Cyber Security News

A security patch addressing a critical privilege escalation vulnerability that allows unauthorized users to gain administrative access to the data streaming platform. The flaw, tracked as CVE-2025-47411 and rated important, affects Apache StreamPipes versions 0.69.0 through 0.97.0. The vulnerability stems from a flawed user ID creation mechanism that permits legitimate non-administrator account holders to exploit […]

The post Critical Apache StreamPipes Vulnerability Let Attackers Seize Admin Control appeared first on Cyber Security News.

The Adaptix Framework team has announced a significant update to AdaptixC2, an open-source post-exploitation and adversarial emulation platform designed for penetration testers. The latest version introduces significant improvements to network tunneling, the user interface, and overall system performance. One of the most notable upgrades focuses on network tunnel capabilities. The SOCKS4 and SOCKS5 protocols have been […]

The post Open-Source C2 Platform AdaptixC2 Released With Enhanced Stability, Performance, and Speed appeared first on Cyber Security News.

A large-scale web skimming operation has emerged across the internet, targeting online shoppers and account holders with unprecedented scope. Security researchers have identified an over 50-script global campaign that intercepts sensitive information during checkout and account creation processes. The attack demonstrates a significant evolution in how cybercriminals target e-commerce platforms, moving beyond simple credit card […]

The post Massive Magecart with 50+ Malicious Scripts Hijacking Checkout and Account Creation Flows appeared first on Cyber Security News.

The cybercriminal threat actor known as Crypt4You has recently emerged on underground forums and dark web marketplaces, advertising a sophisticated tool named VOID KILLER. This malicious software operates as a kernel-level antivirus and endpoint detection response (EDR) process killer, designed to evade and neutralize security defenses. The tool is being marketed as an alternative to […]

The post Hackers Advertised VOID ‘AV Killer’ with Kernel-level Termination Claims appeared first on Cyber Security News.

The cybersecurity landscape has reached a critical turning point as artificial intelligence moves from theoretical threat to operational reality. In their H2 2025 Threat Report, ESET researchers have documented a disturbing shift in how attackers operate, revealing that AI-powered malware is no longer a distant concern but an active threat targeting systems worldwide. The emergence […]

The post ESET Warns AI-driven Malware Attack and Rapidly Growing Ransomware Economy appeared first on Cyber Security News.

Israel’s National Cyber Directorate recently issued an urgent alert about a targeted spear-phishing attack aimed at people working in security and defense-related areas. The campaign uses WhatsApp messages that pretend to come from trusted organizations, inviting targets to professional conferences. These messages contain shortened URLs that lead victims to fake websites designed to steal personal […]

The post New Spear-Phishing Attack Targeting Security Individuals in Israel Region appeared first on Cyber Security News.

The European Space Agency (ESA) has confirmed a cybersecurity breach affecting a limited number of external servers, marking a rare public admission of vulnerability in the continent’s premier space organization. In an official statement released Tuesday, ESA disclosed: “ESA is aware of a recent cybersecurity issue involving servers located outside the ESA corporate network. We […]

The post European Space Agency Confirms Breach of Servers Outside the Corporate Network appeared first on Cyber Security News.

A new malware campaign has successfully infiltrated Maven Central, one of the most trusted repositories for Java developers, by masquerading as a legitimate Jackson JSON library extension. The malicious package, published under the org.fasterxml.jackson.core/jackson-databind namespace, represents one of the first instances of sophisticated malware discovered on Maven Central through a typosquatting attack. This attack takes […]

The post Hackers Infiltrated Maven Central Masquerading as a Legitimate Jackson JSON Library appeared first on Cyber Security News.

A Chinese-linked threat group tied to the HoneyMyte, also known as Mustang Panda or Bronze President, is using a new kernel rootkit to hide its ToneShell backdoor. The campaign has hit government networks across Southeast and East Asia, with the heaviest impact in Myanmar and Thailand. The goal is long-term spying, not quick money theft. […]

The post Chinese Hackers Use Rootkit to Hide ToneShell Malware Activity appeared first on Cyber Security News.

SmarterTools has issued an urgent security advisory addressing a critical vulnerability in SmarterMail that could allow attackers to execute remote code on mail servers. The flaw, tracked as CVE-2025-52691, poses a severe threat to organizations using the affected versions. The vulnerability has been assigned a CVSS score of 10.0, the highest possible severity rating. This […]

The post Critical Vulnerability in SmarterMail Let Attackers Execute Remote Code appeared first on Cyber Security News.

CISA has added a critical MongoDB Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively exploited in cyberattacks. CVE-2025-14847 affects MongoDB Server and allows unauthenticated attackers to read uninitialized heap memory due to an inconsistency in the handling of the length parameter in Zlib-compressed protocol headers. Attribute Details […]

The post CISA Warns of MongoDB Server Vulnerability(CVE-2025-14847) Exploited in Attacks appeared first on Cyber Security News.

A critical vulnerability in MongoDB Server is putting tens of thousands of databases worldwide at risk. Dubbed MongoBleed and tracked as CVE-2025-14847, this high-severity flaw allows unauthenticated attackers to remotely extract sensitive data from server memory without credentials. The Shadow Server Foundation disclosed updated findings showing 74,854 potentially unpatched MongoDB versions among 78,725 exposed instances detected today. Public exploit code […]

The post 70,000+ MongoDB Servers Vulnerable to MongoBleed Exploit – PoC Released appeared first on Cyber Security News.

A critical zero-day vulnerability has been discovered in XSpeeder’s SXZOS firmware, affecting tens of thousands of SD-WAN appliances, edge routers, and smart TV controllers deployed globally. The vulnerability, designated PWN-25-01, enables unauthenticated remote code execution (RCE) with root-level privileges through a single HTTP GET request. XSpeeder, a Chinese networking vendor specializing in edge infrastructure, manufactures […]

The post Critical 0-Day RCE Vulnerability in Networking Devices Exposes 70,000+ Hosts appeared first on Cyber Security News.

Microsoft’s newly unveiled “Connected Agents” feature in Copilot Studio, announced at Build 2025, is creating a significant security vulnerability. Attackers are already exploiting to gain unauthorized backdoor access to critical business systems. Connected Agents enables AI-to-AI integration, allowing agents to share functionality and reuse logic across environments. While designed for efficiency, similar to wrapping repeated […]

The post Hackers Exploit Copilot Studio’s New Connected Agents Feature to Gain Backdoor Access appeared first on Cyber Security News.

A major supply chain attack targeting EmEditor, a widely used text editor software, has exposed millions of users to sophisticated infostealer malware. Between December 19 and December 22, 2025, the official EmEditor website fell victim to unauthorized modification, serving compromised installer files to unsuspecting users during a critical four-day window. The company confirmed that users […]

The post EmEditor Editor Website Hacked to Deliver Infostealer Malware in Supply Chain Attack appeared first on Cyber Security News.

Chinese threat actors operating under the name Silver Fox are targeting Indian organizations through sophisticated phishing campaigns that impersonate legitimate income tax documents. The attack campaign uses authentic-looking Income Tax Department emails to trick users into downloading a malicious executable disguised as a tax-related file. Once clicked, victims are redirected to a command-and-control server, which […]

The post Silver Fox Hackers Attacking Indian Entities with Income Tax Phishing Lures appeared first on Cyber Security News.

A Spanish-speaking phishing operation targeting Microsoft Outlook users has been active since March 2025, using a sophisticated kit that shows clear indicators of AI-assisted development. The campaign, tracked through a unique signature of four mushroom emojis embedded in the string “OUTL,” has been observed in over 75 distinct deployments. The operation captures email credentials along […]

The post New Phishing Kit with AI-assisted Development Attacking Microsoft Users to Steal Logins appeared first on Cyber Security News.

Public reports about cyberattacks often present a polished picture—threat actors working methodically through a well-planned playbook with every action perfectly executed. This perception leads many to believe that modern attackers operate with machine-like precision, seamlessly moving from one objective to another without facing obstacles. However, this narrative masks a much different reality that becomes clear […]

The post Windows Event Logs Reveal the Messy Reality Behind ‘Sophisticated’ Cyberattacks appeared first on Cyber Security News.

A coordinated exploitation campaign that generated more than 2.5 million malicious requests against Adobe ColdFusion servers and 47+ other technology platforms during the Christmas 2025 holiday period. The operation was attributed to a single threat actor operating from Japan-based infrastructure. This indicates an advanced scanning effort by attackers seeking both legacy and new vulnerabilities dating […]

The post 2.5 Million+ Malicious Request From Hackers Attacking Adobe ColdFusion Servers appeared first on Cyber Security News.

Security researchers have disclosed critical vulnerabilities affecting widely used Bluetooth headphones and earbuds that could allow attackers to eavesdrop on conversations, steal sensitive data, and even hijack connected smartphones. The flaws, identified as CVE-2025-20700, CVE-2025-20701, and CVE-2025-20702, impact devices powered by Airoha Bluetooth System-on-Chips (SoCs), which are used by major manufacturers including Sony, Bose, JBL, […]

The post New Vulnerabilities in Bluetooth Headphones Let Hackers Hijack Connected Smartphone appeared first on Cyber Security News.