Cyber Security News

As the 2025 U.S. tax season reaches its peak, cybersecurity analysts report a dramatic escalation in phishing campaigns exploiting IRS and federal tax themes. Between January 1 and February 18, threat actors registered 158 unique domains mimicking official IRS subdomains like “irs.gov.*”, deploying advanced social engineering tactics through SMS phishing (smishing) and social media platforms. […]

The post New IRS and Tax-Themed Cyber Attacks Fueled With New Domain Registrations appeared first on Cyber Security News.

Mozilla has released Firefox 135.0.1, a stability and security update addressing a high-severity memory safety vulnerability (CVE-2025-1414) that exposed users to potential remote code execution (RCE) attacks.  The patch resolves critical flaws in Firefox 135.0, which could have allowed attackers to exploit memory corruption and compromise systems.  This release underscores Mozilla’s ongoing efforts to mitigate […]

The post Firefox 135.0.1 Released with Fix for High-Severity Memory Safety Vulnerabilities appeared first on Cyber Security News.

A severe security flaw in the Jupiter X Core plugin for WordPress exposed over 90,000 websites to Local File Inclusion (LFI) and Remote Code Execution (RCE) attacks.  The vulnerability tracked as CVE-2025-0366 with a CVSS score of 8.8 (High), enables authenticated attackers with contributor-level access to upload malicious SVG files and execute arbitrary code on vulnerable servers. […]

The post 90,000 WordPress Sites Vulnerable to Local File Inclusion Attacks appeared first on Cyber Security News.

Passwords are the first line of defense for protecting sensitive data, yet millions of users worldwide continue to rely on weak and predictable combinations.  A recent study by KnownHost reveals alarming trends in password security. It shows that many commonly used passwords can be cracked in less than a second.  With the average cost of […]

The post Most Popular Passwords Cracked Within a Second appeared first on Cyber Security News.

A new wave of “Scam-Yourself” attacks leveraging AI-generated deepfake videos and malicious scripts is targeting cryptocurrency enthusiasts and financial traders, marking a dangerous evolution in social engineering tactics. Discovered by cybersecurity researchers at Gen Digital, this campaign exploits verified YouTube channels, synthetic personas, and AI-crafted payloads to manipulate victims into compromising their own systems. The […]

The post New Wave of ‘Scam-Yourself’ Attacks Utilizing AI-Generated Videos With DeepFake appeared first on Cyber Security News.

A hacker operating under the alias “exelo” has allegedly advertised a database containing 602,800 Yahoo email accounts on an underground forum.  The post claims the dataset is “private and non-Russian. ” The full list costs $100. A free sample of 50,000 accounts is reportedly offered to interested buyers as a test. The advertisement appears on […]

The post Yahoo Data Leak – Hackers Allegedly Advertised 602,000 Email Accounts appeared first on Cyber Security News.

A critical vulnerability in Apache Ignite tracked as CVE-2024-52577, exposes systems to remote code execution (RCE) attacks due to improper enforcement of class serialization filters.  Rated CVSS 9.8, this flaw affects Ignite versions 2.6.0 through 2.16.x, enabling attackers to execute arbitrary code by exploiting deserialization weaknesses in server endpoints. Apache Ignite, a distributed in-memory database […]

The post Critical Apache Ignite Vulnerability Let Attackers Execute Remote Code  appeared first on Cyber Security News.

The Russian government announced a comprehensive legislative package on February 10, 2025, introducing severe penalties for cybercrimes.  The reforms, which amend over 30 existing laws, aim to modernize Russia’s cybersecurity framework by escalating prison terms, expanding asset confiscation protocols, and mandating public trials for high-profile cybercriminals.  The initiative follows a surge in state-linked hacking campaigns […]

The post Russian Government Proposed New Penalties to Combat Cybercrime appeared first on Cyber Security News.

Microsoft has unveiled GPT-4o Copilot, a cutting-edge code completion model now available for Visual Studio Code (VS Code) users.  Built on the GPT-4o mini architecture and trained on over 275,000 high-quality public repositories spanning more than 30 popular programming languages, this update promises significant improvements in suggestion accuracy and runtime performance.  The release marks a […]

The post GPT-4o Copilot Trained in Over 30 Popular Programming Languages appeared first on Cyber Security News.

A sophisticated cyberattack campaign targeting Chinese-speaking users, malicious actors have weaponized fake versions of popular applications such as Signal, Line, and Gmail. These fake and weaponized apps are distributed via deceptive download pages that deliver malware capable of altering system defenses, evading detection, and exfiltrating sensitive data. The attackers exploit search engine manipulation to push […]

The post Weaponized Signal, Line, and Gmail Apps Delivers Malware That Changes System Defenses appeared first on Cyber Security News.

New research reveals ransomware gangs are accelerating encryption timelines while adopting advanced evasion techniques and data extortion strategies. A 2025 threat report by cybersecurity firm Huntress reveals ransomware gangs now take just 17 hours on average to encrypt systems after initial network intrusion, with some groups like Akira and RansomHub operating in as little as […]

The post Ransomware Gangs Encrypt Systems After 17hrs From Initial Infection appeared first on Cyber Security News.

The RansomHub ransomware group has rapidly emerged as one of the most prolific cybercrime syndicates of 2024–2025. As this ransomware group done by expanding its arsenal to target Windows, VMware ESXi, Linux, and FreeBSD systems in global attacks. RansomHub ransomware group leverages advanced evasion techniques, cross-platform encryption, and vulnerabilities in enterprise infrastructure. Group-IB analysts have […]

The post RansomHub Evolves To Attack Windows, ESXi, Linux and FreeBSD Operating Systems appeared first on Cyber Security News.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical zero-day vulnerability in Apple iOS and iPadOS, tracked as CVE-2025-24200, being actively exploited in targeted attacks.  The flaw, an authorization bypass in Apple’s USB Restricted Mode, enables attackers with physical access to disable security protections on locked devices, potentially […]

The post CISA Warns of Apple iOS Vulnerability Exploited in Wild appeared first on Cyber Security News.

Multiple vulnerabilities in enterprise-grade Xerox Versalink C7025 multifunction printers (MFPs) enable attackers to intercept authentication credentials from Lightweight Directory Access Protocol (LDAP) and Server Message Block (SMB) services.  Designated as CVE-2024-12510 and CVE-2024-12511, these flaws allow malicious actors to execute “pass-back attacks” – a technique that redirects device authentication attempts to attacker-controlled systems.  The vulnerabilities, […]

The post Xerox Printers Vulnerability Let Attackers Capture Authentication Data From LDAP & SMB appeared first on Cyber Security News.

A sophisticated malware campaign has recently been uncovered by security researchers at Sucuri, targeting WordPress websites through hidden malware and backdoors in the mu-plugins directory. This attack chain allows remote execution of malicious code, enabling full server compromise, data theft, and persistent control over infected sites. The /wp-content/mu-plugins/ directory – designed for “must-use” plugins that […]

The post Hidden Malware in WordPress Websites Allows Attackers to Execute Malicious Code Remotely appeared first on Cyber Security News.

Microsoft Threat Intelligence has identified an evolved iteration of the XCSSET malware family actively exploiting macOS developers via weaponized Xcode projects.  This modular backdoor, first documented in 2020, now employs advanced obfuscation techniques, refined persistence mechanisms, and novel infection vectors to subvert Apple’s security frameworks and compromise software supply chains. The 2024 variant introduces multi-layered […]

The post New XCSSET Malware Attacking macOS Users by Infecting Xcode Projects  appeared first on Cyber Security News.

A critical Insecure Direct Object Reference (IDOR) vulnerability was recently discovered in ExHub, a cloud-based platform for hulia-based development.  This flaw allowed attackers to modify web hosting configurations of any project without proper authorization, posing significant risks to affected systems.  Misconfigurations may cause outages or make services unavailable. Furthermore, attackers may be able to escalate […]

The post IDOR Vulnerability in ExHub Let Attacker Modify Web Hosting Configuration appeared first on Cyber Security News.

Security researchers at Volexity have uncovered multiple Russian threat actors conducting sophisticated social engineering and spear-phishing campaigns targeting Microsoft 365 accounts through Device Code Authentication exploitation. The attacks, observed since mid-January 2025, involve three distinct groups: “CozyLarch (APT29),” “UTA0304,” and “UTA0307.” The threat actors impersonate officials from organizations like the US Department of State, Ukrainian […]

The post Multiple Russian Actors Attacking Orgs To Hack Microsoft 365 Accounts via Device Code Authentication appeared first on Cyber Security News.

The Indian Post Office portal was found vulnerable to an Insecure Direct Object Reference (IDOR) attack, exposing sensitive Know Your Customer (KYC) data of thousands of users.  This breach highlights the critical need for robust security measures in government-operated digital platforms, especially those handling sensitive personal information like Aadhaar and PAN details. What Happened? According […]

The post Indian Post Office Portal Exposed Thousands of KYC Records With Username & Mobile Number appeared first on Cyber Security News.

Google has unveiled a groundbreaking security feature in Android 16 Beta 2 aimed at combating phone scams by blocking users from altering sensitive settings during active phone calls.  This feature, currently live in the beta version, prevents enabling permissions like sideloading apps and granting accessibility access, both of which are commonly exploited by scammers. Phone […]

The post New Android Security Feature that Blocks Changing Sensitive Setting During Calls appeared first on Cyber Security News.