Cyber Security News

Researchers from the Positive Technologies Expert Security Center (PT ESC) have identified and prevented a malicious campaign targeting users of the Python Package Index (PyPI). The attack involved two fake packages named deepseeek and deepseekai, which were designed to steal sensitive user and system data. These packages were masquerading as legitimate clients for the DeepSeek […]

The post Beware of Fake DeepSeek PyPI Packages That Delivers Malware appeared first on Cyber Security News.

A new variant of malware, known as FlexibleFerret, has been identified targeting macOS users while evading detection by Apple’s XProtect tool. This malware is part of a broader campaign attributed to North Korean threat actors, who have been using sophisticated tactics to lure victims into installing malicious software. The Ferret family of malware, including variants […]

The post FlexibleFerret Malware Attacking macOS Users, Evading XProtect Detections appeared first on Cyber Security News.

Hackers have exploited a zero-day vulnerability in the popular file archiver 7-Zip to deploy SmokeLoader malware.  The vulnerability, tracked as CVE-2025-0411, was identified in September 2024 and has since been actively used in cyberattacks targeting Ukrainian entities.  CVE-2025-0411 is a high-severity vulnerability (CVSS score: 7.0) that allows attackers to bypass Windows’ Mark-of-the-Web (MoTW) security mechanism.  […]

The post Hackers Exploiting 7-Zip Zero-Day Vulnerability to Deploy SmokeLoader Malware  appeared first on Cyber Security News.

A new cyberattack technique has emerged, enabling attackers to bypass Endpoint Detection and Response (EDR) systems while operating under a low-privileged standard user account.  Traditionally, EDR evasion requires elevated privileges, such as administrative or system-level access.  However, this innovative approach leverages masquerading and path obfuscation to disguise malicious payloads as legitimate processes, deceiving both automated […]

The post New Attack Technique to Bypassing EDR as Low Privileged Standard User appeared first on Cyber Security News.

U.S. prosecutors have charged Andean Medjedovic, a 22-year-old Canadian, with five counts of criminal indictment for allegedly orchestrating a sophisticated cryptocurrency theft.  Medjedovic is accused of exploiting vulnerabilities in the KyberSwap and Indexed Finance DeFi protocols, resulting in significant financial losses. The alleged schemes carried out between 2021 and 2023, resulted in the theft of […]

The post Canadian National Charged for Stealing $65 Million in Crypto  appeared first on Cyber Security News.

A critical Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2024-57004, has been discovered in Roundcube Webmail version 1.6.9.  This flaw allows remote authenticated users to upload malicious files disguised as email attachments, posing significant risks to individuals and organizations using the popular open-source webmail client. The vulnerability stems from insufficient sanitization of user input during the […]

The post Roundcube XSS Vulnerability Let Attackers Inject Malicious Files appeared first on Cyber Security News.

Microsoft has disclosed a critical vulnerability, CVE-2025-21415, impacting the Azure AI Face Service, which is classified as an Elevation of Privilege issue, allowing attackers to bypass authentication mechanisms via spoofing, escalating their privileges over a network. However, Microsoft has confirmed that the vulnerability has been fully mitigated and requires no customer action. This disclosure underscores […]

The post Microsoft Azure AI Face Service Elevation of Privilege Vulnerability Let Attackers Gain Network Access appeared first on Cyber Security News.

Dell Technologies has disclosed multiple critical vulnerabilities affecting its PowerProtect product line, including Data Domain (DD) appliances, PowerProtect Management Center, and other associated systems.  These vulnerabilities, if exploited, could allow attackers to compromise system integrity, escalate privileges, or execute arbitrary code.  Organizations relying on these systems for data protection and recovery are urged to take […]

The post Multiple Dell PowerProtect Vulnerabilities Let Attackers Compromise System  appeared first on Cyber Security News.

Microsoft has issued a security advisory for CVE-2025-21396, a critical authentication bypass vulnerability that could allow attackers to spoof credentials and gain unauthorized access to Microsoft accounts. Cybersecurity experts are urging users and organizations to swiftly address this issue by applying relevant updates and following Microsoft’s guidance. The vulnerability is linked to CWE-290, Authentication Bypass […]

The post Critical Microsoft Accounts Authentication Bypass Vulnerability Let Attackers Gain Remote Access appeared first on Cyber Security News.

Researchers unveiled a sophisticated malware campaign in a recent cybersecurity alert involving ValleyRAT, a Remote Access Trojan (RAT) frequently linked to the Silver Fox APT group. This threat has evolved with new delivery techniques, targeting key roles within organizations, particularly in finance and accounting departments. The attackers exploit vulnerabilities in legitimate software and use advanced […]

The post ValleyRAT Attacking Org’s Accounting Department With New Delivery Techniques appeared first on Cyber Security News.

A recent cybersecurity threat has emerged in the form of AsyncRAT, a remote access trojan (RAT) that leverages Python and TryCloudflare for stealthy malware delivery. This sophisticated campaign involves a complex sequence of events, starting with phishing emails that deceive users into downloading malicious payloads. Here the attack chain exploits legitimate infrastructure which makes the […]

The post AsyncRAT Abusing Python and TryCloudflare For Stealthy Malware Delivery appeared first on Cyber Security News.

A proof-of-concept (PoC) exploit code has been released for CVE-2025-21293, a critical Active Directory Domain Services Elevation of Privilege vulnerability. This vulnerability, discovered in September 2024 and patched in January 2025, has raised concerns due to its potential to allow attackers to gain system-level privileges within an Active Directory environment. The vulnerability was identified during […]

The post PoC Exploit Released for Active Directory Domain Services Privilege Escalation Vulnerability appeared first on Cyber Security News.

A sophisticated web-skimming campaign targeting multiple websites, including the UK online store of electronics giant Casio (casio[.]co.uk). The attack, which exposed sensitive customer data, highlights ongoing vulnerabilities in e-commerce platforms and the evolving tactics of cybercriminals. The breach on casio.co.uk was traced back to a malicious web skimmer script that became active between January 14th […]

The post Casio UK Web Store Hacked to Inject Customer Credit Card Stealing Scripts appeared first on Cyber Security News.

2024 marked a record-breaking year for cybersecurity challenges as threat actors ramped up their exploitation of vulnerabilities. According to the latest findings from VulnCheck, 768 Common Vulnerabilities and Exposures (CVEs) were publicly reported as exploited in the wild for the first time this year. This figure represents a 20% increase compared to 639 CVEs reported […]

The post 768 Vulnerabilities Exploited in the Wild in 2024: A 20% Year-Over-Year Surge appeared first on Cyber Security News.

British Prime Minister Keir Starmer was reportedly the target of a sophisticated cyberattack by Russian-linked hackers in 2022, prior to his tenure as prime minister. The revelations, detailed in the newly published book “Get In: The Inside Story of Labour Under Starmer” by Patrick Maguire and Gabriel Pogrund, have drawn fresh attention to cybersecurity vulnerabilities […]

The post British PM Keir Starmer’s Personal Email Allegedly Hacked by Russian Operatives appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated malware campaign exploiting tax season to target financial organizations and individuals globally. The campaign involves phishing emails impersonating tax agencies and financial institutions, delivering malware and harvesting sensitive credentials. The malicious actors behind this campaign are leveraging tax-related themes, such as account updates, overdue payments, or tax refunds, to […]

The post New Malware Campaign Mimic Tax Agencies Attacking Financial Organizations appeared first on Cyber Security News.

Microsoft has announced the rollout of Avatars for Microsoft Teams, a feature that allows users to create personalized avatars for meetings using Artificial Intelligence (AI).  This revolutionary update is designed to make virtual meetings more engaging and inclusive by enabling users to customize and represent themselves with an avatar, even with their video cameras turned […]

The post Microsoft Announces AI Avatar for Teams Meeting appeared first on Cyber Security News.

Globe Life Inc. has become the latest victim of a high-profile cybersecurity incident, with a threat actor claiming access to sensitive personal and health data of over 850,000 individuals.  The attack, while not involving traditional ransomware, appears to be an extortion attempt that poses significant risks to the Company’s reputation and its customers’ security. The […]

The post Globe Life Ransomware Attack – 850,000+ Users Personal & Health Data Exposed appeared first on Cyber Security News.

Researchers have identified critical vulnerabilities in MediaTek wireless LAN (WLAN) drivers that could potentially expose millions of devices to severe security risks.  These vulnerabilities, tracked under the Common Vulnerabilities and Exposures (CVE) identifiers CVE-2025-20631, CVE-2025-20632, and CVE-2025-20633, allow attackers to exploit flaws in the WLAN Access Point (AP) drivers of multiple MediaTek chipsets. The vulnerabilities, […]

The post MediaTek Chipsets WLAN Vulnerabilities Exposes Million of Devices to Remote Attacks appeared first on Cyber Security News.

A sophisticated phishing campaign has emerged, targeting high-profile X (formerly Twitter) accounts to promote fraudulent cryptocurrency schemes. The attack exploits the credibility of verified accounts, leveraging their reach to deceive users into visiting phishing sites. The attackers employ a variety of phishing lures, including fake login alerts and copyright violation notices. A typical email might […]

The post New Phishing Attack Hijacking High-Profile X Accounts To Promote Phishing Sites appeared first on Cyber Security News.