Cyber Security News

A newly discovered zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) solution allows attackers to bypass security measures, execute malicious code, and trigger a BSOD system crash, according to the Ashes Cybersecurity research. The vulnerability resides in a core component of the security software, effectively turning the defensive tool into a weapon against the […]

The post New Elastic EDR 0-Day Vulnerability Allows Attackers to Bypass Detection, Execute Malware, and Cause BSOD appeared first on Cyber Security News.

CISA in collaboration with international partners, has released comprehensive guidance, titled “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators,” to strengthen cybersecurity defenses across critical infrastructure sectors. The document emphasizes the critical importance of maintaining accurate operational technology (OT) asset inventories as malicious cyber actors increasingly target industrial control systems (ICS), supervisory […]

The post CISA Releases Operational Technology Guide for Owners and Operators Across all Critical Infrastructure appeared first on Cyber Security News.

Google has awarded a record-breaking $250,000 bounty to security researcher “Micky” for discovering a critical remote code execution vulnerability in Chrome’s browser architecture.  The vulnerability allowed malicious websites to escape Chrome’s sandbox protection and execute arbitrary code on victim systems.  Key Takeaways1.Google paid researcher "Micky" a record amount for finding a critical Chrome vulnerability.2.The bug […]

The post Google Awards $250,000 Bounty for Chrome RCE Vulnerability Discovery appeared first on Cyber Security News.

A critical vulnerability in the Microsoft Web Deploy tool could allow authenticated attackers to execute remote code on affected systems.  The vulnerability, tracked as CVE-2025-53772, was disclosed on August 12, 2025, and carries a CVSS score of 8.8, indicating high severity. The flaw stems from the deserialization of untrusted data in Web Deploy, classified under […]

The post Microsoft IIS Web Deploy Vulnerability Let Attackers Execute Remote Code appeared first on Cyber Security News.

A sophisticated new phishing campaign targeting Gmail users through a multi-layered attack that uses legitimate Microsoft Dynamics infrastructure to bypass security measures and steal login credentials. The attack begins with deceptive “New Voice Notification” emails that appear to come from legitimate voicemail services. These emails contain spoofed sender information and feature prominent “Listen to Voicemail” […]

The post New Gmail Phishing Attack With Weaponized Login Flow Steals Credentials appeared first on Cyber Security News.

Security researchers have uncovered four serious vulnerabilities in ImageMagick, one of the world’s most widely used open-source image processing software suites, potentially exposing millions of users to security risks. The vulnerabilities, discovered by researcher “urban-warrior” and published three days ago, include two high-severity flaws that could allow attackers to execute malicious code through specially crafted […]

The post Multiple ImageMagick Vulnerabilities Cause Memory Corruption and Integer Overflows appeared first on Cyber Security News.

F5 Networks has disclosed a new HTTP/2 vulnerability affecting multiple BIG-IP products that could allow remote attackers to launch denial-of-service attacks against corporate networks. The security flaw, designated CVE-2025-54500 and dubbed the “HTTP/2 MadeYouReset Attack,” was published on August 13, 2025, with updates released on August 15. The vulnerability exploits malformed HTTP/2 control frames to […]

The post F5 Fixes HTTP/2 Vulnerability Enabling Massive DoS Attacks appeared first on Cyber Security News.

Researchers at Hunt.io have made a significant discovery in the cybersecurity field by obtaining and analyzing the complete source code of ERMAC V3.0. This advanced Android banking trojan targets over 700 financial applications worldwide. This unique insight into an active malware-as-a-service platform offers a valuable understanding of modern cybercriminal operations and highlights critical vulnerabilities that could assist […]

The post ERMAC v3.0 Banking Malware Source Code Exposed via Weak Password ‘changemeplease’ appeared first on Cyber Security News.

A sophisticated social engineering campaign by the EncryptHub threat group that combines impersonation tactics with technical exploitation to compromise corporate networks. The Russian-linked cybercriminals are posing as IT support staff and using Microsoft Teams requests to establish remote access, ultimately deploying malicious payloads through a previously unknown Windows vulnerability. The attack begins with threat actors […]

The post Hackers Mimic IT Teams to Exploit Microsoft Teams Request to Gain System Remote Access appeared first on Cyber Security News.

API, short for Application Programming Interface, is a mechanism that helps extract data from software applications and transfer it to other software or users using APIs. Communication through APIs is based on different requests and responses, and developers provide good documentation on structuring requests to get the desired response. APIs allow many software/applications to automatically […]

The post <strong>10 Best API Protection Tools</strong> in 2025 appeared first on Cyber Security News.

Cybersecurity researchers from watchTowr Labs have published a comprehensive technical analysis of a critical pre-authentication command injection vulnerability affecting Fortinet FortiSIEM systems, designated as CVE-2025-25256. The vulnerability carries a maximum CVSS score of 9.8 and has already been exploited in the wild, making it one of the most pressing security threats facing enterprise security operations […]

The post Fortinet FortiSIEM Command Injection Vulnerability (CVE-2025-25256) – Technical Details Revealed appeared first on Cyber Security News.

Palo Alto Networks has published an extensive malware analysis tutorial detailing the dissection of a sophisticated .NET-based threat that delivers the Remcos remote access trojan (RAT). The malware’s emergence highlights a trend in which threat actors increasingly abuse legitimate development environments and tools—such as the Microsoft .NET runtime—to execute complex, multi-stage infection campaigns. This particular […]

The post Palo Alto Networks Released A Mega Malware Analysis Tutorials Useful for Every Malware Analyst appeared first on Cyber Security News.

The cybersecurity landscape faces a new sophisticated threat as the Crypto24 ransomware group demonstrates an alarming evolution in attack methodology, seamlessly blending legitimate administrative tools with custom-developed malware to execute precision strikes against high-value targets. This emerging ransomware operation has successfully compromised organizations across Asia, Europe, and the United States, with a particular focus on […]

The post Ransomware Actors Blending Legitimate Tools with Custom Malware to Evade Detection appeared first on Cyber Security News.

Google Play has implemented comprehensive licensing requirements for cryptocurrency exchanges and software wallets, fundamentally reshaping the mobile app ecosystem for digital asset services. The policy mandates that developers seeking to publish cryptocurrency applications must obtain specific licenses and certifications from relevant financial authorities in their target jurisdictions before distribution through Google’s platform. The new regulatory […]

The post Google Requires Crypto App Developers to Have License or Certification From Relevant Authorities appeared first on Cyber Security News.

A sophisticated threat campaign has emerged that leverages CrossC2, an unofficial extension tool that expands Cobalt Strike’s notorious capabilities beyond Windows systems to target Linux and macOS environments. Between September and December 2024, cybersecurity incidents involving this cross-platform malware have been documented, representing a significant evolution in threat actor tactics that traditionally focused on Windows-based […]

The post Threat Actors Using CrossC2 Tool to Expand Cobalt Strike to Operate on Linux and macOS appeared first on Cyber Security News.

Security researchers have uncovered a sophisticated new phishing campaign that exploits the Japanese hiragana character “ん” to create deceptively authentic-looking URLs that can fool even vigilant internet users. The attack, first identified by security researcher JAMESWT, targets explicitly customers of the popular travel booking platform Booking.com. The malicious technique leverages the visual similarity between the […]

The post New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash “/” appeared first on Cyber Security News.

A new AI tool named HexStrike AI has been launched, designed to bridge the gap between large language models (LLMs) and practical cybersecurity operations. The latest release, v6.0, equips AI agents like OpenAI’s GPT, Anthropic’s Claude, and GitHub’s Copilot with a formidable arsenal of over 150 professional security tools, enabling autonomous penetration testing, vulnerability research, […]

The post HexStrike AI Connects ChatGPT, Claude, Copilot with 150+ Security Tools like Burp Suite and Nmap appeared first on Cyber Security News.

Critical security flaw CVE-2025-20217 allows unauthenticated attackers to trigger denial-of-service conditions in Cisco’s widely deployed firewall systems Cisco has disclosed a high-severity vulnerability in its Secure Firewall Threat Defense (FTD) Software that could allow remote attackers to cause denial-of-service conditions through the Snort 3 Detection Engine. The vulnerability, tracked as CVE-2025-20217 with a CVSS score […]

The post Cisco Secure Firewall Snort 3 Detection Engine Vulnerability Enables DoS Attacks appeared first on Cyber Security News.

The goal of deception technology, which uses some of the best deception tools, is to trick attackers by dispersing a variety of traps and dummy assets throughout a system’s infrastructure to mimic real assets. There is always a possibility that cybercriminals will breach your network, regardless of how effective your perimeter defenses.  You’ll lure them […]

The post 10 Best Deception Tools in 2025 appeared first on Cyber Security News.

A zero-day vulnerability in WinRAR allows malware to be deployed on unsuspecting users’ systems, highlighting the ongoing threats to popular software. Tracked as CVE-2025-8088, this path traversal flaw affects the Windows version of the widely used file archiving tool, enabling attackers to execute arbitrary code through specially crafted archives. The vulnerability, discovered in mid-July 2025, […]

The post CVE-2025-8088 – WinRAR 0-Day Path Traversal Vulnerability Exploited to Execute Malware appeared first on Cyber Security News.