Cyber Security News

A sophisticated evasion technique employed by Akira ransomware affiliates, exploiting legitimate Windows drivers to bypass antivirus and endpoint detection and response (EDR) systems during recent SonicWall VPN attack campaigns.  The attacks, which have escalated from late July through early August 2025, demonstrate the threat actors’ evolving tactics to maintain persistence and avoid detection in compromised […]

The post Akira Ransomware Uses Windows Drivers to Bypass AV/EDR in SonicWall Attacks appeared first on Cyber Security News.

A wide range of vulnerabilities affects millions of Dell laptops used by government agencies, cybersecurity professionals, and enterprises worldwide. The vulnerabilities, collectively dubbed “ReVault,” target the Broadcom BCM5820X security chip embedded in Dell’s ControlVault3 firmware, creating opportunities for attackers to steal passwords, biometric data, and maintain persistent access to compromised systems. The vulnerabilities affect more […]

The post Critical Firmware Vulnerabilities Exposes Millions of Dell Laptops to Device Takeover and Malware Attacks appeared first on Cyber Security News.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert, adding three vulnerabilities affecting D-Link devices to its Known Exploited Vulnerabilities (KEV) Catalog. The inclusion of these flaws in the catalog signifies that they are being actively exploited by malicious cyber actors in real-world attacks, posing a significant threat to networks. The […]

The post CISA Warns of D-Link Vulnerabilities Actively Exploited in Attacks appeared first on Cyber Security News.

The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) has issued a critical warning about the exploitation of convertible virtual currency (CVC) kiosks by criminal organizations. Released on August 4, 2025, the advisory highlights how these cryptocurrency ATMs, while designed as convenient access points for legitimate users, have become significant vectors for fraudulent […]

The post U.S. Treasury Warns of Crypto ATMs Fueling Criminal Activity appeared first on Cyber Security News.

Microsoft has announced the return of its groundbreaking Zero Day Quest, the largest public hacking event in history, offering unprecedented bounty rewards of up to $5 million for high-impact security research. Building upon last year’s successful $4 million initiative, this enhanced program demonstrates Microsoft’s commitment to collaborative security through responsible vulnerability disclosure and community engagement. […]

The post Microsoft Zero Day Quest Hacking Contest – Rewards Up to $5 Million appeared first on Cyber Security News.

Cyber-criminals have gradually shifted their focus toward the high-value infrastructure that trains, tunes and serves modern artificial-intelligence models. Over the past six months, incident-response teams have documented a new malware family, tentatively dubbed “ShadowInit,” that targets GPU clusters, model-serving gateways and orchestration pipelines inside large language model (LLM) deployments. Unlike earlier crypto-mining campaigns, ShadowInit seeks […]

The post Cyber Attacks Against AI Infrastructure Are in The Rise With Key Vulnerabilities Uncovered appeared first on Cyber Security News.

A sophisticated cybercriminal campaign dubbed “ClickTok” has emerged as one of the most extensive threats targeting TikTok Shop users worldwide, with researchers identifying over 10,000 malicious domains designed to steal user credentials and deploy advanced spyware. The campaign represents a significant escalation in e-commerce-focused cyberattacks, combining traditional phishing techniques with cutting-edge malware distribution to exploit […]

The post 10,000+ Malicious TikTok Shop Domains Attacking Users to Steal Logins and Deploy Malware appeared first on Cyber Security News.

You’re on a four-day clock. Following new SEC rules announced on July 26, 2023, U.S. public companies must disclose any cybersecurity incident they determine to be ‘material’ within four business days of that determination. For most companies, this requirement became effective on December 15, 2023. Meanwhile, the average global cost of a data breach jumped […]

The post The Network-Security Compliance Checklist: 25 Controls, Mapped And Audit-Ready appeared first on Cyber Security News.

A critical vulnerability in Cursor IDE, the rapidly growing AI-powered development environment, enables persistent remote code execution through manipulation of the Model Context Protocol (MCP) system. The vulnerability, tracked as CVE-2025-54136 and dubbed “MCPoison,” exploits a trust validation flaw that allows attackers to execute arbitrary commands on developer machines without triggering security warnings. Cursor IDE […]

The post New MCPoison Attack Leverages Cursor IDE MCP Validation to Execute Arbitrary System Commands appeared first on Cyber Security News.

SSL certificates are used everywhere from websites and APIs to mobile apps, internal tools and CI/CD pipelines. While most teams know they’re important, they often don’t manage them well. Certificates are usually forgotten until something breaks. If they expire, get misused, or aren’t monitored, they turn into easy targets for attackers. A small mistake in […]

The post How Certificate Mismanagement Opens The Door For Phishing And MITM Attacks appeared first on Cyber Security News.

Cybersecurity is about staying one step ahead. The security of business assets hinges on proactive threat detection and rapid response powered by data. Every security system and service from network monitoring and incident response to analytics depends on continuous data feeds to function effectively.   The Foundation: Quality Threat Data  Effective cybersecurity hinges on data quality. […]

The post How To Get Real-Time IOCs From Incidents Across 15K SOCs  appeared first on Cyber Security News.

A critical vulnerability in Streamlit, the popular open-source framework for building data applications, enables attackers to conduct cloud account takeover attacks.  The flaw, discovered in February 2025, exploits weaknesses in Streamlit’s st.file_uploader component to bypass file type restrictions and gain unauthorized access to cloud instances running Streamlit applications. The vulnerability demonstrates how seemingly minor components […]

The post New Streamlit Vulnerability Allows Hackers to Launch Cloud Account Takeover Attacks appeared first on Cyber Security News.

Perplexity AI, an emerging question-answering engine powered by advanced large language models, has recently come under scrutiny for deploying stealth crawling techniques that bypass standard web defenses. Initially launched with transparent intentions, Perplexity’s crawlers would identify themselves via declared user agents such as PerplexityBot/1.0, respecting robots.txt directives and web application firewall (WAF) rules. However, in […]

The post Cloudflare Accuses Perplexity AI For Evading Firewalls and Crawling Websites by Changing User Agent appeared first on Cyber Security News.

A sophisticated phishing campaign attributed to the Pakistan-linked APT36 group has emerged as a serious threat to Indian government infrastructure. First detected in early August 2025, this operation leverages typo-squatted domains designed to mimic official government login portals. When unsuspecting users enter their email IDs and passwords, they are redirected to counterfeit pages that replicate […]

The post APT36 Hackers Attacking Indian Government Entities to Steal Login Credentials appeared first on Cyber Security News.

A sophisticated North Korean cryptocurrency theft campaign has resurfaced with renewed vigor, weaponizing twelve malicious NPM packages to target developers and steal digital assets. The campaign, which represents a significant escalation in supply chain attacks, exploits the trust developers place in open-source package repositories to distribute advanced malware capable of cross-platform data exfiltration. The attack […]

The post North Korean Hackers Weaponizing NPM Packages to Steal Cryptocurrency and Sensitive Data appeared first on Cyber Security News.

Cisco has confirmed it was the target of a cyberattack where a malicious actor successfully stole the basic profile information of an undisclosed number of users registered on Cisco.com. The technology giant revealed that the breach occurred after an employee was deceived by a sophisticated voice phishing, or “vishing,” attack. The incident, which Cisco became […]

The post Cisco Hacked – Attackers Stole Profile Details of Users Registered on Cisco.com appeared first on Cyber Security News.

North Korean state-sponsored cyber-espionage group Kimsuky has unveiled a sophisticated new campaign targeting South Korean entities through malicious Windows shortcut (LNK) files, demonstrating the group’s continued evolution in stealth and precision. The campaign combines tailored social engineering with advanced malware frameworks designed to systematically infiltrate government agencies, defense contractors, and research organizations while evading traditional […]

The post Kimsuky APT Hackers Weaponizing LNK Files to Deploy Reflective Malware Bypassing Windows Defender appeared first on Cyber Security News.

SonicWall has issued an urgent security advisory following a significant increase in cyber incidents targeting its Gen 7 SonicWall firewalls over the past 72 hours. The company is actively investigating a wave of attacks that appear to be focused on devices where the Secure Sockets Layer Virtual Private Network (SSLVPN) feature is enabled. In a […]

The post SonicWall Warns of Escalating Cyberattacks Targeting Gen 7 Firewalls in Last 72 Hours appeared first on Cyber Security News.

A sophisticated attack method where hackers are exploiting a deserialization vulnerability in SharePoint to steal Internet Information Services (IIS) Machine Keys. This enables attackers to bypass security measures, forge trusted data, and ultimately achieve persistent Remote Code Execution (RCE) on compromised servers. According to SANS researcher Bojan Zdrnja, the attack begins with the exploitation of […]

The post Hackers Can Steal IIS Machine Keys by Exploiting SharePoint Deserialization Vulnerability appeared first on Cyber Security News.

North Korean-linked Famous Chollima APT group has emerged as a sophisticated threat actor, orchestrating targeted campaigns against job seekers and organizations through deceptive recruitment processes. Active since December 2022, this advanced persistent threat has developed an intricate multi-stage attack methodology that exploits the trust inherent in professional networking and job-seeking activities. The group’s operations represent […]

The post Famous Chollima APT Hackers Attacking Job Seekers and Organization to Deploy JavaScript Based Malware appeared first on Cyber Security News.