Cyber Security News

ownCloud has urgently urged users of its Community Edition to enable multi-factor authentication (MFA). A threat intelligence report from Hudson Rock highlighted incidents in which attackers compromised self-hosted file-sharing platforms, including some ownCloud deployments, but ownCloud stresses that its platform itself remains unbreached. Hudson Rock’s analysis revealed no zero-day exploits or vulnerabilities in ownCloud’s architecture. […]

The post ownCloud Urges Users to Enable Multi-Factor Authentication Following Credential Theft appeared first on Cyber Security News.

CrazyHunter ransomware has emerged as a critical and evolving threat that specifically targets healthcare organizations and sensitive medical infrastructure. This Go-developed malware represents a significant escalation in ransomware sophistication, employing advanced encryption methods and delivery mechanisms designed to bypass modern security defenses. Healthcare institutions in Taiwan have experienced repeated attacks, with at least six known […]

The post CrazyHunter Ransomware Attacking Healthcare Sector with Advanced Evasion Techniques appeared first on Cyber Security News.

A sophisticated Go-based botnet dubbed GoBruteforcer is aggressively targeting Linux servers worldwide, brute-forcing weak passwords on internet-exposed services including FTP, MySQL, PostgreSQL, and phpMyAdmin. Check Point Research recently documented a new 2025 variant of the malware that demonstrates significant technical improvements over previous versions and has successfully compromised tens of thousands of servers.​ The botnet […]

The post GoBruteforcer Botnet Attacking Linux Servers Worldwide – 50,000 Internet-facing Servers at Risk appeared first on Cyber Security News.

ANY.RUN, the interactive malware analysis platform, has wrapped up 2025 with impressive growth figures and significant contributions to the cybersecurity community. The company’s annual report reveals how its global user base collectively spent over 400,000 hours analyzing threats—equivalent to more than 45 years of continuous research. The platform processed 5.7 million analyses across 195 countries […]

The post From Tycoon2FA to Lazarus Group – Inside ANY.RUN’s Biggest Discoveries of 2025 appeared first on Cyber Security News.

A proof-of-concept (PoC) exploit for CVE-2025-38352, a critical race condition vulnerability in the Linux kernel, has been publicly released on GitHub. The vulnerability, discovered earlier this year, targets the POSIX CPU timers implementation and was previously exploited in limited, targeted attacks against 32-bit Android devices. CVE-2025-38352 is a use-after-free (UAF) vulnerability in the Linux kernel’s handle_posix_cpu_timers() function. […]

The post PoC Exploit Released for Android/Linux Kernel Vulnerability CVE-2025-38352 appeared first on Cyber Security News.

Researchers from the Chinese Academy of Sciences and Nanyang Technological University have introduced AURA, a novel framework to safeguard proprietary knowledge graphs in GraphRAG systems against theft and private exploitation. Published on arXiv just a week ago, the paper highlights how adulterating KGs with fake but plausible data renders stolen copies useless to attackers while […]

The post Researchers Manipulate Stolen Data to Corrupt AI Models and Generate Inaccurate Outputs appeared first on Cyber Security News.

Chinese threat actors have launched a sophisticated campaign using NFC-enabled Android malware called Ghost Tap to intercept and steal financial information from victims worldwide. The malware operates through a deceptive distribution model, where attackers trick users into downloading seemingly legitimate applications via Telegram and other messaging platforms. Once installed, Ghost Tap leverages Near Field Communication […]

The post Chinese Hackers Deploy NFC-enabled Android Malware to Steal Payment Data appeared first on Cyber Security News.

A sophisticated new phishing campaign has emerged, leveraging the trusted infrastructure of Google Cloud services to bypass security filters and steal sensitive Microsoft 365 login credentials. By abusing legitimate workflow automation tools, threat actors are crafting convincing attacks that blend seamlessly with authentic communications, making detection increasingly difficult for both automated systems and end-users. This […]

The post Threat Actors Leversges Google Cloud Services to Steal Microsoft 365 Logins appeared first on Cyber Security News.

Microsoft has announced the indefinite cancellation of its Mailbox External Recipient Rate Limit in Exchange Online, reversing a previously planned restriction on bulk email sending. The decision comes after significant customer feedback highlighting operational disruptions caused by the proposed limitation. The tech giant’s Exchange Online Transport Team confirmed on January 6, 2026, that the external […]

The post Microsoft to Cancel Plans Imposing Daily Limit For Exchange Online Bulk E-mails appeared first on Cyber Security News.

ToddyCat, a sophisticated cyber espionage group, has emerged as a persistent threat targeting high-profile organizations across multiple continents. The group began operations in December 2020 by compromising Microsoft Exchange servers in Taiwan and Vietnam using an unidentified vulnerability. However, their capabilities expanded significantly in February 2021 when they began exploiting the ProxyLogon vulnerability to target […]

The post ToddyCat Malware Compromises Microsoft Exchange Servers using ProxyLogon Vulnerability appeared first on Cyber Security News.

A severe vulnerability in the TOTOLINK EX200 Wi-Fi extender could allow attackers to gain full system access via an unauthenticated telnet root service, researchers warned. The flaw, tracked as CVE-2025-65606 and assigned CERT Vulnerability Note VU#295169, affects the firmware upload error-handling logic in the End-of-Life TOTOLINK EX200 extender. When processing malformed firmware files, the device inadvertently enables […]

The post TOTOLINK EX200 Extender Vulnerability Allow Attacker to Gain Full System Access appeared first on Cyber Security News.

LockBit 5.0 has surfaced as the latest iteration of one of the world’s most active ransomware-as-a-service operations, continuing a legacy of sophisticated attacks since the group’s emergence in September 2019. This new version represents a significant evolution in the threat landscape, introducing enhanced encryption mechanisms and advanced anti-analysis capabilities that make detection and recovery exponentially […]

The post LockBit 5.0 Emerges with New Sophisticated Encryption and Anti-Analysis Tactics appeared first on Cyber Security News.

China’s cyber army has intensified attacks against Taiwan’s critical infrastructure in 2025, marking a significant escalation in digital warfare tactics. Taiwan’s national intelligence community documented a troubling trend: approximately 2.63 million intrusion attempts per day targeted critical systems across nine key sectors, including energy, healthcare, communications, and transportation. This represents a 6 percent increase from […]

The post Chinese Hackers Actively Attacking Taiwan Critical Infrastructure appeared first on Cyber Security News.

A severe security vulnerability has been discovered in n8n, the popular workflow automation platform, which allows authenticated users to execute arbitrary code remotely on affected instances. The flaw poses significant risks to both self-hosted deployments and n8n Cloud instances, potentially leading to complete system compromise. The authenticated Remote Code Execution (RCE) vulnerability affects n8n’s core […]

The post Critical n8n Vulnerability Enables Authenticated Remote Code Execution appeared first on Cyber Security News.

The notorious Black Cat cybercriminal group has aggressively resurfaced with a sophisticated malware campaign utilizing advanced search engine optimization techniques to distribute counterfeit versions of popular open-source software. By manipulating search engine algorithms, the gang successfully positions meticulously crafted phishing websites for tools like Notepad++ at the very top of keyword search results. This strategic […]

The post Black Cat Hacker Group with Fake Notepad++ Sites to Install Malware and Steal Data appeared first on Cyber Security News.

D-Link has confirmed unauthenticated command injection vulnerabilities affecting multiple router models deployed internationally. Active exploitation campaigns using DNS hijacking have been documented since late 2016, with threat actors continuing malicious activities through 2019 and beyond. Multiple D-Link router models remain vulnerable to remote DNS modification attacks through unauthenticated web interfaces. The vulnerabilities allow attackers to […]

The post D-Link Router Command Injection Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.

Phishing actors are exploiting complex routing scenarios and misconfigured security protections to send fake emails that appear to come from within organizations. These emails look like they were sent internally, making them harder to detect. Threat actors have used this method to deliver various phishing messages through platforms like Tycoon2FA. The emails use common tricks, […]

The post Hackers Exploited Routing Scenarios and Misconfigurtions to Effectively Spoof Organizations appeared first on Cyber Security News.

Four critical flaws in Veeam Backup & Replication v13, which could allow attackers to gain root-level access and execute code on backup systems, have been disclosed by Veeam Software. The vulnerabilities were discovered during internal testing and resolved in build 13.0.1.1071, released on January 6, 2026. The most dangerous flaw, CVE-2025-55125, allows Backup or Tape […]

The post Veeam Backup Vulnerabilities Enables Remote Code Execution as Root appeared first on Cyber Security News.

A federal judge in New York has ordered OpenAI to provide 20 million anonymized user logs from ChatGPT to the plaintiffs in a major copyright lawsuit involving AI. The judge made this decision despite OpenAI’s privacy concerns, upholding an earlier ruling on the matter. District Judge Sidney H. Stein affirmed Magistrate Judge Ona T. Wang’s […]

The post Judge Demands OpenAI to Release 20 Million Anonymized ChatGPT Chats in AI Copyright Dispute appeared first on Cyber Security News.

A critical path traversal vulnerability in AdonisJS has been discovered that could allow remote attackers to write arbitrary files to server filesystems, potentially leading to complete system compromise. The vulnerability, tracked as CVE-2026-21440, affects the bodyparser module of the popular TypeScript-first web framework and carries a critical CVSS v4 severity rating.​ The security flaw resides in […]

The post Critical AdonisJS Vulnerability Allow Remote Attacker to Write Files On Server appeared first on Cyber Security News.