Cyber Security News

A groundbreaking cybersecurity vulnerability has emerged that transforms Perplexity’s AI-powered Comet browser into an unintentional collaborator for data theft.  Security researchers at LayerX have discovered a sophisticated attack vector dubbed “CometJacking” that enables malicious actors to weaponize a single URL to extract sensitive user data without requiring any traditional credential theft or malicious webpage content. […]

The post New CometJacking Attack Let Attackers Turn Perplexity Browser Against You in One Click appeared first on Cyber Security News.

A data breach at a third-party customer service provider has exposed the personal data of some Discord users, including names, email addresses, and a small number of scanned government-issued photo IDs. The incident did not compromise Discord’s main systems, and the unauthorized access was limited to data handled by the company’s support teams. Discord announced […]

The post Discord Data Breach – Customers Personal Data and Scanned Photo IDs leaked appeared first on Cyber Security News.

The digital world continues to face growing threats around software vulnerabilities, data breaches, and cyber supply chain attacks. As companies rely more heavily on open-source software, third-party code, and cloud-native applications, the need for supply chain intelligence security solutions has never been greater. In 2025, organizations must adopt highly reliable platforms that provide visibility, compliance, […]

The post Top 10 Best Supply Chain Intelligence Security Companies in 2025 appeared first on Cyber Security News.

A cybercrime collective known as Scattered LAPSUS$ Hunters has launched a new data leak site on the dark web, claiming it holds nearly one billion records from Salesforce customers. The group is orchestrating a widespread blackmail campaign, setting a ransom deadline of October 10, 2025. They have threatened to publish sensitive data and technical details […]

The post Scattered LAPSUS$ Hunters Announced Salesforce Breach List On New Onion Site appeared first on Cyber Security News.

Renault UK has notified customers of a data breach after a cyberattack on one of its third-party service providers resulted in the theft of personal information. The company has assured its clients that its own internal systems were not compromised and that no financial data was exposed. Renault UK began sending emails to affected drivers […]

The post Renault UK Suffers Cyberattack – Hackers Stolen Users Customers Personal Data appeared first on Cyber Security News.

In 2025, digital transactions are at an all-time high, but so are the risks of fraud. Businesses in banking, e-commerce, fintech, and even social networks are facing increasing pressure to secure their platforms against identity theft, payment fraud, and cybersecurity threats. Fraud prevention tools have evolved into AI-driven, machine-learning-powered solutions that proactively monitor suspicious transactions […]

The post Top 10 Best Fraud Prevention Companies in 2025 appeared first on Cyber Security News.

In recent months, security teams have observed a surge in Android spyware campaigns that prey on privacy-conscious users by masquerading as trusted messaging apps. These malicious payloads exploit users’ trust in Signal and ToTok, delivering trojanized applications that request extensive permissions under the guise of enhanced functionality. Initial distribution relies on phishing websites and fake […]

The post New Android Spyware Attacking Android Users Mimic as Signal and ToTok Apps appeared first on Cyber Security News.

In recent months, a sophisticated campaign dubbed Cavalry Werewolf has emerged, targeting government and critical infrastructure organizations across Russia and neighboring regions. Adversaries initiated these attacks by sending meticulously crafted phishing emails that impersonate officials from Kyrgyz government agencies. These emails contain malicious RAR archives, which deploy a suite of custom tools, including the FoalShell […]

The post Threat Actors Pose as Government Officials to Attack Organizations with StallionRAT appeared first on Cyber Security News.

AmCache plays a vital role in identifying malicious activities in Windows systems. This tool allows the identification of both benign and malicious software execution on a machine.  Managed by the operating system and virtually tamper-proof, AmCache data endures even when malware auto-deletes itself, making it indispensable in incident response.  AmCache stores SHA-1 hashes of executed […]

The post New AmCache EvilHunter Tool For Detecting Malicious Activities in Windows Systems appeared first on Cyber Security News.

The resurgence of XWorm in mid-2025 marks a significant escalation in malware sophistication. After a lull following the abrupt discontinuation of official support for version 5.6 in late 2024, threat actors unveiled XWorm V6.0 on June 4, 2025. A post on hackforums.net by an account named XCoderTools first announced this release, claiming to patch a […]

The post New XWorm V6 Variant Injects Malicious Code into a Legitimate Windows Program appeared first on Cyber Security News.

An operator known as GhostSocks advertised a novel Malware-as-a-Service (MaaS) on the Russian cybercrime forum XSS.is on October 15, 2023, promising to transform compromised devices into residential SOCKS5 proxies. The service capitalized on the inherent trust placed in residential IP addresses to bypass anti-fraud systems and avoid detection by network defenders. Early promotional posts showcased […]

The post New GhostSocks Malware-as-a-Service Enables Threat Actors to Convert Compromised Devices into Proxies appeared first on Cyber Security News.

In today’s hyperconnected digital environment, organizations face increasing threats to their online presence and reputations. From cyberattacks and phishing campaigns to data breaches and brand impersonation, businesses must actively safeguard their digital footprint. Digital footprint monitoring tools are designed to provide organizations with deep insights into risk exposure across surface web, deep web, and dark […]

The post Top 10 Best Digital Footprint Monitoring Tools For Organizations in 2025 appeared first on Cyber Security News.

Brand protection solutions are essential for enterprises in 2025 as digital commerce continues to grow and online threats evolve more rapidly than ever. With the surge in counterfeit products, trademark infringements, phishing attacks, and reputation risks, enterprises must safeguard their intellectual property and digital assets. Choosing the right brand protection tool not only builds consumer […]

The post Top 10 Best Brand Protection Solutions for Enterprises in 2025 appeared first on Cyber Security News.

Microsoft is updating its security policies to require administrator consent for new third-party applications seeking access to Exchange and Teams content. These “Secure by Default” changes, set to roll out from late October to late November 2025, aim to enhance tenant security by giving administrators greater control over data access. This update is a key […]

The post Microsoft to Launch New Secure Default Settings for Exchange and Teams APIs appeared first on Cyber Security News.

In 2025, businesses are facing unprecedented challenges in the digital risk landscape. With cyber threats evolving rapidly, organizations need advanced solutions to detect, assess, and mitigate risks originating outside traditional network perimeters. Digital Risk Protection (DRP) platforms offer proactive visibility into threats such as brand impersonation, data leaks, phishing attacks, and cybercrime activities that could […]

The post Top 10 Best Digital Risk Protection (DRP) Platforms in 2025 appeared first on Cyber Security News.

Cybersecurity has become one of the most vital aspects of the digital-first world, where organizations face advanced and persistent threats daily. The need for Cyber Threat Intelligence (CTI) companies has never been more important in 2025. These companies provide organizations with real-time insights, actionable intelligence, and intelligence-driven defense mechanisms to protect sensitive data, critical infrastructure, […]

The post Top 10 Best Cyber Threat Intelligence Companies in 2025 appeared first on Cyber Security News.

In today’s fast-paced digital landscape, cyber attacks have become more complex, frequent, and damaging than ever before. Businesses, governments, and organizations need stronger solutions to protect their assets from evolving threats. End-to-end threat intelligence platforms play a crucial role in providing actionable insights, real-time data, and automated defenses against cyber threats. These solutions empower security […]

The post Top 10 Best End-to-End Threat Intelligence Compaines in 2025 appeared first on Cyber Security News.

A new proof-of-concept (PoC) tool named Obex has been released, offering a method to prevent Endpoint Detection and Response (EDR) and other monitoring solutions’ dynamic-link libraries (DLLs) from loading into processes. The tool, created by a researcher known as “dis0rder0x00,” is designed to block specified DLLs both during the initial startup of a process and […]

The post New Obex Tool Blocks EDR Dynamic Libraries From Loading at Runtime appeared first on Cyber Security News.

A proof-of-concept (PoC) exploit has been released for a critical vulnerability chain in VMware Workstation that allows an attacker to escape from a guest virtual machine and execute arbitrary code on the host operating system. The exploit successfully chains together an information leak and a stack-based buffer overflow vulnerability to achieve a full guest-to-host escape, […]

The post PoC exploit Released for VMware Workstation guest-to-host escape Vulnerability appeared first on Cyber Security News.

An extortion group known as the Crimson Collective claims to have breached Red Hat’s private GitHub repositories, making off with nearly 570GB of compressed data from 28,000 internal repositories. This data theft is being regarded as one of the most significant breaches in technology history, involving the unauthorized extraction of source code and sensitive confidential […]

The post Red Hat Data Breach – Threat Actors Claim Breach of 28K Private GitHub Repositories appeared first on Cyber Security News.