Cyber Security News

In recent weeks, security researchers have observed a surge in attacks exploiting Oracle Database Scheduler’s External Jobs feature to gain a foothold in corporate environments. This technique abuses the scheduler’s ability to execute arbitrary commands on Windows-based database servers, allowing adversaries to bypass perimeter defenses. Initial intrusion vectors involve probing publicly exposed Oracle listener ports […]

The post Threat Actors Leverage Oracle Database Scheduler to Gain Access to Corporate Environments appeared first on Cyber Security News.

A sophisticated Iran-nexus espionage group known as Subtle Snail has emerged as a significant threat to European telecommunications, aerospace, and defense organizations through an elaborate recruitment-themed social engineering campaign. The group, also identified as UNC1549 and linked to the broader Unyielding Wasp network, has successfully compromised 34 distinct devices across 11 organizations since June 2022 […]

The post Subtle Snail Mimic as HR Representatives to Engage Employees and Steal Login Credentials appeared first on Cyber Security News.

A sophisticated new ransomware group has emerged from the shadows, targeting multinational organizations across diverse sectors with precision and systematic approach. Kawa4096, first detected in June 2025, has rapidly established itself as a formidable threat to enterprises spanning finance, education, and service industries, particularly focusing on victims in Japan and the United States. The group’s […]

The post Kawa4096 Ransomware Attacking Multinational Organizations to Exfiltrate Sensitive Data appeared first on Cyber Security News.

Three of the cybersecurity industry’s most prominent vendors, Microsoft, SentinelOne, and Palo Alto Networks, have announced they will not participate in the 2026 MITRE ATT&CK Evaluations. The coordinated withdrawal marks a significant shift in how leading security companies approach independent product validation, with all three citing a strategic reallocation of resources toward internal innovation and customer-focused initiatives. […]

The post Microsoft, SentinelOne, and Palo Alto Networks Withdraw from 2026 MITRE ATT&CK Evaluations appeared first on Cyber Security News.

The cybersecurity landscape faces a growing threat from sophisticated Phishing-as-a-Service (PhaaS) platforms that are democratizing cybercrime by lowering technical barriers for fraudsters worldwide. Among these emerging threats, the Lucid PhaaS platform has established itself as a formidable force in the underground economy, enabling massive-scale phishing operations across multiple continents and industry sectors. Security researchers have […]

The post Lucid PhaaS With 17,500 Phishing Domains Mimics 316 Brands From 74 Countries appeared first on Cyber Security News.

A recent optional update for Windows 11 version 24H2 is causing significant video playback issues for users with certain media applications. Microsoft has confirmed that the update, released in late August, can prevent protected content from playing correctly on Blu-Ray, DVD, and some Digital TV software. The issue stems from the non-security preview update KB5064081, […]

The post Windows 11 24H2 Update KB5064081 Breaks Video Content Playback appeared first on Cyber Security News.

In 2025, organizations demand robust, intelligent solutions to manage, secure, and optimize their growing endpoint fleets. With cyber threats escalating and workforces becoming more distributed, the need for autonomous endpoint management tools has never been greater. These platforms automate device onboarding, software distribution, vulnerability patching, compliance, and more all backed by AI to reduce IT […]

The post Top 10 Best Autonomous Endpoint Management Tools in 2025 appeared first on Cyber Security News.

Automotive giant Stellantis, the parent company of major brands including Citroën, FIAT, Jeep, Chrysler, and Peugeot, has confirmed a data breach affecting its customers in North America. The company announced on Sunday that it detected unauthorized access to the platform of a third-party service provider that supports its customer service operations. Stellantis has not disclosed […]

The post Stellantis, the Maker of Citroën, FIAT, Jeep, and Other Cars, Confirms Data Breach appeared first on Cyber Security News.

Attackers increasingly exploit Microsoft Exchange inbox rules to maintain persistence and exfiltrate data within enterprise environments.  A newly released tool, Inboxfuscation, leverages Unicode-based obfuscation to craft malicious inbox rules that slip past conventional security controls.  Developed by Permiso, the Inboxfuscation framework demonstrates how attackers can weaponize Exchange’s rule engine, creating stealthy persistence mechanisms that evade […]

The post New Inboxfuscation Tool That Bypasses Microsoft Exchange Inbox Rules and Evade Detection appeared first on Cyber Security News.

Google Chrome’s V8 JavaScript engine has been compromised by a critical type confusion zero-day vulnerability, designated CVE-2025-10585, marking the sixth actively exploited Chrome zero-day discovered in 2025.  This high-severity flaw, with an estimated CVSS 3.1 score of 8.8, enables remote code execution through sophisticated memory corruption techniques that bypass Chrome’s sandbox protections. The vulnerability exploits […]

The post Chrome Type Confusion 0-Day Vulnerability Code Analysis Released appeared first on Cyber Security News.

Canada’s law enforcement community has achieved a landmark victory in the fight against illicit finance with the dismantling of TradeOgre, a Tor-based cryptocurrency exchange that facilitated the theft and laundering of over 56 million dollars in digital assets. Emerging in early 2023, TradeOgre operated entirely as a hidden service, leveraging the anonymity of the Tor […]

The post Canada Police Dismantles TradeOgre Platform That Stolen 56 Million Dollars in Cryptocurrency appeared first on Cyber Security News.

A sophisticated spoofing campaign has emerged targeting the Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3). Beginning in mid-September 2025, victims attempting to access IC3’s official portal were redirected to fraudulent domains crafted to mirror the legitimate site. The impersonators employed look-alike URLs—such as “ic3-gov.com” and “ic3gov.org”—and reproduced authentic branding, including the FBI seal […]

The post Threat Actors Impersonate FBI IC3 Website to Steal The Visitors’ Personal Information appeared first on Cyber Security News.

Industrial automation systems have become the latest battleground for sophisticated cybercriminals who are deploying cleverly crafted malicious scripts and phishing pages to compromise ICS computers. Over the first half of 2025, attackers have increasingly shifted to web-based attack vectors, exploiting legacy interfaces, weak authentication, and outdated software in operational technology environments. These threat actors deliver […]

The post Threat Actors Attacking ICS Computers With Malicious Scripts and Phishing Pages appeared first on Cyber Security News.

A previously unseen botnet campaign emerged in late November, using a novel combination of DNS misconfiguration and hijacked networking devices to propel a global malspam operation. Initial reports surfaced when dozens of organizations received what appeared to be legitimate freight invoices, each containing a ZIP archive with a malicious JavaScript payload. Upon execution, the script […]

The post New Botnet Leverages DNS Misconfiguration to Launch Massive Cyber Attack appeared first on Cyber Security News.

A sophisticated attack technique called LNK Stomping has emerged as a critical threat to Windows security, exploiting a fundamental flaw in how the operating system handles shortcut files to bypass security controls.  Designated as CVE-2024-38217 and patched on September 10, 2024, this vulnerability demonstrates how attackers can manipulate Windows shortcuts (LNK files) to circumvent the […]

The post Hackers Bypassing Windows Mark of the Web Files Using LNK Stomping Attack appeared first on Cyber Security News.

A sophisticated cyber-attack campaign exploiting GitHub Pages to distribute the notorious Atomic stealer malware to macOS users.  The threat actors behind this operation are leveraging Search Engine Optimization (SEO) techniques to position malicious repositories at the top of search results across major platforms, including Google and Bing, targeting users searching for legitimate software from technology […]

The post Massive Cyber-Attack Attacking macOS Users via GitHub Pages to Deliver Stealer Malware appeared first on Cyber Security News.

A sophisticated new ransomware operation dubbed BlackLock has emerged as a significant threat to organizations worldwide, demonstrating advanced cross-platform capabilities and targeting diverse computing environments.  Originally operating under the name “El Dorado” since March 2024, the group rebranded to BlackLock in September 2024, establishing itself as a formidable player in the ransomware landscape with victims […]

The post BlackLock Ransomware Attacking Windows, Linux, and VMware ESXi Environments appeared first on Cyber Security News.

This week in cybersecurity, researchers exposed hidden alliances between ransomware groups, the rise of AI-powered phishing platforms, and large-scale vulnerabilities affecting telecom and enterprise systems. Major data breaches at financial services and luxury brands highlighted insider threats and supply chain risks, while arrests of Scattered Spider hackers signaled rare law enforcement wins. From botnets hijacking […]

The post Cybersecurity Newsletter Weekly – Shai Halud Attack, Ivanti Exploits, FinWise, BMW Data Leak, and More appeared first on Cyber Security News.

A new proof-of-concept tool named EDR-Freeze has been developed, capable of placing Endpoint Detection and Response (EDR) and antivirus solutions into a suspended “coma” state. According to Zero Salarium, the technique leverages a built-in Windows function, offering a stealthier alternative to the increasingly popular Bring Your Own Vulnerable Driver (BYOVD) attacks used by threat actors […]

The post New EDR-Freeze Tool That Puts EDRs and Antivirus Into A Coma State appeared first on Cyber Security News.

A major cyberattack on a popular aviation software provider has caused significant disruptions at key European airports, including London’s Heathrow, Brussels, and Berlin, resulting in hundreds of flight delays and cancellations on Saturday. The attack disabled electronic check-in and baggage drop systems, forcing airport staff to revert to manual processing and leaving thousands of passengers […]

The post Heathrow and Other European Airports Hit by Cyberattack, Several Flights Delayed appeared first on Cyber Security News.