Cyber Security News

Security researchers discovered that threat actors had uploaded three corrupted browser packages, firefox-patch-bin, librewolf-fix-bin, and zen-browser-patched-bin, to the Arch User Repository (AUR).  These packages appeared to be benign forks of popular Firefox-based browsers but secretly installed a Remote Access Trojan (RAT) by pulling and executing a script from a malicious GitHub repository.  The Arch Linux […]

The post Hackers Injected Malicious Firefox Browser Packages to Arch Linux User Repository appeared first on Cyber Security News.

Microsoft has unveiled significant improvements to Windows 11’s system recovery capabilities, introducing a redesigned Black Screen of Death restart screen alongside an automated Quick Machine Recovery (QMR) tool.  These enhancements are part of the broader Windows Resiliency Initiative (WRI), designed to minimize downtime and streamline recovery processes when system failures occur. Key Takeaways1. Windows 11's […]

The post Windows 11 Gets New Black Screen of Death With Auto Recovery Tool appeared first on Cyber Security News.

CISA has issued an urgent warning regarding two critical Microsoft SharePoint vulnerabilities that threat actors are actively exploiting in the wild.  The vulnerabilities, designated as CVE-2025-49704 and CVE-2025-49706, pose significant risks to organizations running on-premises SharePoint servers and have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog with an immediate remediation deadline. Key Takeaways1. […]

The post CISA Warns of Microsoft SharePoint Code Injection and Authentication Vulnerability Exploited in Wild appeared first on Cyber Security News.

Kali Linux has announced the release of two groundbreaking packages that significantly enhance wireless penetration testing capabilities for Raspberry Pi users. The new brcmfmac-nexmon-dkms and firmware-nexmon packages, introduced in Kali Linux 2025.1, enable the onboard Wi-Fi interface on supported Raspberry Pi models to perform monitor mode operations and frame injection without requiring external USB adapters. […]

The post Kali Linux Unveils Two New Tools to Boost Wi-Fi Performance for Raspberry Pi Users appeared first on Cyber Security News.

Microsoft has confirmed that Chinese state-sponsored threat actors are actively exploiting critical zero-day vulnerabilities in on-premises SharePoint servers, prompting urgent security warnings for organizations worldwide.  The tech giant’s Security Response Center reported coordinated attacks targeting internet-facing SharePoint installations using newly disclosed vulnerabilities that enable authentication bypass and remote code execution. Key Takeaways1. CVE-2025-53770/53771 in on-premises […]

The post Chinese Hackers Actively Exploiting SharePoint Servers 0-Day Flaw in the Wild appeared first on Cyber Security News.

A groundbreaking investigation has pulled back the curtain on one of Russia’s most clandestine intelligence operations, revealing unprecedented details about the Federal Security Service’s (FSB) 16th Center and its extensive signals intelligence network. The research, conducted by CheckFirst analysts over more than a year, employed an innovative methodology combining traditional open-source intelligence techniques with “phaleristics”—the […]

The post Researchers Unmasked Russia’s Most Secretive FSB’s Spy Network appeared first on Cyber Security News.

A sophisticated supply chain attack targeting JavaScript developers emerged on Friday, July 18th, 2025, when cybercriminals compromised multiple popular npm packages to distribute the newly identified “Scavenger” malware. The attack primarily focused on eslint-config-prettier, a widely-used code formatting package, along with several other development tools including eslint-plugin-prettier, snyckit, @pkgr/core, and napi-postinstall. The compromise was discovered […]

The post Scavenger Malware Hijacks Popular npm Packages to Attack Developers appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated attack campaign targeting poorly managed Linux servers through SSH brute force attacks to deploy the SVF Botnet, a Python-based distributed denial-of-service malware. The malware leverages Discord as its command-and-control infrastructure and employs multiple proxy servers to amplify its attack capabilities against targeted systems. The SVF Botnet represents a notable […]

The post Threat Actors Attacking Linux SSH Servers to Deploy SVF Botnet appeared first on Cyber Security News.

A sophisticated phishing campaign targeting Web3 developers has emerged, exploiting the growing interest in artificial intelligence platforms to deliver credential-stealing malware. The threat actor LARVA-208, previously known for targeting IT staff through phone-based social engineering, has pivoted to focus on blockchain developers using a meticulously crafted fake AI workspace platform. The attack begins with seemingly […]

The post New Web3 Phishing Attack Leverages Fake AI Platforms to Steal Usernames and Passwords appeared first on Cyber Security News.

[London, UK] July 2025 – As cryptocurrency continues its evolution into a mainstream financial asset class, a growing number of investors are turning to new strategies for generating yield—without the risks of high-frequency trading. Addressing this demand, UK-based Quid Miner has launched a mobile-first cloud mining app that empowers users in over  to earn crypto […]

The post Quid Miner Launches Mobile App to Unlock in Daily Cloud Mining Income for BTC, DOGE, and XRP for Investors appeared first on Cyber Security News.

Secure code review represents a critical security practice that systematically examines software source code to identify and remediate security vulnerabilities before they reach production environments. This comprehensive examination serves as a proactive defense mechanism, enabling development teams to detect security flaws early in the software development lifecycle (SDLC) and prevent potential breaches that could compromise […]

The post How to Conduct a Secure Code Review – Tools and Techniques appeared first on Cyber Security News.

The Lazarus Group’s long-running recruitment lure has resurfaced as “ClickFake Interview”, anchored on the freshly registered waventic[.]com site. Candidates progress through a slick JavaScript form that ends with a bogus webcam “driver” download, actually planting the cross-platform GolangGhost malware. Sekoia.io threat-defence researchers noted that the operators recycled the “ClickFix” web template first profiled in March […]

The post New ClickFake Interview Attack Using ClickFix Technique to Deliver GolangGhost Malware appeared first on Cyber Security News.

The rise of clandestine “travel agencies” on darknet forums has reshaped the cyber-crime landscape, morphing traditional card-skimming into a full-fledged service economy that sells half-priced flights, five-star hotels, and even yacht charters. What unsuspecting buyers see as a bargain is merely the last hop of a criminal supply chain that begins with credential theft and […]

The post Dark Web Travel Agencies Offering Cheap Travel Deals to Steal Credit Card Data appeared first on Cyber Security News.

Quality threat intelligence has traditionally been the domain of enterprise-level budgets and premium subscriptions. The kind of fresh, actionable data that transforms how SOCs operate has remained frustratingly out of reach for many organizations. Until now.  A Game-Changing Opportunity For Your Security Operations  ANY.RUN has just made an unprecedented move that will reshape how security […]

The post Exclusive! Threat Intelligence That Powers Best SOCs Worldwide Is Now Free   appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA), FBI, Department of Health and Human Services, and Multi-State Information Sharing and Analysis Center have issued an urgent joint advisory warning of escalating attacks by the Interlock ransomware group, which has been targeting businesses and critical infrastructure sectors since late September 2024. The newly emerged Interlock variant represents […]

The post CISA Warns of Interlock Ransomware With Double Extortion Tactics Attacking Windows and Linux Systems appeared first on Cyber Security News.

A threat actor known as “skart7” is allegedly offering a zero-day Local Privilege Escalation (LPE) exploit targeting Apple’s macOS operating system for sale on a prominent hacker forum.  This development represents a significant security concern for macOS users, particularly those in enterprise environments and high-value target organizations. Key Takeaways1. Threat actor "skart7" allegedly selling macOS […]

The post Threat Actors Allegedly Selling macOS 0-day LPE Exploit on Hacker Forums appeared first on Cyber Security News.

The breach of Tehran-based security contractor Amnban has ripped the cover off a multi-year espionage program that quietly burrowed into airline reservation systems across Africa, Europe, and the Middle East. Internal documents and screen-captured videos obtained by investigatory journalist Nariman Gharib reveal methodical reconnaissance of Royal Jordanian, Turkish Airlines, Wizz Air, Qatar Airways and more, […]

The post Iran’s Cyber Actors Attacking Global Airlines to Exfiltrate Sensitive Data appeared first on Cyber Security News.

Apache Jena has disclosed two significant security vulnerabilities affecting versions through 5.4.0, prompting an immediate upgrade recommendation to version 5.5.0.  Both CVE-2025-49656 and CVE-2025-50151, announced on July 21, 2025, represent important severity flaws that exploit administrative access to compromise server file system integrity.  Key Takeaways1. Apache Jena through v5.4.0 has two vulnerabilities (CVE-2025-49656, CVE-2025-50151).2. Exploit […]

The post Apache Jena Vulnerability Leads to Arbitrary File Access or Manipulation appeared first on Cyber Security News.

The UK government has announced comprehensive measures to tackle ransomware attacks, with public sector organizations and critical national infrastructure operators facing an outright ban on paying ransom demands to cyber criminals.  This landmark decision, supported by nearly three-quarters of consultation respondents, represents a strategic shift toward disrupting the lucrative business model that drives Advanced Persistent […]

The post UK Confirms Ban of Ransomware Payments to Public and Critical National Infrastructure Sectors appeared first on Cyber Security News.

A significant vulnerability in ETQ Reliance quality management software allows attackers to gain full administrative access by simply adding a single space character to a login attempt.  The flaw, tracked as CVE-2025-34143, represents one of the most unusual authentication bypass vulnerabilities discovered in enterprise software, requiring no sophisticated techniques, just typing “SYSTEM ” (with a […]

The post ETQ Reliance RCE Vulnerability Enables Full SYSTEM Access Just by Typing a Single Space appeared first on Cyber Security News.