Cyber Security News

CISA has issued an emergency advisory directing all Federal Civilian Executive Branch agencies to mitigate a newly disclosed Microsoft Exchange urgently hybrid-joined vulnerability, tracked as CVE-2025-53786, by 9:00 AM EDT on Monday, August 11, 2025. The flaw enables attackers who have already gained administrative access to an on‑premises Exchange server to laterally move into connected […]

The post CISA Releases Emergency Advisory Urges Feds to Patch Exchange Server Vulnerability by Monday appeared first on Cyber Security News.

A new and custom firmware for the popular Flipper Zero multi-tool device is reportedly capable of bypassing the rolling code security systems used in most modern vehicles, potentially putting millions of cars at risk of theft. Demonstrations by the YouTube channel “Talking Sasquach” reveal that the firmware, said to be circulating on the dark web, […]

The post Flipper Zero ‘DarkWeb’ Firmware Bypasses Rolling Code Security on Major Vehicle Brands appeared first on Cyber Security News.

Cybercriminals have begun exploiting Scalable Vector Graphics (SVG) files as sophisticated attack vectors, transforming seemingly harmless image files into potent phishing weapons capable of executing malicious JavaScript on Windows systems. This emerging threat leverages the XML-based structure of SVG files to embed and execute malicious scripts when opened in default web browsers, bypassing traditional security […]

The post Hackers Weaponizing SVG Files With Malicious Embedded JavaScript to Execute Malware on Windows Systems appeared first on Cyber Security News.

A sophisticated cybercriminal operation that targeted American tax preparation businesses through spearphishing campaigns has culminated in the extradition of Nigerian national Chukwuemeka Victor Amachukwu from France to face federal charges in New York. The 39-year-old defendant, operating under multiple aliases including “Chukwuemeka Victor Eletuo” and “So Kwan Leung,” orchestrated a multi-year scheme beginning in 2019 […]

The post Hacker Extradited to US for Stealing Over $2.5 Million in Tax Fraud Attacks appeared first on Cyber Security News.

People don’t want to guess when they buy something – especially something complex or customizable. They want to feel like they’re making the right choice. But with many ecommerce stores, it’s easy to feel lost: too many options, confusing specs, unclear steps. That’s where guided selling makes a difference – and when it’s combined with […]

The post Guided Selling in 3D Product Configurators appeared first on Cyber Security News.

Two malicious npm packages have emerged as sophisticated weapons targeting WhatsApp developers through a remote-controlled destruction mechanism that can completely wipe development systems. The packages, identified as naya-flore and nvlore-hsc, masquerade as legitimate WhatsApp socket libraries while harboring a devastating kill switch capable of executing system-wide file deletion through a single command. Published by npm […]

The post WhatsApp Developers Under Attack From Weaponized npm Packages with Remote Kill Switch appeared first on Cyber Security News.

Cybersecurity firm SonicWall has officially addressed recent concerns about a potential new zero-day vulnerability in its Secure Sockets Layer Virtual Private Network (SSLVPN) products. In a statement to Cybersecurity News, the company confirmed that recent ransomware attacks are not the result of a new flaw, but are instead linked to a previously identified and patched […]

The post SonicWall Confirms No New SSLVPN 0-Day – Ransomware Attack Linked to Old Vulnerability appeared first on Cyber Security News.

The North Korean state-sponsored Advanced Persistent Threat (APT) group ScarCruft has launched a sophisticated new malware campaign targeting South Korean users through a deceptive postal-code update notice. This latest attack represents a significant evolution in the group’s operational capabilities, marking the first observed deployment of ransomware alongside their traditional espionage tools. The campaign showcases ScarCruft’s […]

The post ScarCruft Hacker Group Launched a New Malware Attack Using Rust and PubNub appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated spear phishing campaign that weaponizes Microsoft 365’s Direct Send feature to bypass traditional email security defenses and conduct hyper-personalized credential theft attacks. The campaign demonstrates an alarming evolution in attack sophistication, combining technical exploitation of legitimate Microsoft services with advanced social engineering techniques designed to disarm even experienced security […]

The post Microsoft 365 Direct Send Weaponized to Bypass Email Security Defenses appeared first on Cyber Security News.

A sophisticated new attack technique called “Ghost Calls” exploits web conferencing platforms to establish covert command and control (C2) channels.  Presented by Adam Crosser from Praetorian at Black Hat USA 2025, this groundbreaking research demonstrates how attackers can leverage the TURN protocol and legitimate conferencing infrastructure to bypass network security measures. Key Takeaways1. TURNt tool […]

The post New Ghost Calls Attack Abuses Web Conferencing for Covert Command & Control appeared first on Cyber Security News.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an urgent analysis in early July 2025, detailing a sophisticated exploit chain targeting on-premises Microsoft SharePoint servers. Dubbed “ToolShell,” the campaign leverages two fresh vulnerabilities—CVE-2025-49706, a network spoofing flaw, and CVE-2025-49704, a remote code execution weakness—to gain unauthorized access and install stealthy webshells. Initial compromise begins […]

The post CISA Warns of ‘ToolShell’ Exploits Chain Attacks SharePoint Servers – Discloses IOCs and detection signatures appeared first on Cyber Security News.

WhatsApp has successfully dismantled 6.8 million accounts linked to fraudulent activities during the first half of 2024, representing a significant escalation in the platform’s fight against organized cybercrime.  The takedown operation, announced by parent company Meta, specifically targeted scam centers operating across Southeast Asia that frequently exploit forced labor to execute sophisticated fraud schemes targeting […]

The post WhatsApp Has Taken Down 6.8 Million Accounts Linked to Malicious Activities appeared first on Cyber Security News.

During the 12-day conflict between Israel and Iran in June 2025, a sophisticated network of Iranian-linked cyber threat actors launched coordinated digital operations against critical infrastructure sectors worldwide. The campaign demonstrated unprecedented coordination between military operations and state-sponsored cyberattacks, targeting financial institutions, government agencies, and media organizations across multiple countries. The cyber offensive involved a […]

The post IRGC Hacker Groups Attacking Targeted Financial, Government, and Media Organizations appeared first on Cyber Security News.

In a sophisticated campaign first observed in October 2024, attackers have begun leveraging a legitimate driver to disable antivirus software across compromised networks. By abusing the ThrottleStop.sys driver—originally designed by TechPowerUp to manage CPU throttling—the malware gains kernel‐level memory access to terminate security processes at will. Initial access is most often achieved through stolen RDP […]

The post Hackers Use Legitimate Drivers to Kill Antivirus Processes and Lower The System’s Defenses appeared first on Cyber Security News.

Sophisticated attack vectors unveiled that exploit hybrid Active Directory and Microsoft Entra ID environments, demonstrating how attackers can achieve complete tenant compromise through previously unknown lateral movement techniques. These methods, presented at Black Hat USA 2025, expose critical vulnerabilities in Microsoft’s authentication infrastructure that allow unauthorized access to Exchange Online, SharePoint, and Entra ID without […]

The post New Active Directory Lateral Movement Techniques that Bypasses Authentication and Exfiltrate Data appeared first on Cyber Security News.

Data Loss Prevention (DLP) software is a critical cybersecurity solution designed to protect sensitive data from leaving an organization’s network. In an era where data is a company’s most valuable asset, and regulatory penalties for data breaches are severe, DLP is no longer just a luxury but a necessity. It provides a comprehensive defense by […]

The post 10 Best Data Loss Prevention Software in 2025 appeared first on Cyber Security News.

Cybersecurity teams have confronted a rising threat from a novel “EDR killer” payload in recent months, commonly referred to as AVKiller, which has been observed disabling endpoint defenses to facilitate the deployment of ransomware. First detected in mid-2024, this tool leverages the HeartCrypt packer-as-a-service to obscure its true functionality and slip past traditional static signature […]

The post HeartCrypt-Packed EDR Killer Tools ‘AVKiller’ Actively Used in Ransomware Attacks appeared first on Cyber Security News.

Nvidia Corporation has issued a strong statement asserting that its graphics processing units (GPUs) contain no backdoors, kill switches, or spyware, directly addressing growing concerns from policymakers about potential hardware-based control mechanisms.  The semiconductor giant’s declaration comes as some industry observers and government officials propose requiring mandatory remote disable capabilities in critical computing infrastructure, a […]

The post Nvidia Says No Backdoors, No Kill Switches, and No Spyware in its Chips appeared first on Cyber Security News.

Two sophisticated ransomware operations have emerged as significant threats to managed service providers (MSPs) and small businesses, with the Akira and Lynx groups deploying advanced attack techniques that combine stolen credentials with vulnerability exploitation. These ransomware-as-a-service (RaaS) operations have collectively compromised over 365 organizations, demonstrating their effectiveness in targeting high-value infrastructure providers that serve multiple […]

The post Akira and Lynx Ransomware Attacking Managed Service Providers With Stolen Login Credential and Vulnerabilities appeared first on Cyber Security News.

Cybersecurity researchers have observed a new social engineering campaign attributed to North Korea’s Lazarus Group in recent weeks that leverages fake camera and microphone errors to force targets into running malicious scripts. Victims, primarily in the finance and technology sectors, report receiving invitations to remote job interviews or technical assessments that abruptly stall, displaying messages […]

The post Lazarus Hackers Trick Users To Believe Their Camera or Microphone is Blocked to Deliver PyLangGhost RAT appeared first on Cyber Security News.