Cyber Security News

Over the past two months, threat actors have weaponized a critical authentication bypass flaw in the Service Finder Bookings WordPress plugin, enabling them to hijack any account on compromised sites. First disclosed on July 31, 2025, the vulnerability emerged after a bug bounty submission revealed that the plugin’s servicefinderswitchback function failed to validate a user-switch […]

The post Hackers Actively Exploiting WordPress Plugin Vulnerability to Gain Admin Access appeared first on Cyber Security News.

A sophisticated phishing campaign has emerged targeting job seekers through legitimate Zoom document-sharing features, demonstrating how cybercriminals exploit trusted platforms to harvest Gmail credentials. The attack leverages social engineering tactics by impersonating HR departments and using authentic Zoom notifications to bypass user suspicion and traditional security measures. The campaign begins with victims receiving legitimate-looking emails […]

The post Threat Actors Mimic as HR Departments to Steal Your Gmail Login Credentials appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated evolution of the ClickFix attack methodology, where threat actors are leveraging cache smuggling techniques to avoid traditional file download detection mechanisms. This innovative campaign targets enterprise networks by masquerading as a Fortinet VPN compliance checking tool, specifically exploiting the trust organizations place in their remote access infrastructure. The malicious […]

The post Hackers Upgraded ClickFix Attack With Cache Smuggling to Secretly Download Malicious Files appeared first on Cyber Security News.

A recently discovered Python-based remote access trojan (RAT) exhibits unprecedented polymorphic behavior, altering its code signature each time it runs. First observed on VirusTotal, the sample, dubbed nirorat.py, initially scored only 26/100 on detection engines, despite containing a full suite of RAT capabilities. Analysts believe the malware leverages Python’s introspection and code-modification features to evade […]

The post New Polymorphic Python Malware Repeatedly Mutate its Appearance at Every Execution Time appeared first on Cyber Security News.

The ransomware landscape witnessed unprecedented upheaval in Q3 2025 as cyberthreat actors ushered in a new era of aggression and sophistication. The quarter marked a pivotal moment with the emergence of Scattered Spider’s inaugural ransomware-as-a-service offering, ShinySp1d3r RaaS, representing the first major English-led ransomware operation to challenge traditional Russian-speaking dominance in the ecosystem. Simultaneously, the […]

The post Data-Leak Sites Hit an All-Time High With New Scattered Spider RaaS and LockBit 5.0 appeared first on Cyber Security News.

In recent weeks, security teams worldwide have grappled with a new ransomware strain that has shattered expectations for speed and sophistication. First detected in late September 2025, this variant encrypts critical data within seconds of execution, leaving little time for intervention. Organizations across manufacturing, healthcare, and finance sectors have reported system-wide outages as attackers deploy […]

The post Chaos Emerges as Faster, Smarter, and More Dangerous Ransomware appeared first on Cyber Security News.

Palo Alto, California, October 9th, 2025, CyberNewsWire As AI Browsers rapidly gain adoption across enterprises, SquareX has released critical security research exposing major vulnerabilities that could allow attackers to exploit AI Browsers to exfiltrate sensitive data, distribute malware and gain unauthorized access to enterprise SaaS apps. The timing of this disclosure is particularly significant as […]

The post SquareX Shows AI Browsers Fall Prey to OAuth Attacks, Malware Downloads and Malicious Link Distribution appeared first on Cyber Security News.

A threat actor has allegedly breached KFC Venezuela, offering a database containing the personal and order information of over one million customers for sale on a dark web forum. The data, advertised on October 8, 2025, includes a vast amount of sensitive customer details, posing a significant risk of fraud and identity theft to those […]

The post KFC Venezuela Alleged Data Breach – 1 Million Customer Records Exposed appeared first on Cyber Security News.

Newark, United States, October 9th, 2025, CyberNewsWire Lightship Security, an Applus+ Laboratories company and accredited cryptographic security test laboratory, and the OpenSSL Corporation, the co-maintainer of the OpenSSL Library, announce the submission of OpenSSL version 3.5.4 to the Cryptographic Module Validation Program (CMVP) for FIPS 140-3 validation. This submission confirms that the code is complete […]

The post Lightship Security and the OpenSSL Corporation Submit OpenSSL 3.5.4 for FIPS 140-3 Validation appeared first on Cyber Security News.

Security researchers at Cisco Talos have confirmed that ransomware operators are actively exploiting Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in their attacks. This marks the first definitive link between a legitimate security tool and a ransomware incident. The campaign, which deployed three separate ransomware strains, is attributed with moderate confidence to […]

The post Hackers Exploit DFIR Tool ‘Velociraptor’ in Ransomware Attacks appeared first on Cyber Security News.

The cybersecurity community has witnessed the rapid emergence of a novel phishing toolkit that automates the creation of “ClickFix” attack pages, enabling threat actors with minimal technical expertise to deploy sophisticated social engineering lures. Dubbed the IUAM ClickFix Generator, this phishing kit consolidates all necessary configuration options—page title, domain, verification prompts and clipboard instructions—into a […]

The post New Phishing Kit Automates Generation of ClickFix Attack Bypassing Security Measures appeared first on Cyber Security News.

SonicWall has confirmed that an unauthorized party accessed and stole the entire repository of customer firewall configuration backup files from its cloud service. The confirmation comes after the completion of an investigation with the cybersecurity firm Mandiant, which determined that all customers who used the cloud backup feature are affected by the breach. The investigation […]

The post SonicWall Confirms That Hackers Stole All Customers Firewall Configuration Backup Files appeared first on Cyber Security News.

In recent weeks, a sophisticated malware campaign has emerged that leverages conversational chatbots as covert entry points into enterprise systems. Initially observed in mid-September 2025, the threat actors targeted organizations running customer-facing chat applications built on large language models. By exploiting weaknesses in natural language processing and indirect data ingestion, attackers were able to pivot […]

The post AI Chatbot Leveraged as a Critical Backdoor to Access Sensitive Data and Infrastructure appeared first on Cyber Security News.

Microsoft Azure, one of the world’s leading cloud computing platforms, experienced a significant service outage on Thursday, October 9, 2025, leaving customers across Europe and Africa unable to access their services. The disruption began at approximately 07:40 UTC, with the core issue identified as a major capacity loss within Azure Front Door (AFD), Microsoft’s cloud-native […]

The post Microsoft Azure Faces Global Outage Affecting Services Worldwide appeared first on Cyber Security News.

The cybersecurity landscape has been shaken by the emergence of Trinity of Chaos, a sophisticated ransomware collective that has launched a data leak site containing sensitive information from 39 major corporations. This formidable alliance, presumably comprising members from the notorious Lapsus$, Scattered Spider, and ShinyHunters groups, represents a significant evolution in cybercriminal organization and operational […]

The post New Hacker Alliance Trinity of Chaos Leaked 39 Companies Data Including Google, CISCO and Others appeared first on Cyber Security News.

A major service outage is affecting Microsoft 365, preventing users from accessing the admin center and other services that rely on Microsoft Entra ID for authentication. The disruption, which began on Thursday, October 9, 2025, is causing widespread access issues for organizations that depend on Microsoft’s cloud-based productivity suite. The scope of the impact is […]

The post Microsoft 365 Outage Disrupts Access to Admin Center, Services, and Entra ID appeared first on Cyber Security News.

Since emerging in the mid-2010s as a persistent threat actor, the IRGC-linked APT35 collective has continually adapted its tactics to target government entities, energy firms, and diplomatic missions across the Middle East and beyond. Initially focused on credential harvesting via targeted phishing campaigns, the group has evolved a modular toolkit capable of deep network infiltration […]

The post IRGC-Linked APT35 Structure, Tools, and Espionage Operations Disclosed appeared first on Cyber Security News.

A sophisticated technique known as hidden text salting has emerged as a significant threat to email security systems, allowing cybercriminals to bypass detection mechanisms through the strategic abuse of cascading style sheets (CSS) properties. This attack vector enables threat actors to embed irrelevant content, or “salt,” within various components of malicious emails while rendering it […]

The post Hackers Abuse CSS Properties With Messages to Inject Malicious Codes in Hidden Text Salting Attack appeared first on Cyber Security News.

A significant Microsoft 365 outage blocked user access to several critical services, including Microsoft Teams, Exchange Online, and the Microsoft 365 admin center. The incident began late on Wednesday, October 8, 2025, leaving organizations worldwide unable to utilize essential communication and administrative platforms. Microsoft acknowledged the issue promptly and began investigating the widespread reports from […]

The post Microsoft 365 Outage Blocks Access to Teams, Exchange Online, and Admin Center – Updated appeared first on Cyber Security News.

The popular communication platform Discord is facing an extortion attempt following a significant data breach at one of its third-party customer service providers, Zendesk. Threat actors claim to have stolen 1.5 terabytes of sensitive data, including over 2.1 million government-issued identification photos used for age verification. While Discord confirms the breach, it disputes the scale […]

The post Discord Data Breach – 1.5 TB of Data and 2 Million Government ID Photos Extorted appeared first on Cyber Security News.