Cyber Security News

Dell Technologies has issued a critical security advisory warning customers about multiple vulnerabilities in its Secure Connect Gateway (SCG) product that could potentially lead to system compromise.  The vulnerabilities affect versions prior to 5.28.00.14 and require immediate attention from system administrators. According to Dell’s advisory, two newly identified vulnerabilities specific to Dell’s proprietary code include: […]

The post Multiple Dell Secure Connect Gateway Flaws Allows System Compromise appeared first on Cyber Security News.

The Babuk2 ransomware group has been caught issuing extortion demands based on false claims and recycled data from previous breaches. This revelation comes from recent investigations conducted by the Halcyon RISE Team, shedding light on a concerning trend in the world of cybercrime. The Babuk2 group, also known as Babuk-Bjorka, has been making waves with […]

The post Babuk2 Ransomware Issuing Fake Extortion Demands With Data from Old Breaches appeared first on Cyber Security News.

Cybercriminals have launched a new sophisticated attack campaign targeting travelers through fake booking websites. The campaign, discovered in early 2025, tricks users into installing LummaStealer malware through deceptive CAPTCHA verification processes, putting personal and financial information at risk. The attack begins when unsuspecting victims visit what appears to be a legitimate booking confirmation page. Before […]

The post Sophisticated Attack Via Booking Websites Installs LummaStealer Malware appeared first on Cyber Security News.

A sophisticated phishing campaign is targeting cryptocurrency investors with fraudulent emails claiming a mandatory Coinbase wallet migration requirement. These deceptive messages, bearing the subject line “Migrate to Coinbase wallet,” are being distributed at a large scale, potentially bypassing spam filters due to their clever design. The scam alleges that a court order has forced Coinbase […]

The post Beware of Fake Coinbase Migration Messages Aimed to Steal Your Wallet Credentials appeared first on Cyber Security News.

A severe vulnerability in Synology’s DiskStation Manager (DSM) allows remote attackers to execute arbitrary code with no user interaction.  The flaw, disclosed during PWN2OWN 2024, received a Critical severity rating with a CVSS score of 9.8, indicating its potential for widespread exploitation. The primary vulnerability, identified as CVE-2024-10441, stems from improper encoding or escaping of […]

The post Critical Synology Vulnerability Let Attackers Remote Execute Arbitrary Code appeared first on Cyber Security News.

A critical vulnerability in Windows File Explorer, identified as CVE-2025-24071, enables attackers to steal NTLM hashed passwords without any user interaction beyond simply extracting a compressed file.  Security researchers have released a proof-of-concept exploit demonstrating this high-severity flaw, which Microsoft patched in its March 2025 updates. Microsoft Windows File Explorer Vulnerability The vulnerability, dubbed “NTLM […]

The post Microsoft Windows File Explorer Vulnerability Let Attackers Perform Network Spoofing – PoC Released appeared first on Cyber Security News.

Threat actors are allegedly offering root access to Canon Inc.’s internal firewall systems on underground hacking forums.  According to security monitoring firm ThreatMon, the advertisement appeared on a popular dark web marketplace, claiming to provide administrator-level access to the Japanese camera giant’s network infrastructure. The threat actor’s listing, verified by multiple security analysts, advertises privileged […]

The post Hackers Allegedly Selling Firewall Access to Canon Inc on Hacking Forums appeared first on Cyber Security News.

A sophisticated phishing campaign is leveraging virtual hard disk (.vhd) files to distribute the dangerous VenomRAT malware. The attack begins with purchase order-themed emails containing archive attachments that, when extracted, reveal hard disk image files designed to evade traditional security measures. Upon opening, the .vhd file mounts itself as a disk drive containing a heavily […]

The post Hacker Weaponizing Hard Disk Image Files To Deliver VenomRAT appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert highlighting a significant vulnerability in Fortinet’s FortiOS and FortiProxy systems, which threat actors are actively exploiting. The authentication bypass vulnerability, tracked as CVE-2025-24472, has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation in ransomware campaigns. […]

The post CISA Warns of Fortinet FortiOS Authentication Bypass Vulnerability Exploited in Wild appeared first on Cyber Security News.

ClearFake, a malicious JavaScript framework first identified in July 2023, has evolved with sophisticated new social engineering tactics. Originally designed to display fake browser update pages, the framework has undergone significant developments, incorporating more advanced deception techniques to deliver malware through compromised websites. The latest variant, discovered in December 2024, employs fake reCAPTCHA or Cloudflare […]

The post New Clearfake Variant Leverages Fake reCAPTCHA To Trick Users Deliver Malicious PowerShell Code appeared first on Cyber Security News.

A critical Windows vulnerability that has been exploited since 2017 by state-sponsored threat actors has been uncovered recently by researchers. The vulnerability, tracked as ZDI-CAN-25373, allows attackers to execute hidden malicious commands on victims’ machines by leveraging specially crafted Windows shortcut (.lnk) files. This security flaw impacts how Windows displays the contents of shortcut files […]

The post 8-Year Old Windows Shortcut Zero-Day Exploited by 11 State-Sponsored Hacker Groups appeared first on Cyber Security News.

Cryptocurrency exchange Bybit detected unauthorized activity involving its Ethereum cold wallets, leading to a major security breach. The incident occurred during an ETH multisig transaction facilitated through Safe{Wallet}, when attackers intervened and manipulated the transaction, ultimately siphoning over 400,000 ETH from the exchange’s cold storage. The attack demonstrated unprecedented sophistication across multiple security domains, including […]

The post Bybit Hack – Sophisticated Multi-Stage Attack Details Revealed appeared first on Cyber Security News.

A sophisticated cybersecurity threat has emerged as threat actors have begun leveraging DLL side-loading techniques to distribute malicious Python code. This attack vector allows hackers to bypass standard security controls by exploiting the way legitimate applications search for and load dynamic-link libraries (DLLs). The technique enables attackers to execute arbitrary Python code with the privileges […]

The post Hackers Employ DLL Side-Loading To Deliver Malicious Python Code appeared first on Cyber Security News.

A sophisticated cyber espionage campaign has been uncovered where threat actors are masquerading as recruiters to target job seekers and employees of specific organizations. The attackers send phishing emails disguised as job opportunities from legitimate industrial organizations, attaching malicious files that appear to be employment offers but actually deploy malware to steal sensitive information. The […]

The post Squid Werewolf Mimic as Recruiters Attacking Job Seekers To Exfiltrate Personal Data appeared first on Cyber Security News.

A sophisticated malware campaign dubbed “DocSwap” has emerged targeting Android users globally by disguising itself as a legitimate document security and viewing application. The malware leverages social engineering tactics to trick users into installing what appears to be a productivity tool while covertly establishing persistence on victims’ devices and exfiltrating sensitive information. Initial infection typically […]

The post DocSwap Malware as Security Document Viewer Attacking Android Users Worldwide appeared first on Cyber Security News.

Microsoft has issued an urgent security advisory regarding a newly discovered malware strain called StilachiRAT, which specifically targets and exfiltrates data from Remote Desktop Protocol (RDP) sessions. The sophisticated malware has been observed in targeted attacks against financial institutions, government agencies, and critical infrastructure organizations across multiple regions. Security experts warn that this new threat […]

The post Microsoft Warns of New StilachiRAT Stealing Remote Desktop Protocol Sessions Data appeared first on Cyber Security News.

Security researchers from Bitdefender have uncovered a large-scale ad fraud campaign involving 331 malicious apps on the Google Play Store. These apps, which have accumulated over 60 million downloads, exploit vulnerabilities in Android 13 to bypass security restrictions and carry out phishing attacks, ad fraud, and credential theft. The campaign demonstrates an alarming level of […]

The post 331 Malicious Apps with 60 Million Downloads on Google Play Bypass Android 13 Security appeared first on Cyber Security News.

A sophisticated new phishing campaign has been discovered that exploits Microsoft 365’s legitimate infrastructure to conduct highly convincing credential harvesting and account takeover attempts. Unlike traditional phishing attempts that rely on lookalike domains or email spoofing, this attack leverages Microsoft’s own trusted systems to bypass security controls and deceive users. The attack utilizes Microsoft’s legitimate […]

The post New Sophisticated Phishing Attack Exploiting Microsoft 365 Infrastructure To Attack Users appeared first on Cyber Security News.

Cloudflare has announced the first phase of end-to-end quantum readiness for its Zero Trust platform, enabling organizations to protect their corporate network traffic against future quantum computer threats.  The initiative, which builds on Cloudflare’s research into post-quantum cryptography since 2017, addresses growing concerns about the vulnerability of conventional encryption methods to quantum computing attacks. Quantum […]

The post Cloudflare to Implement Post-Quantum Cryptography to Defend Attacks from Quantum Computers appeared first on Cyber Security News.

A sophisticated cyberattack technique known as Browser-in-the-Middle (BitM) has emerged, enabling hackers to bypass multi-factor authentication (MFA) and steal user sessions in mere seconds. This method exploits web browser functionalities to hijack authenticated sessions, posing a significant threat to organizations relying on traditional security measures. BitM attacks mimic legitimate browsing experiences by routing victims through […]

The post New BitM Attack Lets Hackers Steal User Sessions Within Seconds appeared first on Cyber Security News.