Cyber Security News

A newly disclosed Server-Side Request Forgery (SSRF) flaw in Zimbra Collaboration Suite has raised major security concerns, prompting administrators to patch systems immediately. The issue, identified in the chat proxy configuration component, could allow attackers to gain unauthorized access to internal resources and sensitive user data. According to Zimbra’s latest advisory, this critical SSRF vulnerability […]

The post Critical Zimbra SSRF Vulnerability Let Attackers Access Sensitive Data appeared first on Cyber Security News.

Microsoft’s October 2025 cumulative update for Windows 11 has disrupted localhost functionality, preventing developers and users from accessing local web applications and services via 127.0.0.1. The issue, tied to update KB5066835 released on October 14, affects builds like 26100.6899 and has sparked widespread complaints on forums, including Microsoft’s support pages, Stack Overflow, and Server Fault. […]

The post Microsoft Windows 11 October Update Breaks Localhost (127.0.0.1) Connections appeared first on Cyber Security News.

Cybercriminals are exploiting TikTok’s massive user base to distribute sophisticated malware campaigns that promise free software activation but deliver dangerous payloads instead. The attack leverages social engineering tactics reminiscent of the ClickFix technique, where unsuspecting users are tricked into executing malicious PowerShell commands on their systems. Victims encounter TikTok videos offering free activation of popular […]

The post Hackers Using TikTok Videos to Deploy Self-Compiling Malware That Leverages PowerShell for Execution appeared first on Cyber Security News.

Cybercriminals associated with the North Korean threat group WaterPlum, also known as Famous Chollima or PurpleBravo, have escalated their activities with a sophisticated new malware strain called OtterCandy. This cross-platform RAT and information stealer represents a dangerous evolution in the group’s capabilities, combining features from previously observed malware families RATatouille and OtterCookie to create a […]

The post Threat Actors Leveraging ClickFake Interview Attack to Deploy OtterCandy Malware appeared first on Cyber Security News.

Security teams around the world are grappling with a new breed of cyber threats that leverage advanced automation to identify software weaknesses and craft malicious payloads at unprecedented speed. Over the past year, adversaries have integrated machine-driven workflows into their operations, enabling opportunistic criminals and well-funded groups alike to discover zero-days and assemble malware with […]

The post Hackers Using AI to Automate Vulnerability Discovery and Malware Generation – Microsoft Report appeared first on Cyber Security News.

A new campaign has emerged that weaponizes Microsoft’s familiar branding to lure unsuspecting users into a sophisticated tech support scam. Victims receive a seemingly legitimate email, complete with Microsoft’s official logo, claiming there is an important financial transaction or security alert requiring immediate attention. The message prompts recipients to click a link under the guise […]

The post New Tech Support Scam with Microsoft’s Logo Tricks Users to Steal Login Credentials appeared first on Cyber Security News.

A vulnerability in Microsoft’s newly implemented Rust-based kernel component for the Graphics Device Interface (GDI) in Windows. This flaw, which could trigger a system-wide crash via a Blue Screen of Death (BSOD), highlights the challenges of integrating memory-safe languages into critical OS components. Although Microsoft classified it as moderate severity, the issue underscores potential risks […]

The post Windows Rust Kernel GDI Vulnerability Leads to Crash and Blue Screen of Death Error appeared first on Cyber Security News.

Russia’s APT28 has resurfaced in mid-2025 with a sophisticated spear-phishing campaign that weaponizes Office documents to deploy two novel payloads: BeardShell, a C-based backdoor leveraging IceDrive as a command-and-control channel, and Covenant’s HTTP Grunt Stager, which communicates via the Koofr cloud API. These malicious documents are distributed through private Signal chats, exploiting the application’s lack […]

The post APT28 With Weaponized Office Documents Delivers BeardShell and Covenant Modules appeared first on Cyber Security News.

ConnectWise released a critical security update for its Automate platform on October 16, 2025. The patch, version 2025.9, addresses serious flaws in agent communications that could let attackers intercept sensitive data or push malicious software updates. These vulnerabilities primarily affect on-premises installations, where misconfigurations might expose systems to network-based exploits. The issues stem from environments […]

The post Critical ConnectWise Vulnerabilities Allow Attackers To Inject Malicious Updates appeared first on Cyber Security News.

A sophisticated rootkit targeting GNU/Linux systems has emerged, leveraging advanced eBPF (extended Berkeley Packet Filter) technology to conceal malicious activities and evade traditional monitoring tools. The threat, known as LinkPro, was discovered during a digital forensic investigation of a compromised AWS-hosted infrastructure, where it functioned as a stealthy backdoor with capabilities ranging from process hiding […]

The post LinkPro Rootkit Attacking GNU/Linux Systems Using eBPF Module to Hide Malicious Activities appeared first on Cyber Security News.

Cisco has issued a security advisory warning of multiple vulnerabilities in its Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 models running Cisco Session Initiation Protocol (SIP) Software. Published on October 15, 2025, the advisory details risks that could enable unauthenticated remote attackers to trigger denial-of-service (DoS) conditions or […]

The post Cisco Desk, IP, and Video Phone Vulnerabilities Let Remote Attackers Trigger DoS And XSS Attacks appeared first on Cyber Security News.

VMware has launched Workstation 25H2 and Fusion 25H2, the newest iterations of its desktop hypervisors, featuring a revamped versioning system, enhanced tools, and broader compatibility with modern hardware and operating systems. These updates aim to streamline virtualization for developers, IT professionals, and testers by improving performance, automation, and support for cutting-edge platforms. The releases introduce […]

The post VMware Workstation and Fusion 25H2 Released with New Features and Latest OS Support appeared first on Cyber Security News.

In recent months, a sophisticated malware campaign—dubbed EtherHiding—has emerged from North Korea-aligned threat actors, sharply escalating the cybersecurity risks facing cryptocurrency exchanges and their users worldwide. The campaign surfaced in the wake of heightened regulatory crackdowns on illicit crypto transactions, with attackers shifting tactics to exploit new digital supply chain vulnerabilities. EtherHiding first appeared in […]

The post North Korean Hackers Using EtherHiding to Deliver Malware and Steal Cryptocurrency appeared first on Cyber Security News.

Over 269,000 F5 devices are reportedly exposed to the public internet daily, according to data from The Shadowserver Foundation. This exposure comes at a critical time following F5’s disclosure of a sophisticated nation-state attack that compromised its development environment, stealing source code and details on undisclosed vulnerabilities in BIG-IP products. Nearly half of these exposed […]

The post Over 269,000 F5 Devices Exposed Online After Major Breach: U.S. Faces Largest Risk appeared first on Cyber Security News.

F5 Networks, a leading provider of application security and delivery solutions, has disclosed a significant security breach involving a nation-state threat actor, prompting the release of critical updates for its core products. Detected in August 2025, the incident exposed internal systems to prolonged unauthorized access, leading to the theft of BIG-IP source code and undisclosed […]

The post F5 Released Security Updates Covering Multiple Products Following Recent Hack appeared first on Cyber Security News.

Cisco has disclosed a severe vulnerability in its widely used IOS and IOS XE Software, potentially allowing attackers to crash devices or seize full control through remote code execution. The flaw, rooted in the Simple Network Management Protocol (SNMP) subsystem, stems from a stack overflow condition that attackers can trigger with a specially crafted SNMP […]

The post Cisco IOS and IOS XE Software Vulnerabilities Let Attackers Execute Remote Code appeared first on Cyber Security News.

A new information-stealer has emerged targeting job seekers with a trojanized Node.js application named Chessfi. Delivered via a modified npm package hosted on the official repository, the malware blends two previously separate tools—BeaverTail and OtterCookie—into a unified JavaScript payload. Victims are lured through fake employment offers and asked to install the application under the guise […]

The post North Korean Hackers Using Malicious Scripts Combining BeaverTail and OtterCookie for Keylogging appeared first on Cyber Security News.

Cybersecurity professionals are raising alarms over a new wave of phishing emails masquerading as breach notifications from LastPass. These messages warn recipients of an urgent account compromise and urge them to download a “security patch” to restore access. In reality, the downloadable file contains a sophisticated malware loader designed to harvest credentials and deploy additional […]

The post Beware of Fake ‘LastPass Hack’ Emails Trying to Trick Users Into Installing Malware appeared first on Cyber Security News.

Over the past month, a targeted campaign dubbed Operation Silk Lure has surfaced, exploiting the Windows Task Scheduler to deploy a novel variant of ValleyRAT. Emerging in mid-2025, the operation hinges on spear-phishing emails that carry malicious LNK attachments masquerading as candidate resumes. When victims open these attachments, a hidden PowerShell command initiates the download […]

The post Operation Silk Lure Weaponizing Windows Scheduled Tasks to Drop ValleyRAT appeared first on Cyber Security News.

The Qilin ransomware group has emerged as one of the most prolific and dangerous threat actors in the cybersecurity landscape, exploiting sophisticated bulletproof hosting infrastructure to conduct devastating attacks on organizations across multiple sectors. Operating under a Ransomware-as-a-Service (RaaS) model, Qilin first surfaced in mid-2022 under the name “Agenda” before rebranding later that year. The […]

The post Qilin Ransomware Using Ghost Bulletproof Hosting to Attack Organizations Worldwide appeared first on Cyber Security News.