Cyber Security News

Researchers uncovered critical zero-day vulnerabilities in Fluent Bit, a ubiquitous logging utility embedded in cloud infrastructure across major providers like AWS, Google Cloud, and Microsoft Azure.  The flaws tracked as CVE-2024-50608 and CVE-2024-50609 (CVSS 8.9), exploit null pointer dereference weaknesses in Fluent Bit’s Prometheus Remote Write and OpenTelemetry plugins.  With over 15 billion downloads and […]

The post Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks appeared first on Cyber Security News.

Ubiquiti Networks has issued an urgent security advisory addressing five critical vulnerabilities in its UniFi Protect camera ecosystem, including two flaws enabling unauthenticated remote code execution (RCE) attacks.  The vulnerabilities, discovered during the 2025 Pwn2Own Toronto hacking competition and disclosed through Trend Micro’s Zero Day Initiative (ZDI), affect both camera firmware and the management application, […]

The post UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks appeared first on Cyber Security News.

Attackers infiltrated Bybit Exchange’s Ethereum cold wallet infrastructure to steal $1.46 billion in digital assets through sophisticated interface manipulation and social engineering tactics. The incident represents the largest theft from a centralized crypto exchange since Mt. Gox’s 2014 collapse, exposing critical vulnerabilities in institutional-grade multisignature (multisig) systems previously considered impenetrable. Security firm TRM Labs attributes […]

The post Record Breaking Crypto Hack – Attackers Stolen $1.46 Billion From Bybit Exchange appeared first on Cyber Security News.

Ransomware is essential to stay vigilant and protect your devices and systems by keeping software up to date, using anti-virus software, avoiding opening attachments or links from unknown sources, and regularly backing up important data. Ransomware is malware that encrypts a victim’s files and demands a ransom payment in exchange for the decryption key.  The […]

The post Top 10 Best Ransomware Protection Tools – 2025 appeared first on Cyber Security News.

Email is one of the most widely used forms of online communication. It is sent and received through a client program, such as Microsoft Outlook, Gmail, or a web-based interface.  Email is a popular communication technique, but it may not always be secure. Interception, reading, and modification are possible during transmission, especially since many email […]

The post 10 Best Email Security Gateways In 2025 appeared first on Cyber Security News.

Penetration testing, or “pentesting,” is a cybersecurity practice where ethical hackers simulate cyberattacks to identify vulnerabilities in systems, networks, or applications. It helps organizations uncover weaknesses before malicious actors exploit them, enhancing their security posture. Penetration testing includes various types such as network, web application, wireless, social engineering, and cloud testing. Depending on the tester’s […]

The post 50 World’s Best Penetration Testing Companies – 2025 appeared first on Cyber Security News.

A new AI-powered chatbot, BlackBastaGPT, trained on over 1 million leaked internal messages from the Black Basta ransomware gang. Hudson Rock released the tool just days after the unprecedented data breach. It enables researchers to dissect the group’s operations, financial strategies, and evolving attack methodologies through natural language queries. This innovation follows the February 11, […]

The post BlackBastaGPT – A ChatGPT Powered Tool to Uncover Ransomware Group Tactics appeared first on Cyber Security News.

Cisco Talos has uncovered a sophisticated cyberespionage campaign by the state-aligned “Salt Typhoon” group targeting U.S. telecommunications infrastructure since late 2024. While credential theft remains their primary entry method, researchers confirmed exploitation of Cisco’s CVE-2018-0171 Smart Install Remote Code Execution vulnerability in at least one breach. The attackers maintained persistent access for over three years […]

The post Salt Typhoon Hackers Exploit Cisco Vulnerability To Gain Access To U.S. Telecom Networks appeared first on Cyber Security News.

A critical security flaw in Sitevision CMS versions 10.3.1 and older has exposed SAML authentication signing keys, enabling potential authentication bypass and session hijacking. The vulnerability, tracked as CVE-2022-35202, stems from weak auto-generated passwords protecting Java keystores, which could be extracted and brute-forced to compromise private keys. Sitevision, a widely adopted content management system in […]

The post Auto-Generated Password Vulnerability In Sitevision Leaks Signing Key appeared first on Cyber Security News.

Chinese cybersecurity authorities have alleged that the U.S. National Security Agency (NSA) breached Northwestern Polytechnical University (NPU), a leading institution in aerospace and defense research, in a multi-year cyber espionage campaign. According to joint reports published on February 18, 2025, by China’s National Computer Virus Emergency Response Center (CVERC) and cybersecurity firm Qihoo 360, the […]

The post China Claim That NSA Allegedly Hacked Northwestern Polytechnical University appeared first on Cyber Security News.

A newly identified malware variant dubbed ACRStealer has been observed leveraging Google Docs as a command-and-control (C2) server to bypass traditional security defenses and harvest sensitive login credentials. This sophisticated attack vector exploits the trusted reputation of Google’s infrastructure to evade detection, marking a significant escalation in credential-theft campaigns. Cybersecurity firm ThreatSec disclosed the campaign […]

The post ACRStealer Malware Exploiting Google Docs as C2 To Steal Login Credentials appeared first on Cyber Security News.

The darcula phishing group has escalated cybercrime capabilities with its newly unveiled “darcula-suite 3.0,” a phishing-as-a-service (PhaaS) platform enabling criminals to automatically generate counterfeit websites for any brand within minutes. This tool represents a paradigm shift in cybercrime efficiency, leveraging headless browser automation and cloud infrastructure to democratize large-scale phishing operations. Since March 2024, security […]

The post Darcula 3.0 Tool Automatically Generates Phishing Kit For Any Brand appeared first on Cyber Security News.

Google’s Project Zero and Mandiant cybersecurity teams have jointly published a proof-of-concept (PoC) exploit for a high-severity command injection vulnerability in Palo Alto Networks’ PAN-OS OpenConfig plugin. Tracked as CVE-2025-0110, the flaw allows authenticated administrators to execute arbitrary commands on firewalls via manipulated gNMI requests, escalating privileges to root access. The disclosure follows Palo Alto […]

The post Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability appeared first on Cyber Security News.

RedTeamPentesting has unveiled a new tool, keycred, which offers a robust solution for managing KeyCredentialLinks in Active Directory (AD) environments. This command-line interface (CLI) tool and library implements the KeyCredentialLink structures as defined in section 2.2.20 of the Microsoft Active Directory Technical Specification (MS-ADTS). It also allows for practical deviations from the specification, making it […]

The post New Active Directory Pentesting Tool For KeyCredentialLink Management appeared first on Cyber Security News.

A GitHub repository titled Windows-WiFi-Password-Stealer has surfaced, raising concerns among cybersecurity professionals.  This repository, hosted by the user, provides a Python-based script capable of extracting saved WiFi credentials from Windows systems and saving them to a text file.  While the repository claims to be for educational purposes, its potential misuse as a malicious tool cannot […]

The post Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub appeared first on Cyber Security News.

A cluster of four critical vulnerabilities in Ivanti Endpoint Manager (EPM) has entered a dangerous new phase with the public release of proof-of-concept (PoC) exploit code, escalating risks for organizations using the enterprise device management platform. Discovered by researchers in October 2024 and patched by Ivanti in January 2025, these vulnerabilities (CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, CVE-2024-13159) […]

The post Ivanti Endpoint Manager Vulnerabilities Proof-of-Concept (PoC) Exploit Released appeared first on Cyber Security News.

European healthcare organizations are facing a sophisticated cyber threat from a newly identified ransomware strain called NailaoLocker, deployed as part of a campaign tracked as Green Nailao by Orange Cyberdefense CERT. The attacks, first detected between June and October 2024, exploit vulnerabilities in Check Point VPN appliances and leverage advanced backdoors like ShadowPad and PlugX […]

The post New NailaoLocker Ransomware Attacking European Healthcare appeared first on Cyber Security News.

A new malware campaign attributed to North Korean threat actors has been identified, targeting individuals through fake job interview processes. Dubbed “Contagious Interview,” this operation delivers malicious Swift applications disguised as legitimate software updates, including a recently discovered “DriverEasy.app” masquerading as a Google Chrome security component. The malware leverages social engineering to steal user credentials, […]

The post Beware of North Korean Job Interview Process Delivers Malware Via Fake Chrome Update appeared first on Cyber Security News.

A sophisticated cyber espionage campaign linked to Chinese state-aligned threat actors has targeted organizations across 15 countries using an updated variant of the Shadowpad malware to deploy previously undocumented ransomware. The attacks, analyzed by Trend Micro’s incident response team, exploit weak passwords and multi-factor authentication (MFA) bypass techniques to infiltrate Check Point firewall VPNs. Over […]

The post Chinese Hackers Exploiting Check Point Firewall Vulnerability To Deploy Ransomware appeared first on Cyber Security News.

If you work in a Security Operations Center (SOC), you know the struggle all too well: hundreds of alerts flood in daily, each demanding attention. Some are false positives, others are routine, but buried among them are real threats that need to be caught before they escalate into full-blown security incidents. Analysts often have to […]

The post Free SOC Webinar – Better SOC with Interactive Malware Sandbox, Practical Use Cases 2025 appeared first on Cyber Security News.