Cyber Security News

CISA has issued an urgent alert about a critical vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF), actively exploited by threat actors to seize administrative control of affected systems. Tracked as CVE-2025-64446, the flaw stems from a relative path traversal issue (CWE-23) that enables unauthenticated attackers to execute arbitrary administrative commands through specially crafted HTTP […]

The post CISA Warns of Fortinet FortiWeb WAF Vulnerability Exploited in the Wild to Gain Admin Access appeared first on Cyber Security News.

In November 2025, a new malware campaign emerged that combines social engineering tricks with advanced stealing tools. The attack starts when criminals trick users into running commands through the Windows Run window, a technique known as ClickFix. Once users follow these instructions, their computers become infected with Amatera Stealer, an advanced piece of malware designed […]

The post EVALUSION Campaign Using ClickFix Technique to deploy Amatera Stealer and NetSupport RAT appeared first on Cyber Security News.

As artificial intelligence infrastructure rapidly expands, critical security flaws threaten the backbone of enterprise AI deployments. Security researchers at Oligo Security have uncovered a series of dangerous Remote Code Execution (RCE) vulnerabilities affecting major AI frameworks from Meta, NVIDIA, Microsoft, and PyTorch projects, including vLLM and SGLang. The vulnerabilities, collectively termed “ShadowMQ,” stem from the […]

The post Critical RCE Vulnerabilities in AI Inference Engines Exposes Meta, Nvidia and Microsoft Frameworks appeared first on Cyber Security News.

A dangerous espionage campaign is targeting senior government and defense officials worldwide. Iranian hackers are using fake conference invitations and meeting requests to trick victims. The attackers spend weeks building trust before striking. They reach out through WhatsApp to make their messages look legitimate. This campaign, known as SpearSpecter, combines patience with powerful malware to […]

The post Iranian SpearSpecter Attacking High-Value Officials Using Personalized Social Engineering Tactics appeared first on Cyber Security News.

A sandbox escape vulnerability affecting iPhones and iPads running iOS 16.2 beta 1 or earlier versions. The proof-of-concept (POC) exploits weaknesses in the itunesstored and bookassetd daemons, enabling attackers to modify sensitive files on the device’s Data partition areas typically protected from unauthorized access. Researcher Kim shared the details in a blog post on October […]

The post New MobileGestalt Exploit for iOS 26.0.1 Enables Unauthorized Writes to Protected Data appeared first on Cyber Security News.

Outlook NotDoor backdoor malware first appeared in threat campaigns identified by Lab52, the intelligence arm of Spanish firm S2 Grupo. Linked to APT28/Fancy Bear, NotDoor leverages malicious Outlook macros for persistent access and data theft. Attackers embed these macro payloads within Outlook’s data files to monitor incoming emails and trigger hidden code on infected systems. […]

The post Researchers Detailed Techniques to Detect Outlook NotDoor Backdoor Malware appeared first on Cyber Security News.

The U.S. Justice Department announced major actions against North Korean cybercrime, including five people admitting guilt and the government taking more than $15 million in property linked to the crimes. These operations reveal how the Democratic People’s Republic of Korea (DPRK) uses fraudulent IT workers and cryptocurrency heists to fund its weapons programs while evading […]

The post North Korean Hackers Infiltrated 136 U.S. Companies to Generate $2.2 Million in Revenue appeared first on Cyber Security News.

A sharp increase in attacks targeting a critical vulnerability in XWiki servers. Multiple threat actors are actively exploiting CVE-2025-24893 to deploy botnets and coin miners, and to establish unauthorized server access across the internet. Since the initial discovery on October 28, 2025, exploitation has expanded dramatically. VulnCheck reported that multiple independent attackers are now actively targeting the […]

The post Hackers Exploiting XWiki Vulnerability in the Wild to Hire the Servers for Botnet appeared first on Cyber Security News.

Samsung has been accused of shipping budget Galaxy A and M series smartphones with pre-installed spyware that users can’t easily remove. The software in question, AppCloud, developed by the mobile analytics firm IronSource, has been embedded in devices sold primarily in the Middle East and North Africa (MENA) region. Security researchers and privacy advocates warn […]

The post Unremovable Spyware on Samsung Devices Comes Pre-installed on Galaxy Series Devices appeared first on Cyber Security News.

Google security researchers recently uncovered a sophisticated criminal operation called “Lighthouse” that has victimized over one million people across more than 120 countries. This phishing-as-a-service platform represents one of the most damaging SMS-based scam networks in recent years, prompting Google to file litigation aimed at dismantling the entire operation. The attack’s scale reveals how well-organized […]

The post Google Sues ‘Lighthouse’ Phishing-as-a-service Kit Behind Massive Phishing Attacks appeared first on Cyber Security News.

A newly documented malware campaign demonstrates how attackers are leveraging Windows LNK shortcuts to deliver the MastaStealer infostealer. The attack begins with spear-phishing emails containing ZIP archives with a single LNK file that executes a multi-stage infection process. When victims click the malicious shortcut, it launches Microsoft Edge while opening the AnyDesk website in the […]

The post MastaStealer Weaponizes Windows LNK Files, Executes PowerShell Command, and Evades Defender appeared first on Cyber Security News.

Microsoft has launched a new security feature in Teams Premium called “Prevent screen capture,” designed to block screenshots and recordings during sensitive meetings, with general availability rolling out worldwide through late November 2025.​ This enhancement addresses growing concerns over data leaks in virtual collaborations, particularly in industries like finance, healthcare, and legal sectors, where confidential […]

The post Microsoft Teams New Premium Feature Blocks Screenshots and Recordings During Meeting appeared first on Cyber Security News.

The notorious Cl0p ransomware group has claimed responsibility for breaching the UK’s National Health Service (NHS), spotlighting vulnerabilities in Oracle’s E-Business Suite (EBS). The announcement, posted on Cl0p’s dark web leak site on November 11, 2026, accuses the NHS of prioritizing profits over patient security, stating, “The company doesn’t care about its customers; it ignored […]

The post NHS Investigating Oracle EBS Hack Following Cl0p Ransomware Group Claim appeared first on Cyber Security News.

GitLab has released urgent security patches addressing multiple vulnerabilities affecting both the Community Edition and the Enterprise Edition. The company released versions 18.5.2, 18.4.4, and 18.3.6 to fix critical security issues that could allow attackers to compromise sensitive information and bypass access controls. The most concerning vulnerability involves prompt injection attacks in GitLab Duo’s review feature. Attackers […]

The post Multiple GitLab Vulnerabilities Let Attackers Inject Malicious Prompts to Steal Sensitive Data appeared first on Cyber Security News.

Elastic Security has disclosed critical vulnerabilities affecting Kibana that could enable attackers to execute Server-Side Request Forgery (SSRF) and Cross-Site Scripting (XSS) attacks against vulnerable deployments. The vulnerabilities stem from inadequate origin validation in the Observability AI Assistant component. The primary vulnerability, tracked as CVE-2025-37734 under Elastic Security Advisory ESA-2025-24, involves an origin validation error in Kibana. […]

The post Multiple Kibana Vulnerabilities Enables SSRF and XSS Attacks appeared first on Cyber Security News.

Microsoft has rolled out enhanced remediation capabilities in Defender for Office 365 (O365), enabling security teams to initiate automated investigations and other actions directly from the Advanced Hunting interface. This feature, launched on November 10, 2025, empowers admins and analysts to respond to email threats more swiftly without requiring policy modifications.​ The new actions Submit […]

The post Microsoft Defender for O365 New Feature Allows Security Teams to Trigger Automated Investigations appeared first on Cyber Security News.

New York, New York, November 13th, 2025, CyberNewsWire BreachLock, a global leader in offensive security, just announced a powerful new integration with Vanta, the leading AI-powered trust management platform, enabling organizations to push security validation evidence directly into compliance workflows with a single click.  This integration bridges the gap between continuous security testing and compliance […]

The post BreachLock and Vanta Bridge the Gap Between Continuous Security Testing and Compliance with New Integration appeared first on Cyber Security News.

Palo Alto Networks has disclosed a critical denial-of-service vulnerability in its PAN-OS firewall software that allows unauthenticated attackers to remotely reboot firewalls by sending specially crafted packets. Tracked as CVE-2025-4619, the vulnerability poses significant risks to organizations relying on Palo Alto firewalls for network security. The flaw, identified as CWE-754 (Improper Check for Unusual or […]

The post Palo Alto PAN-OS Firewall Vulnerability Let Attackers Reboot Firewall by Sending Malicious Packet appeared first on Cyber Security News.

Reports of a possible law enforcement operation against Rhadamanthys Stealer infrastructure have created waves in the cybersecurity community. The information stealer, which has been active in the threat landscape for several months, appears to have suffered a major disruption to its command and control servers. Users of the malware-as-a-service platform have reported difficulties accessing their […]

The post Rhadamanthys Stealer Servers Possibly Seized – Admin Urges to Reinstall Servers appeared first on Cyber Security News.

The English-speaking cybercriminal ecosystem, commonly known as “The COM,” has transformed from a niche community of social media account traders into a sophisticated, organized operation fueling some of the world’s most damaging cyberattacks. What started as simple forums for trading rare social media handles has evolved into a professional, service-driven criminal marketplace targeting multinational corporations, […]

The post English-Speaking Cybercriminal Ecosystem ‘The COM’ Drives a Wide Spectrum of Cyberattacks appeared first on Cyber Security News.