day vulnerability affecting thousands of Cisco firewalls is being actively exploited by threat actors in the wild.  The vulnerability, tracked as CVE-2025-20333, poses an immediate risk to organizations worldwide with a CVSS score of 9.9, representing one of the most severe security flaws discovered in enterprise firewall infrastructure this year. According to data […]

The post 48+ Cisco Firewalls Vulnerable to Actively Exploited 0-Day Vulnerability in the Wild appeared first on Cyber Security News.

Microsoft has officially released Windows 11, version 25H2, also known as the Windows 11 2025 Update, marking the next feature update for the operating system. The update became available for general availability on September 30, 2025, initiating a phased rollout to eligible devices. This new version is designed as a service, with updates delivered periodically […]

The post Windows 11 25H2 Released for General Availability – Know Issues and Mitigations appeared first on Cyber Security News.

A new Android banking trojan has emerged that combines traditional overlay attacks with a stealthy hidden Virtual Network Computing (VNC) server to achieve full remote control of compromised devices. First detected in late September 2025, the malware is distributed through SMS-based phishing campaigns that lure victims into installing a fake “security” app. Once granted the […]

The post New Android Banking Trojan Uses Hidden VNC to Gain Complete Remote Control Over Device appeared first on Cyber Security News.

The OpenSSL Project has released a critical security advisory, addressing three significant vulnerabilities that could allow attackers to execute remote code and potentially recover private cryptographic keys.  These flaws affect multiple OpenSSL versions across different platforms and could lead to memory corruption, denial of service attacks, and unauthorized access to sensitive cryptographic materials. The most […]

The post OpenSSL Vulnerabilities Let Attackers Execute Malicious Code and Recover Private Key Remotely appeared first on Cyber Security News.

A concerning cybersecurity trend has emerged as threat actors exploit the growing popularity of artificial intelligence tools by distributing malicious Chrome extensions masquerading as legitimate platforms. These deceptive extensions target users seeking convenient access to popular services like ChatGPT, Claude, Perplexity, and Meta Llama, creating a significant security risk for unsuspecting individuals and organizations. The […]

The post Beware! Threat Actors Distributing Malicious AI Tools as Chrome Extensions appeared first on Cyber Security News.

In late September 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued a public alert regarding the active exploitation of a critical command injection vulnerability tracked as CVE-2025-59689 in Libraesva Email Security Gateway (ESG) devices. This flaw has rapidly emerged as a favored target for threat actors due to its ease of exploitation and the […]

The post CISA Warns of Libraesva ESG Command Injection Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.