Cyber Security News

A sophisticated backdoor linked to the notorious Russian cyber-espionage group APT28 allows attackers to exfiltrate data, upload files, and execute commands on compromised computers. The new, sophisticated backdoor targets Microsoft Outlook, which allows threat actors to steal data and take control of a victim’s machine. The malware, dubbed “NotDoor,” has been attributed to the Russian […]

The post New ‘NotDoor’ Malware Attacks Outlook Users to Exfiltrate Data and Compromise Computers appeared first on Cyber Security News.

A sophisticated new backdoor malware has emerged from the shadows, operating undetected for over 20 months while infiltrating networks through an ingenious dual-mode activation system. Initially discovered masquerading as a Mirai variant, MystRodX represents a significant evolution in stealth malware design, utilizing DNS queries and ICMP packets as covert communication channels to evade traditional security […]

The post MystRodX Leveraging DNS and ICMP to Steal Sensitive Data From Hacked Systems appeared first on Cyber Security News.

A sophisticated phishing operation has been running undetected for over three years across Google Cloud and Cloudflare infrastructure, impersonating major corporations including defense contractor Lockheed Martin. The campaign, which utilized advanced cloaking techniques and compromised expired domains, demonstrates a concerning failure in detection capabilities by two of the internet’s largest service providers. The operation began […]

The post Phishing Campaign Went Undetected for Over 3 Years on Google Cloud and Cloudflare appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory warning about a critical vulnerability in SunPower PVS6 solar power devices that could allow attackers to gain complete control over the systems. The flaw, tracked as CVE-2025-9696, stems from the use of hardcoded credentials in the device’s BluetoothLE interface, presenting a significant threat […]

The post CISA Warns of Critical SunPower Device Vulnerability Let Attackers Gain Full Device Access appeared first on Cyber Security News.

Binance, the world’s largest cryptocurrency exchange by volume, continues to hit new milestones, with regards to the platform’s active user base. For example, Binance recently hit the 275 million registered users milestone. However, where Binance may be really knocking it out of the park, in terms of hitting userbase milestones, may be with the company’s […]

The post Binance Hits 100M+ App Downloads: A Milestone Powering Crypto’s Global Reach appeared first on Cyber Security News.

Phishing has moved far beyond suspicious links. Today, attackers hide inside the files employees trust most; PDFs. On the surface, they look like invoices, contracts, or reports. But once opened, these documents can trigger hidden scripts, redirect to fake login pages, or quietly steal credentials. The danger lies in how convincing they are. PDFs often […]

The post Attackers Are Abusing Malicious PDFs: Here’s How to Spot Them Early appeared first on Cyber Security News.

A sophisticated new Python-based information stealer has emerged in the cybersecurity landscape, demonstrating advanced capabilities for data exfiltration through Discord channels. The malware, identified as “Inf0s3c Stealer,” represents a significant evolution in the realm of data theft tools, combining traditional system reconnaissance techniques with modern communication platforms to avoid detection while efficiently harvesting sensitive information […]

The post New Stealthy Python Malware Leverages Discord to Steal Data From Windows Machines appeared first on Cyber Security News.

Cybersecurity researchers began detecting an alarming surge in early April 2025 in UDP flood traffic emanating from compromised network video recorders (NVRs) and other edge devices. Within milliseconds of infection, these devices were weaponized to direct overwhelming volumes of packets at unsuspecting targets, leading to service disruptions and massive bandwidth consumption. Bitsight analysts identified this […]

The post RapperBot Hijacking Devices to Launch DDoS Attack In a Split Second appeared first on Cyber Security News.

PagerDuty, a leader in digital operations management, has confirmed a security incident that resulted in unauthorized access to some of its data stored in Salesforce. The company stated that no PagerDuty platform credentials were compromised and that the breach resulted from a vulnerability in a third-party application, Salesloft Drift. The incident’s timeline began on August […]

The post PagerDuty Confirms Data Breach After Third-Party App Vulnerability Exposes Salesforce Data appeared first on Cyber Security News.

OpenAI announced today its definitive agreement to acquire Statsig, a product experimentation and analytics platform, for $1.1 billion. The acquisition is a key move by the leader in artificial intelligence. It aims to add strong data tools to its system. This will help speed up the creation and launch of AI-based products. Statsig, founded in […]

The post OpenAI Set to Acquire Analytics Platform Statsig in $1.1 Billion Agreement appeared first on Cyber Security News.

Google has officially promoted Chrome 140 to the stable channel, initiating a multi-platform rollout for Windows, Mac, Linux, Android, and iOS. The update brings the usual stability and performance improvements, but the headline feature is a critical security patch addressing six vulnerabilities, including one high-severity flaw that could allow for remote code execution. Users are […]

The post Chrome 140 Released With Fix For Six Vulnerabilities that Enable Remote Code Execution Attacks appeared first on Cyber Security News.

In response to the discovery of actively exploited 0-day vulnerabilities, Google has released its September 2025 Android Security Bulletin, rolling out patch level 2025-09-05 to safeguard millions of devices. The bulletin details critical issues in both System and Kernel components, and emphasizes the importance of immediate updates to mitigate remote code execution risks. Key Takeaways1. […]

The post Android Security Update – Patch for 0-Day Vulnerabilities Actively Exploited in Attack appeared first on Cyber Security News.

CISA has issued an urgent advisory concerning a newly disclosed zero-day vulnerability in Meta Platforms’ WhatsApp messaging service (CVE-2025-55177).  This flaw, categorized under CWE-863: Incorrect Authorization, allows an unauthorized actor to manipulate linked device synchronization messages and force a target device to fetch and process content from an attacker-controlled URL.  Key Takeaways1. CVE-2025-55177 exploits a […]

The post CISA Warns of WhatsApp 0-Day Vulnerability Exploited in Attacks appeared first on Cyber Security News.

A proof-of-concept exploit for CVE-2025-53772, a critical remote code execution vulnerability in Microsoft’s IIS Web Deploy (msdeploy) tool, was published this week, raising urgent alarms across the .NET and DevOps communities.  The flaw resides in the unsafe deserialization of HTTP header contents in both the msdeployagentservice and msdeploy.axd endpoints, enabling authenticated attackers to execute arbitrary code on target […]

The post PoC Exploit Released for IIS WebDeploy Remote Code Execution Vulnerability appeared first on Cyber Security News.

A stealthy new malware loader dubbed TinyLoader has begun proliferating across Windows environments, exploiting network shares and deceptive shortcut files to compromise systems worldwide. First detected in late August 2025, TinyLoader installs multiple secondary payloads—most notably RedLine Stealer and DCRat—transforming infected machines into fully weaponized platforms for credential theft, remote access, and cryptocurrency hijacking. Analysts […]

The post New TinyLoader Malware Attacking Windows Users Via Network Shares and Fake Shortcuts Files appeared first on Cyber Security News.

A critical security vulnerability discovered in ESPHome’s web server component has exposed thousands of smart home devices to unauthorized access, effectively nullifying basic authentication protections on ESP-IDF platform implementations. The flaw, designated CVE-2025-57808 with a CVSS score of 8.1, affects ESPHome version 2025.8.0 and allows attackers to bypass authentication mechanisms without any knowledge of legitimate […]

The post ESPHome Web Server Authentication Bypass Vulnerability Exposes Smart Devices appeared first on Cyber Security News.

Google has officially debunked widespread reports claiming the company issued a major security warning to Gmail users, clarifying that such claims are entirely false. The technology giant addressed the misinformation directly on September 1, 2025, emphasizing that no broad security alert was ever issued to its user base. These inaccurate reports had circulated across various […]

The post Google Confirms That Claims of Major Gmail Security Warning are False appeared first on Cyber Security News.

A sophisticated spear-phishing campaign has emerged targeting senior executives and C-suite personnel across multiple industries, leveraging Microsoft OneDrive as the primary attack vector. The campaign utilizes carefully crafted emails masquerading as internal HR communications about salary amendments to trick high-profile targets into surrendering their corporate credentials. This latest threat represents a concerning escalation in social […]

The post New Phishing Attack Via OneDrive Attacking C-level Employees for Corporate Credentials appeared first on Cyber Security News.

Commercial surveillance vendors have evolved from niche technology suppliers into a sophisticated multi-billion-dollar ecosystem that poses unprecedented threats to journalists, activists, and civil society members worldwide. A comprehensive new report by Sekoia.io’s Threat Detection & Research team reveals how these private companies have industrialized spyware deployment, transforming targeted surveillance from isolated technical components into fully […]

The post New Report on Commercial Spyware Vendors Detailing Their Targets and Infection Chains appeared first on Cyber Security News.

A sophisticated spear-phishing campaign orchestrated by Iranian-aligned operators has been identified targeting diplomatic missions worldwide through a compromised Ministry of Foreign Affairs of Oman mailbox. The attack, discovered in August 2025, represents a continuation of tactics associated with the Homeland Justice group connected to Iran’s Ministry of Intelligence and Security (MOIS). The campaign leveraged social […]

The post Iran-Nexus Hackers Abuses Omani Mailbox to Target Global Governments appeared first on Cyber Security News.