Cyber Security News

PortSwigger has enhanced Burp Suite’s scanning arsenal with the latest update to its ActiveScan++ extension, introducing detection for the critical React2Shell vulnerabilities (CVE-2025-55182 and CVE-2025-66478). This server-side request forgery (SSRF) flaw in React applications allows attackers to execute arbitrary shell commands, potentially leading to full remote code execution (RCE) on affected servers. Security researchers and […]

The post Burp Suite’s Scanning Arsenal Powered With Detection for Critical React2Shell Vulnerabilities appeared first on Cyber Security News.

The Indian government is currently evaluating a controversial proposal from the telecom industry that would mandate smartphone manufacturers to enable “always-on” satellite location tracking. This move has sparked significant opposition from major technology companies, including Apple, Google, and Samsung, who argue it poses serious privacy and security risks. The proposal was put forward by the […]

The post Apple, Google and Samsung May Enable Always-On GPS in India appeared first on Cyber Security News.

A deceptive Android application lurking in the Google Play Store, disguised as a document reader and file manager, but delivering the Anatsa banking trojan to users. Cybersecurity firm Zscaler ThreatLabz found an app named “Document Reader – File Manager” by developer ISTOQMAH. The app has amassed over 50,000 downloads while remaining live, tricking users into […]

The post Malicious Document Reader App in Google Play With 50K Downloads Installs Anatsa Malware appeared first on Cyber Security News.

A critical persistence technique in AWS Identity and Access Management (IAM) stemming from its eventual consistency model, allowing attackers to retain access even after defenders delete compromised access keys. AWS IAM, like many distributed systems, employs eventual consistency to scale across regions and replicas. Updates to resources such as access keys or policies propagate with […]

The post Hackers Exploit AWS IAM Eventual Consistency to Establish Persistence appeared first on Cyber Security News.

A sophisticated new phishing kit called GhostFrame has already been used to launch over 1 million attacks. First discovered in September 2025 by Security researchers at Barracuda, this stealthy tool represents a dangerous evolution in phishing-as-a-service technology. What makes GhostFrame particularly concerning is its simplicity combined with effectiveness. Unlike traditional phishing kits, GhostFrame uses an […]

The post New GhostFrame Super Stealthy Phishing Kit Attacks Millions of Users Worldwide appeared first on Cyber Security News.

Cary, North Carolina, USA, December 4th, 2025, CyberNewsWire Cybersecurity and IT training platform maintains Leader and Momentum Leader positions while expanding regional excellence INE has been recognized with seven G2 Winter 2026 badges, underscoring its continued leadership in online course delivery, technical skills development, and cybersecurity education. This season’s awards include Leader status in the […]

The post INE Earns G2 Winter 2026 Badges Across Global Markets appeared first on Cyber Security News.

A new alert warns people about a growing scam that uses altered photos to trick families into paying fake ransom demands. In a notice titled Alert Number: I-120525-PSA, dated December 5, 2025. The FBI explains that criminals are taking photos from social media and other public sites and altering them. Then, they are used as […]

The post FBI Warns of Hackers Altering Photos Found on Social Media to Use as Fake Proof appeared first on Cyber Security News.

QuasarRAT, initially surfacing in 2014 under the alias xRAT, began its lifecycle as a legitimate remote administration tool for Windows environments. Over the last decade, however, its open-source nature and accessibility have facilitated its transformation into a potent instrument for cybercriminals. The malware is built on the .NET Framework using C#, making it highly adaptable […]

The post QuasarRAT Core Functionalities Along with Encrypted Configuration and Obfuscation Techniques Exposed appeared first on Cyber Security News.

As artificial intelligence systems become more autonomous, their ability to interact with digital tools and data introduces complex new risks. Recognizing this challenge, researchers from NVIDIA and Lakera AI have collaborated on a new paper proposing a unified framework for the safety and security of these advanced “agentic” systems. The proposal addresses the shortcomings of […]

The post NVIDIA and Lakera AI Propose Unified Framework for Agentic System Safety appeared first on Cyber Security News.

Security researchers have exposed a critical privacy flaw dubbed “Careless Whisper” that lets attackers monitor user activity on WhatsApp and Signal through silent delivery receipts, without alerting victims or needing prior contact. By crafting stealthy messages like reactions to nonexistent content or timed-out edits, adversaries trigger round-trip time (RTT) responses revealing device states, all exploitable […]

The post Hackers Can Leverage Delivery Receipts on WhatsApp and Signal to Extract User Private Information appeared first on Cyber Security News.

Mobile security continues to face significant challenges as sophisticated malware campaigns evolve to bypass traditional defenses. The Triada Trojan, a persistent threat to Android users for nearly a decade, has resurfaced with a highly coordinated operation targeting advertising networks. This latest campaign leverages trusted infrastructure to distribute malicious payloads, complicating detection efforts. By embedding itself […]

The post Hackers Leverage Multiple Ad Networks to Attack Adroid Users With Triada Malware appeared first on Cyber Security News.

A critical vulnerability affecting Meta React Server Components has been added to the Known Exploited Vulnerabilities catalog, signalling widespread active exploitation by CISA. Tracked as CVE-2025-55182, this remote code execution vulnerability poses an immediate threat to organizations that rely on React Server Components. The vulnerability stems from a significant flaw in how React Server Components […]

The post CISA Adds Critical React2Shell Vulnerability to KEV Catalog Following Active Exploitation appeared first on Cyber Security News.

A severe authentication bypass vulnerability has been discovered in cal.com, the popular open-source scheduling platform. Allowing attackers to gain unauthorized access to user accounts by submitting fake TOTP codes. According to GitHub, flaw tracked as CVE-2025-66489, this critical flaw affects versions up to 5.9.7 and has been patched in version 5.9.8. Flawed Authentication Logic Exposes User […]

The post Critical Cal.com Vulnerability Let Attackers Bypass Authentication Via Fake TOTP Codes appeared first on Cyber Security News.

The United States continues to face an unprecedented surge in cyber threats, accounting for nearly half of all documented cyber attacks globally between 2024 and 2025. Recent data from the Cyber Events Database reveals that the US experienced 646 reported incidents during this period, representing 44 percent of all tracked attacks worldwide. This alarming statistic […]

The post US Accounts for 44% of Cyber Attacks; Financial Gain Targets Public Administration appeared first on Cyber Security News.

The Kitten Project has emerged as a coordinated hacktivist platform operating at the intersection of activism and technical operations. This initiative represents a shift in how cyber-focused groups organize their campaigns, moving beyond isolated attacks toward centralized infrastructure that facilitates communication, resource sharing, and coordinated action. The platform, accessible through thekitten.group, serves as a hub […]

The post The ‘Kitten’ Project – Hacktivist Groups Carrying Out Attacks Targeting Israel appeared first on Cyber Security News.

Proxmox Virtual Environment has become a popular choice for organizations building private cloud infrastructure and virtual machine management systems. However, a new analysis reveals significant security gaps in how the hypervisor can be exploited once an attacker gains initial access to the system. The research exposes a range of attack vectors that allow adversaries to […]

The post LOLPROX Exposes Hidden Exploitation Paths that Can Enable Stealthy Hypervisor Attacks appeared first on Cyber Security News.

The developer tools used by millions of programmers worldwide have become a prime target for attackers seeking to compromise entire organizations. Visual Studio Code and AI-powered IDEs like Cursor AI, when combined with their extension marketplaces, present a critical vulnerability in the software supply chain. Unlike regular users, developers hold access to sensitive credentials, source […]

The post Hackers Compromising Developers with Malicious VS Code, Cursor AI Extensions appeared first on Cyber Security News.

Critical security alerts have been issued for Firebox firewall devices due to serious ten vulnerabilities. The vulnerabilities in WatchGuard, disclosed on December 4, 2025, span multiple severity levels and attack vectors. With several requiring urgent patching to prevent unauthorized code execution and information disclosure. The most critical vulnerabilities enable authenticated attackers to execute arbitrary code […]

The post Critical WatchGuard Firebox Vulnerabilities Let Attackers Bypass Integrity Checks and Inject Malicious Codes appeared first on Cyber Security News.

This week’s cybersecurity landscape featured a record-breaking 29.7 Tbps DDoS attack on a financial institution, leveraging IoT botnets and UDP floods that overwhelmed European networks until mitigated via BGP blackholing by Cloudflare and Akamai, highlighting the need for 5G device segmentation. Google released Chrome 143, patching 12 high-severity flaws, including three actively exploited zero-days (CVE-2025-1234, […]

The post Cybersecurity News Weekly Newsletter – 29.7 Tbps DDoS Attack, Chrome 143, React2Shell Vulnerabilities, and Cloudflare Outage appeared first on Cyber Security News.

LockBit 5.0 key infrastructure exposed, revealing the IP address 205.185.116.233, and the domain karma0.xyz is hosting the ransomware group’s latest leak site. According to researcher Rakesh Krishnan, hosted under AS53667 (PONYNET, operated by FranTech Solutions), a network frequently abused for illicit activities, the server displays a DDoS protection page branded with “LOCKBITS.5.0,” confirming its role […]

The post LockBit 5.0 Infrastructure Exposed in New Server, IP, and Domain Leak appeared first on Cyber Security News.