Cyber Security News

A critical security advisory warned of severe vulnerabilities in WHILL electric wheelchairs that could allow attackers to hijack the devices via Bluetooth remotely. The alert affects two popular models used worldwide: the WHILL Model C2 Electric Wheelchair and Model F Power Chair, both manufactured by Japan-based WHILL Inc. Security researchers from QED Secure Solutions discovered […]

The post CISA Warns of WHILL Model C2 Wheelchairs Vulnerability Let Attackers Take Control of Product appeared first on Cyber Security News.

The cybersecurity community was alarmed in late December 2025 when MongoDB announced a serious vulnerability called “Mongobleed” (CVE-2025-14847). This high-severity flaw allows unauthenticated attackers to steal sensitive data directly from server memory. With a CVSS score of 8.7 and over 87,000 potentially vulnerable MongoDB instances exposed worldwide, this pre-authentication memory disclosure vulnerability has rapidly become […]

The post Lessons From Mongobleed Vulnerability (CVE-2025-14847) That Actively Exploited In The Wild appeared first on Cyber Security News.

After a decade of disappearing from the cybersecurity landscape, the Careto threat group, also known as “The Mask,” has resurfaced with sophisticated new attack methods targeting high-profile organizations. Security researchers have identified fresh evidence of Careto’s activity, revealing how the group evolved its tactics to compromise critical infrastructure and maintain persistent access to sensitive networks. […]

The post Careto Hacker Group is Back After 10 Years of Silence with New Attack Tactics appeared first on Cyber Security News.

A newly disclosed use-after-free vulnerability in Apache NuttX RTOS could allow attackers to cause system crashes and unintended filesystem operations, prompting urgent security warnings for users running network-exposed services. The flaw, tracked as CVE-2025-48769 and rated moderate in severity, affects a wide range of NuttX versions and was publicly disclosed on December 31, 2025. The […]

The post Apache NuttX Vulnerability Let Attackers to Crash Systems appeared first on Cyber Security News.

Endpoint Detection and Response (EDR) solutions stand as critical shields for devices and data against 2026’s escalating cyber threats. CrowdStrike Falcon Insight XDR dominates with AI-driven detection and a lightweight agent. Palo Alto Networks Cortex XDR unifies visibility across endpoints, networks, and cloud. Microsoft Defender for Endpoint shines via deep Microsoft ecosystem integration and AI-powered […]

The post Top 10 Best EDR Solutions (Endpoint Detection & Response) In 2026 appeared first on Cyber Security News.

The cybersecurity landscape in 2025 has been marked by an unprecedented surge in critical vulnerabilities, with over 21,500 CVEs disclosed in the first half of the year alone, representing a 16-18% increase compared to 2024. Among these, a select group of vulnerabilities stands out due to their exceptional severity, active exploitation in the wild, and […]

The post Top 10 High-Risk Vulnerabilities Of 2025 that Exploited in the Wild appeared first on Cyber Security News.

An open-source solution for handling encrypted WhatsApp backups. The wa-crypt-tools suite, hosted on GitHub, decrypts and encrypts .crypt12, .crypt14, and .crypt15 files from WhatsApp and WhatsApp Business, provided users supply the required key file or 64-character key.​ wa-crypt-tools simplifies access to WhatsApp’s end-to-end encrypted backups, which store chat histories, media, and metadata in SQLite databases […]

The post WhatsApp Crypt Tool to Encrypt and Decrypt WhatsApp Backups appeared first on Cyber Security News.

A federal court in the Southern District of Florida has accepted guilty pleas from two cybersecurity professionals who used their expertise to conduct ransomware attacks rather than stop them. Ryan Goldberg, 40, from Georgia, and Kevin Martin, 36, from Texas, pleaded guilty to conspiracy to commit extortion through ransomware operations. Between April and December 2023, […]

The post Two U.S. CyberSecurity Pros Plead Guilty for Working as ALPHV/BlackCat Affiliates appeared first on Cyber Security News.

A new wave of GlassWorm malware has emerged, marking a significant shift in targeting strategy from Windows to macOS systems. This self-propagating worm, distributed through malicious VS Code extensions on the Open VSX marketplace, has already accumulated over 50,000 downloads. The fourth wave introduces several concerning changes including encrypted payloads, hardware wallet trojanization capabilities, and […]

The post Self-Propagating GlassWorm Weaponizing VS Code Extensions to Attack macOS Users appeared first on Cyber Security News.

A dangerous cybercrime tool known as ErrTraffic has appeared in underground forums, making it easier for attackers to trick users into running harmful software on their devices. The tool automates what security experts call ClickFix attacks, where fake error messages push people to manually execute malicious commands. Unlike older methods that tried to secretly download […]

The post New Cybercrime Tool ErrTraffic Let Attackers Automate ClickFix Attacks appeared first on Cyber Security News.

Researchers have uncovered DarkSpectre, a well-funded Chinese threat actor responsible for infecting over 8.8 million users across Chrome, Edge, and Firefox browsers through a series of highly coordinated malware campaigns spanning seven years. The discovery reveals a level of operational sophistication rarely seen in the threat landscape, with the group running multiple distinct campaigns simultaneously, […]

The post DarkSpectre Hackers Infected 8.8 Million Chrome, Edge, and Firefox Users with Malware appeared first on Cyber Security News.

A critical security alert regarding a severe vulnerability in the IBM API Connect platform that could allow remote attackers to bypass authentication mechanisms. Discovered during internal testing, the flaw poses a significant risk to organizations relying on the platform for API management. It grants unauthorized actors access to the application without requiring valid credentials. The […]

The post Critical IBM API Connect Vulnerability Let Attackers Bypass Logins appeared first on Cyber Security News.

Large Language Models (LLMs) have revolutionized software development, democratizing coding capabilities for non-programmers. However, this accessibility has introduced a severe security crisis. Advanced AI tools, designed to assist developers, are now being weaponized to automate the creation of sophisticated exploits against enterprise software. This shift fundamentally challenges traditional security assumptions, where the technical complexity of […]

The post Threat Actors Manipulating LLMs for Automated Vulnerability Exploitation appeared first on Cyber Security News.

APT36, also known as Transparent Tribe, has launched a new malware campaign that targets Indian government and strategic entities by abusing Windows LNK shortcut files. The attack starts with spear‑phishing emails that carry a ZIP archive named “Online JLPT Exam Dec 2025.zip,” using an exam notice theme to lure officials into opening the attachment. Once […]

The post APT36 Malware Campaign Targeting Windows LNK Files to Attack Indian Government Entities appeared first on Cyber Security News.

NeuroSploitv2 is an AI-powered penetration testing framework that automates critical aspects of offensive security operations through advanced language models. The framework, available on GitHub, integrates with multiple LLM providers, including Claude, GPT, Gemini, and Ollama, to enable specialized vulnerability analysis and exploitation strategies. The framework stands out for its modular architecture, which features specialized AI […]

The post NeuroSploitv2 – AI-Powered Pentesting Tool With Claude, GPT, and Gemini models to Detect vulnerabilities appeared first on Cyber Security News.

Dark web forums have become a marketplace for sophisticated malware tools, with threat actors continuously refining their capabilities to stay ahead of security solutions. The latest concerning development involves an emerging AI-powered crypter service that promises unprecedented evasion abilities, putting enterprise environments at significant risk. A threat actor operating under the alias ImpactSolutions has begun […]

The post Threat Actors Advertising AI-Enhanced Metamorphic Crypter with Claims of Windows Defender Bypass appeared first on Cyber Security News.

A security patch addressing a critical privilege escalation vulnerability that allows unauthorized users to gain administrative access to the data streaming platform. The flaw, tracked as CVE-2025-47411 and rated important, affects Apache StreamPipes versions 0.69.0 through 0.97.0. The vulnerability stems from a flawed user ID creation mechanism that permits legitimate non-administrator account holders to exploit […]

The post Critical Apache StreamPipes Vulnerability Let Attackers Seize Admin Control appeared first on Cyber Security News.

The Adaptix Framework team has announced a significant update to AdaptixC2, an open-source post-exploitation and adversarial emulation platform designed for penetration testers. The latest version introduces significant improvements to network tunneling, the user interface, and overall system performance. One of the most notable upgrades focuses on network tunnel capabilities. The SOCKS4 and SOCKS5 protocols have been […]

The post Open-Source C2 Platform AdaptixC2 Released With Enhanced Stability, Performance, and Speed appeared first on Cyber Security News.

A large-scale web skimming operation has emerged across the internet, targeting online shoppers and account holders with unprecedented scope. Security researchers have identified an over 50-script global campaign that intercepts sensitive information during checkout and account creation processes. The attack demonstrates a significant evolution in how cybercriminals target e-commerce platforms, moving beyond simple credit card […]

The post Massive Magecart with 50+ Malicious Scripts Hijacking Checkout and Account Creation Flows appeared first on Cyber Security News.

The cybercriminal threat actor known as Crypt4You has recently emerged on underground forums and dark web marketplaces, advertising a sophisticated tool named VOID KILLER. This malicious software operates as a kernel-level antivirus and endpoint detection response (EDR) process killer, designed to evade and neutralize security defenses. The tool is being marketed as an alternative to […]

The post Hackers Advertised VOID ‘AV Killer’ with Kernel-level Termination Claims appeared first on Cyber Security News.