Cyber Security News

In recent months, cybersecurity researchers have observed a surge in malicious domain registrations linked to an emerging e-crime group known as PoisonSeed. First identified in April 2025, this actor has focused its efforts on impersonating legitimate cloud-based email platforms, most notably SendGrid, to harvest enterprise credentials. By embedding fake Cloudflare CAPTCHA interstitials and Ray ID […]

The post PoisonSeed Threat Actor Registering New Domains in Attempt to Compromise Enterprise Credentials appeared first on Cyber Security News.

U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to investigate Microsoft for what he terms “gross cybersecurity negligence,” accusing the tech giant of knowingly shipping its Windows operating system with a dangerously outdated form of encryption that has enabled devastating ransomware attacks on U.S. critical infrastructure, including major healthcare systems. In […]

The post Senator Calls for FTC Investigation into Microsoft’s Use of Outdated RC4 Encryption and Kerberoasting Vulnerabilities appeared first on Cyber Security News.

FastNetMon today announced that it detected a record-scale distributed denial-of-service (DDoS) attack targeting the website of a leading DDoS scrubbing vendor in Western Europe. The attack reached 1.5 billion packets per second (1.5 Gpps) — one of the largest packet-rate floods publicly disclosed. The malicious traffic was primarily a UDP flood launched from compromised customer-premises equipment (CPE), including IoT devices and […]

The post 1.5 Billion Packets Per Second DDoS Attack Detected with FastNetMon appeared first on Cyber Security News.

FastNetMon, a prominent provider of DDoS detection solutions, announced this week that it had identified and helped mitigate a record-breaking distributed denial-of-service (DDoS) attack. The assault targeted a major DDoS scrubbing vendor located in Western Europe, pushing packet-forwarding rates to an astonishing 1.5 billion packets per second (1.5 Gpps). This incident stands as one of […]

The post DDoS Mitigation Provider targeted In 1.5 Gpps 1.5 Billion Packets per Second DDoS Attack appeared first on Cyber Security News.

The Australian Cyber Security Centre (ACSC) has issued a critical alert regarding a severe access control vulnerability in SonicWall products that is being actively exploited in attacks. The flaw, tracked as CVE-2024-40766, affects multiple generations of SonicWall firewalls and carries a critical CVSS score of 9.3, highlighting the significant risk it poses to organizations. The […]

The post ACSC Warns Of Sonicwall Access Control Vulnerability Actively Exploited In Attacks appeared first on Cyber Security News.

The U.S. District Court for the Eastern District of New York has unsealed a superseding indictment against a Ukrainian national, charging him with his alleged role as an administrator in the LockerGoga, MegaCortex, and Nefilim ransomware operations. The schemes reportedly extorted over 250 companies in the United States and hundreds more across the globe, causing […]

The post Authorities Arrested Admins Of “LockerGoga,” “MegaCortex,” And “Nefilim” Ransomware Gangs appeared first on Cyber Security News.

A remote code execution vulnerability has been discovered in the Cursor AI Code Editor, enabling a malicious code repository to run code on a user’s machine upon opening automatically. The research team at Oasis Security uncovered the flaw, which bypasses typical user consent prompts by exploiting a default configuration setting in the popular editor. According […]

The post Cursor AI Code Editor RCE Vulnerability Enables “autorun” of Malicious on your Machine appeared first on Cyber Security News.

Jaguar Land Rover (JLR) has confirmed that data was stolen during a major cyberattack that has crippled its global operations, bringing vehicle production to a standstill since early September. The luxury carmaker, a subsidiary of India’s Tata Motors, is now working with cybersecurity specialists to investigate the breach and restore its systems. The cyber incident, […]

The post Jaguar Land Rover Confirms Hackers Stole Data in Ongoing Cyberattack appeared first on Cyber Security News.

CyberVolk ransomware first emerged in May 2024, rapidly evolving into a sophisticated threat aimed at government agencies and critical infrastructure in countries perceived as hostile to Russian interests. Leveraging a dual-layer symmetric encryption process, this malware has inflicted significant operational disruptions on scientific institutions and public services across Japan, France, and the United Kingdom. The […]

The post CyberVolk Ransomware Attacking Windows System in Critical Infrastructure and Scientific Institutions appeared first on Cyber Security News.

Security researchers have recently observed a surge in sophisticated fileless malware campaigns targeting enterprise environments. AsyncRAT, a powerful Remote Access Trojan, leverages legitimate system tools to execute malicious payloads entirely in memory, effectively sidestepping traditional disk-based defenses. Emergence of this threat underscores the evolving tactics employed by cyber adversaries to maintain stealth and persistence on […]

The post AsyncRAT Uses Fileless Loader to Bypass Detections and Gain Remote Access appeared first on Cyber Security News.

Malicious actors have launched a sophisticated malvertising campaign on Facebook that coerces unsuspecting users into installing a fake “Meta Verified” browser extension. Promoted through seemingly legitimate video tutorials, these ads promise to unlock the coveted blue verification tick without paying Meta’s subscription fee. In reality, the extension is engineered to harvest sensitive user data, including […]

The post Beware of Malicious Facebook Ads With Meta Verified Steals User Account Details appeared first on Cyber Security News.

A critical security vulnerability has been discovered in the Amp’ed RF BT-AP 111 Bluetooth Access Point, exposing organizations to significant security risks through an unauthenticated administrative interface. The device, which serves as a Bluetooth-to-Ethernet bridge supporting both access point and gateway functionality, lacks fundamental authentication controls on its web-based management system. The vulnerability, designated as […]

The post Amp’ed RF BT-AP 111 Bluetooth Access Point Vulnerability Let Attackers Gain Full Admin Access appeared first on Cyber Security News.

Early this month, cybersecurity researchers uncovered a novel phishing campaign attributed to the Lazarus Group that targets developers and crypto professionals through a cleverly crafted Git symlink vulnerability. Rather than relying solely on traditional malware distribution channels, the attackers have weaponized the way Git handles repository paths, embedding malicious hooks within symbolic links to trigger […]

The post Lazarus Hackers Exploiting Git Symlink Vulnerability in Sophisticated Phishing Attack appeared first on Cyber Security News.

In recent months, security researchers have observed a surge in activity by a previously undocumented ransomware group known as The Gentlemen. This threat actor has rapidly distinguished itself through the deployment of highly specialized tools and meticulous reconnaissance tactics, targeting critical infrastructure across multiple sectors and regions. Leveraging legitimate Windows drivers and nuanced Group Policy […]

The post New Gentlemen Ransomware Leverages Legitimate Drivers, Group Policies to Infiltrate Organizations appeared first on Cyber Security News.

GitLab has released urgent security patches for its Community (CE) and Enterprise (EE) editions, addressing multiple vulnerabilities, including two high-severity flaws that could lead to Server-Side Request Forgery (SSRF) and Denial of Service (DoS) attacks. The company is strongly advising all administrators of self-managed GitLab installations to upgrade immediately to the newly released versions: 18.3.2, […]

The post GitLab Patches Multiple Vulnerabilities That Enables Denial Of Service and SSRF Attacks appeared first on Cyber Security News.

A high-quality mobile application penetration testing company is essential for businesses that want to safeguard their digital assets and user data. These specialized firms employ ethical hackers who simulate real-world cyberattacks to identify and exploit vulnerabilities within mobile apps. The insights from these tests enable developers to fix security flaws before they can be leveraged […]

The post Top 10 Best Mobile Application Penetration Testing Companies in 2025 appeared first on Cyber Security News.

A security vulnerability has been found in the Google Drive Desktop application for Windows. It allows a logged-in user on a shared machine to access another user’s Drive files completely without needing their credentials. This vulnerability stems from a broken access control mechanism in how the application handles cached data. While Google Drive is widely […]

The post Google Drive Desktop for Windows Vulnerability Grants Full Access to Another User’s Drive appeared first on Cyber Security News.

Microsoft has issued an updated warning for a critical security vulnerability in Active Directory Domain Services, tracked as CVE-2025-21293. This flaw could permit an attacker who has already gained initial access to a system to escalate their privileges, potentially gaining complete control over the affected domain controller and undermining the security of the network infrastructure. […]

The post Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges appeared first on Cyber Security News.

Microsoft has released patches for two significant vulnerabilities in Microsoft Office that could allow attackers to execute malicious code on affected systems. The flaws, tracked as CVE-2025-54910 and CVE-2025-54906, were disclosed on September 9, 2025, and affect various versions of the popular productivity suite. While Microsoft has assessed exploitation as “less likely” for both vulnerabilities […]

The post Critical Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code appeared first on Cyber Security News.

HackerOne has confirmed it was among the companies affected by a recent data breach that provided unauthorized access to its Salesforce instance. The access was gained through a compromise of the third-party application Drift, which Salesloft owns. The bug bounty platform announced the security incident, aligning with its company value of “Default to Disclosure.” According […]

The post HackerOne Confirms Data Breach – Hackers Gained Unauthorized Access To Salesforce Instance appeared first on Cyber Security News.