Aggregator

You must login to view this content

You must login to view this content

Singapore’s four major telecommunications companies were hit by a coordinated cyber espionage campaign last year, the country’s Cyber Security Agency (CSA) has revealed. An advanced persistent threat group known as UNC3886 has probed deep into the networks of M1, SIMBA Telecom, Singtel, and StarHub, spurring Singapore’s security agencies to mount a large cyber defence operation. “Under Operation Cyber Guardian, the authorities worked closely with the telcos to limit UNC3886’s movement into the networks and ensure … More →

The post Singapore telcos breached in China-linked cyber espionage campaign appeared first on Help Net Security.

Microsoft is strengthening default protections in Windows through two security initiatives, Windows Baseline Security Mode and User Transparency and Consent. User Transparency and Consent User Transparency and Consent introduces a structured approach to how Windows presents security decisions to users. The operating system will prompt users when applications request access to sensitive resources such as files, cameras, or microphones, and when installers attempt to add additional software. Permission decisions are recorded so they can be … More →

The post Microsoft tightens Windows security with app transparency and user consent appeared first on Help Net Security.

A deceptive campaign targeting unsuspecting users has emerged, using a counterfeit version of the widely used 7-Zip file archiving software to silently transform home computers into residential proxy nodes. The malicious operation relies on a lookalike domain, 7zip[.]com, which closely mimics the legitimate 7-zip.org website, tricking users into downloading a compromised installer that appears fully […]

The post Hackers Weaponizing 7-Zip Downloads to Turn Your Home Computers into Proxy Nodes appeared first on Cyber Security News.

SAP’s February 2026 Security Patch Day delivered fixes that SAP urges customers to prioritize to reduce exposure across core enterprise workloads. The release includes 26 new SAP Security Notes and one update to a previously published note. SAP’s monthly bulletin is a remediation guide for vulnerabilities identified in SAP products, with an explicit recommendation to […]

The post SAP Security Patch Day – Critical SAP CRM and SAP S/4HANA Code Injection Vulnerabilities Fixed appeared first on Cyber Security News.

The cybersecurity sector has been impacted by the sudden appearance of “React2Shell” (CVE-2025-55182), a critical vulnerability affecting Next.js and React Server Components. Following its public disclosure on December 4, 2025, threat actors mobilized with alarming speed, launching exploitation attempts against internet-facing systems within just 20 hours. The flaw allows unauthenticated attackers to execute arbitrary code […]

The post ILOVEPOOP Toolkit Exploiting React2Shell Vulnerability to Deploy Malicious Payload appeared first on Cyber Security News.