Cyber Security News

An active in-the-wild exploitation of a zero-day vulnerability in Gladinet CentreStack and Triofox products. Tracked as CVE-2025-11371, the unauthenticated Local File Inclusion (LFI) flaw allows attackers to achieve remote code execution (RCE) on affected systems. The vulnerability is currently unpatched, but a mitigation has been provided. Organizations using the affected software are strongly urged to […]

The post Gladinet CentreStack And Triofox 0-Day RCE Vulnerability Actively Exploited In Attacks appeared first on Cyber Security News.

The cybersecurity landscape faces a new and significant threat as the notorious CL0P ransomware group has launched a large-scale extortion campaign targeting Oracle E-Business Suite (EBS) environments. Starting September 29, 2025, security researchers began tracking a sophisticated operation where threat actors claimed affiliation with the CL0P extortion brand and initiated a high-volume email campaign targeting […]

The post Google Warns of CL0P Ransomware Group Actively Exploiting Oracle E-Business Suite Zero-Day appeared first on Cyber Security News.

International law enforcement agencies have seized the latest clearnet domain of the notorious cybercrime marketplace, BreachForums. The domain, breachforums[.]hn, now displays a seizure notice from the U.S. Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI), alongside French authorities, including the Brigade de Lutte Contre la Cybercriminalité (BL2C) and the Parquet de Paris […]

The post Authorities Seize BreachForums New Clearnet Cybercrime Marketplace Domain appeared first on Cyber Security News.

Two high-severity vulnerabilities have been discovered in the popular open-source file archiver, 7-Zip, which could allow remote attackers to execute arbitrary code. Identified as CVE-2025-11001 and CVE-2025-11002, the flaws affect all versions of the software prior to the latest release and require immediate patching. Flaw in Symbolic Link Processing The core of both vulnerabilities lies […]

The post 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code Remotely appeared first on Cyber Security News.

Microsoft users are facing a novel quishing campaign that leverages weaponized QR codes embedded in malicious emails. Emerging in early October 2025, this attack exploits trust in QR-based authentication and device pairing workflows, tricking targets into scanning codes that deliver infostealer binaries. Initial reports surfaced when Gen Threat Labs analysts noted anomalous QR attachments spoofing […]

The post New Quishing Attack With Weaponized QR Code Targeting Microsoft Users appeared first on Cyber Security News.

Over the past two months, threat actors have weaponized a critical authentication bypass flaw in the Service Finder Bookings WordPress plugin, enabling them to hijack any account on compromised sites. First disclosed on July 31, 2025, the vulnerability emerged after a bug bounty submission revealed that the plugin’s servicefinderswitchback function failed to validate a user-switch […]

The post Hackers Actively Exploiting WordPress Plugin Vulnerability to Gain Admin Access appeared first on Cyber Security News.

A sophisticated phishing campaign has emerged targeting job seekers through legitimate Zoom document-sharing features, demonstrating how cybercriminals exploit trusted platforms to harvest Gmail credentials. The attack leverages social engineering tactics by impersonating HR departments and using authentic Zoom notifications to bypass user suspicion and traditional security measures. The campaign begins with victims receiving legitimate-looking emails […]

The post Threat Actors Mimic as HR Departments to Steal Your Gmail Login Credentials appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated evolution of the ClickFix attack methodology, where threat actors are leveraging cache smuggling techniques to avoid traditional file download detection mechanisms. This innovative campaign targets enterprise networks by masquerading as a Fortinet VPN compliance checking tool, specifically exploiting the trust organizations place in their remote access infrastructure. The malicious […]

The post Hackers Upgraded ClickFix Attack With Cache Smuggling to Secretly Download Malicious Files appeared first on Cyber Security News.

A recently discovered Python-based remote access trojan (RAT) exhibits unprecedented polymorphic behavior, altering its code signature each time it runs. First observed on VirusTotal, the sample, dubbed nirorat.py, initially scored only 26/100 on detection engines, despite containing a full suite of RAT capabilities. Analysts believe the malware leverages Python’s introspection and code-modification features to evade […]

The post New Polymorphic Python Malware Repeatedly Mutate its Appearance at Every Execution Time appeared first on Cyber Security News.

The ransomware landscape witnessed unprecedented upheaval in Q3 2025 as cyberthreat actors ushered in a new era of aggression and sophistication. The quarter marked a pivotal moment with the emergence of Scattered Spider’s inaugural ransomware-as-a-service offering, ShinySp1d3r RaaS, representing the first major English-led ransomware operation to challenge traditional Russian-speaking dominance in the ecosystem. Simultaneously, the […]

The post Data-Leak Sites Hit an All-Time High With New Scattered Spider RaaS and LockBit 5.0 appeared first on Cyber Security News.

In recent weeks, security teams worldwide have grappled with a new ransomware strain that has shattered expectations for speed and sophistication. First detected in late September 2025, this variant encrypts critical data within seconds of execution, leaving little time for intervention. Organizations across manufacturing, healthcare, and finance sectors have reported system-wide outages as attackers deploy […]

The post Chaos Emerges as Faster, Smarter, and More Dangerous Ransomware appeared first on Cyber Security News.

Palo Alto, California, October 9th, 2025, CyberNewsWire As AI Browsers rapidly gain adoption across enterprises, SquareX has released critical security research exposing major vulnerabilities that could allow attackers to exploit AI Browsers to exfiltrate sensitive data, distribute malware and gain unauthorized access to enterprise SaaS apps. The timing of this disclosure is particularly significant as […]

The post SquareX Shows AI Browsers Fall Prey to OAuth Attacks, Malware Downloads and Malicious Link Distribution appeared first on Cyber Security News.

A threat actor has allegedly breached KFC Venezuela, offering a database containing the personal and order information of over one million customers for sale on a dark web forum. The data, advertised on October 8, 2025, includes a vast amount of sensitive customer details, posing a significant risk of fraud and identity theft to those […]

The post KFC Venezuela Alleged Data Breach – 1 Million Customer Records Exposed appeared first on Cyber Security News.

Newark, United States, October 9th, 2025, CyberNewsWire Lightship Security, an Applus+ Laboratories company and accredited cryptographic security test laboratory, and the OpenSSL Corporation, the co-maintainer of the OpenSSL Library, announce the submission of OpenSSL version 3.5.4 to the Cryptographic Module Validation Program (CMVP) for FIPS 140-3 validation. This submission confirms that the code is complete […]

The post Lightship Security and the OpenSSL Corporation Submit OpenSSL 3.5.4 for FIPS 140-3 Validation appeared first on Cyber Security News.

Security researchers at Cisco Talos have confirmed that ransomware operators are actively exploiting Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in their attacks. This marks the first definitive link between a legitimate security tool and a ransomware incident. The campaign, which deployed three separate ransomware strains, is attributed with moderate confidence to […]

The post Hackers Exploit DFIR Tool ‘Velociraptor’ in Ransomware Attacks appeared first on Cyber Security News.

The cybersecurity community has witnessed the rapid emergence of a novel phishing toolkit that automates the creation of “ClickFix” attack pages, enabling threat actors with minimal technical expertise to deploy sophisticated social engineering lures. Dubbed the IUAM ClickFix Generator, this phishing kit consolidates all necessary configuration options—page title, domain, verification prompts and clipboard instructions—into a […]

The post New Phishing Kit Automates Generation of ClickFix Attack Bypassing Security Measures appeared first on Cyber Security News.

SonicWall has confirmed that an unauthorized party accessed and stole the entire repository of customer firewall configuration backup files from its cloud service. The confirmation comes after the completion of an investigation with the cybersecurity firm Mandiant, which determined that all customers who used the cloud backup feature are affected by the breach. The investigation […]

The post SonicWall Confirms That Hackers Stole All Customers Firewall Configuration Backup Files appeared first on Cyber Security News.

In recent weeks, a sophisticated malware campaign has emerged that leverages conversational chatbots as covert entry points into enterprise systems. Initially observed in mid-September 2025, the threat actors targeted organizations running customer-facing chat applications built on large language models. By exploiting weaknesses in natural language processing and indirect data ingestion, attackers were able to pivot […]

The post AI Chatbot Leveraged as a Critical Backdoor to Access Sensitive Data and Infrastructure appeared first on Cyber Security News.

Microsoft Azure, one of the world’s leading cloud computing platforms, experienced a significant service outage on Thursday, October 9, 2025, leaving customers across Europe and Africa unable to access their services. The disruption began at approximately 07:40 UTC, with the core issue identified as a major capacity loss within Azure Front Door (AFD), Microsoft’s cloud-native […]

The post Microsoft Azure Faces Global Outage Affecting Services Worldwide appeared first on Cyber Security News.

The cybersecurity landscape has been shaken by the emergence of Trinity of Chaos, a sophisticated ransomware collective that has launched a data leak site containing sensitive information from 39 major corporations. This formidable alliance, presumably comprising members from the notorious Lapsus$, Scattered Spider, and ShinyHunters groups, represents a significant evolution in cybercriminal organization and operational […]

The post New Hacker Alliance Trinity of Chaos Leaked 39 Companies Data Including Google, CISCO and Others appeared first on Cyber Security News.