Cyber Security News

Menlo Park, United States, July 30th, 2025, CyberNewsWire AccuKnox, Inc., the Zero Trust Cloud-Native Application Protection Platform (CNAPP) leader, has announced deployment in the UAE banking sector through its strategic partnership with cybersecurity VAD CyberKnight. The deal, secured with a major Abu Dhabi-based financial institution [market cap $30 billion], marks a milestone in AccuKnox’s regional expansion. The deployment […]

The post AccuKnox Partners With CyberKnight To Deliver Zero Trust Security For A Leading Global Bank In The UAE. appeared first on Cyber Security News.

ArmouryLoader burst onto the threat landscape in late 2024 after hijacking the export table of ASUS’s Armoury Crate utility, turning a trusted gaming companion into an initial entry point for sophisticated malware campaigns. Since then, security teams have watched a steady uptick in incidents where the loader quietly slips past endpoint telemetry, decrypts its payload […]

The post ArmouryLoader Bypassing System Security Protections and Inject Malicious Codes appeared first on Cyber Security News.

The difference between a minor security incident and a devastating breach often comes down to one critical factor: how quickly you can detect and respond to a threat. Hackers rarely target an isolated business: they typically launch campaigns that hit multiple companies with similar tactics, techniques, and procedures (TTPs). This means, by the time an […]

The post Want To Detect Incidents Before It’s Too Late? You Need Threat Intelligence appeared first on Cyber Security News.

France’s leading telecommunications giant Orange confirmed on Monday that it detected a significant cyberattack targeting one of its information systems on Friday, July 25, 2025. The incident has resulted in widespread service disruptions affecting both corporate customers and consumer services, primarily within France. The attack prompted immediate action from Orange’s security teams, working in collaboration […]

The post Orange Hit by Cyberattack – A French Telecom Giant’s Internal Systems Hacked appeared first on Cyber Security News.

Over the past year, a previously quiet Chinese threat cluster has surged onto incident-response dashboards worldwide, pivoting from single zero-day hits to an industrialized pipeline of weaponized vulnerabilities. First detected targeting unpatched Fortinet SSL-VPN appliances in late-2024, the group—dubbed “Goujian Spider” by incident handlers—now blends rapid vulnerability acquisition with skillful post-exploitation automation, breaching defense contractors, […]

The post Chinese Hackers Weaponizes Software Vulnerabilities to Compromise Their Targets appeared first on Cyber Security News.

Microsoft Teams is rolling out a significant enhancement to its meeting experience with the introduction of a new meeting join banner designed to streamline user access to scheduled meetings.  The feature, identified by message code MC1115979, represents Microsoft’s continued effort to improve productivity and reduce meeting delays across enterprise environments.  Key Takeaways1. Automatic meeting join […]

The post Microsoft Teams New Meeting Join Bar Reminds You to Join Meeting On-time appeared first on Cyber Security News.

A critical security vulnerability has been discovered in CodeIgniter4’s ImageMagick handler, exposing potentially millions of web applications to command injection attacks through malicious file uploads.  The vulnerability, tracked as CVE-2025-54418, received a CVSS score of 9.8, indicating the highest severity level and immediate risk to affected systems. Key Takeaways1. Critical vulnerability in CodeIgniter4 <4.6.2 ImageMagick […]

The post Critical CodeIgniter Vulnerability Exposes Million of Webapps to File Upload Attacks appeared first on Cyber Security News.

Multiple critical vulnerabilities affecting SonicWall’s SMA100 series SSL-VPN appliances, highlighting persistent security flaws in network infrastructure devices.  The vulnerabilities, designated CVE-2025-40596, CVE-2025-40597, and CVE-2025-40598, demonstrate fundamental programming errors that enable pre-authentication attacks against firmware version 10.2.1.15. Key Takeaways1. Stack overflow, heap overflow, and XSS in SonicWall SMA100 SSL-VPN devices.2. Both overflows triggered without authentication via […]

The post SonicWall SMA100 Series N-day Vulnerabilities Technical Details Revealed appeared first on Cyber Security News.

Singapore’s critical infrastructure faces an escalating cyber threat from UNC3886, a sophisticated Chinese state-linked Advanced Persistent Threat (APT) group that has been systematically targeting the nation’s energy, water, telecommunications, finance, and government sectors. The group, which first emerged circa 2021 and was formally identified by Mandiant in 2022, represents one of the most technically advanced […]

The post UNC3886 Actors Know for Exploiting 0-Days Attacking Singapore’s Critical Infrastructure appeared first on Cyber Security News.

The Python Package Index (PyPI) has issued an urgent warning to developers about an ongoing phishing campaign that exploits domain spoofing techniques to steal user credentials.  This sophisticated attack targets developers who have published packages on the official repository, leveraging their trust in the PyPI ecosystem to harvest login credentials through a carefully crafted fake […]

The post PyPI Warns of New Phishing Attack Targeting Developers With Fake PyPI Site appeared first on Cyber Security News.

A critical security vulnerability discovered in Google’s Gemini CLI tool allowed attackers to execute arbitrary malicious commands on developer systems without detection.  The vulnerability, identified by cybersecurity firm Tracebit on June 27, 2025, exploited a combination of prompt injection techniques, inadequate input validation, and misleading user interface elements to achieve silent code execution when developers […]

The post Gemini CLI Vulnerability Allows Hackers to Execute Malicious Commands on Developer Systems appeared first on Cyber Security News.

The latest wave of npm-centric phishing has taken a darker turn with the hijack of the ubiquitous is utility, a module pulled 2.8 million times every week. On 19 July 2025 attackers, armed with stolen maintainer credentials, slipped malicious versions 3.3.1 and 5.0.0 into the registry, seamlessly propagating the backdoor through ordinary dependency resolution. The […]

The post npm ‘is’ Package With 2.8M Weekly Downloads Weaponized to Attack Developers appeared first on Cyber Security News.

The Linux Foundation has officially released Linux kernel 6.16 on July 27, 2025, marking another milestone in open-source operating system development.  Released by Linus Torvalds, this version focuses on stability improvements and networking enhancements while maintaining the project’s commitment to reliability and performance optimization. Key Takeaways1. Fixed XFRM vulnerabilities and enhanced Intel i40e/MLX5 drivers for […]

The post Linux 6.16 Released – Optimized for Better Performance and Networking appeared first on Cyber Security News.

The cybercriminal landscape has witnessed a dramatic shift with the emergence of sophisticated malware-as-a-service (MaaS) platforms targeting Android devices. Criminal enterprises no longer require extensive technical expertise to deploy advanced mobile threats, as ready-to-use malware kits are now available for subscription fees as low as $300 per month. This democratization of cybercrime tools has transformed […]

The post Renting Android Malware With 2FA Interception, AV Bypass is Getting Cheaper Now appeared first on Cyber Security News.

The Atomic macOS Stealer (AMOS) has undergone a significant evolution, transforming from a traditional information stealer into a sophisticated persistent threat capable of maintaining long-term access to compromised macOS systems. This development marks a critical escalation in the malware’s capabilities, enabling attackers to execute remote commands and deploy additional payloads beyond its original data theft […]

The post Atomic macOS Stealer Comes With New Backdoor to Enable Remote Access appeared first on Cyber Security News.

The cyberthreat landscape witnessed a concerning evolution in 2025 as the notorious Muddled Libra threat group dramatically shifted their attack methodology, pivoting from traditional phishing campaigns to sophisticated voice-based social engineering targeting organizational call centers and help desks. This Western-based collective, comprising primarily young English-speaking cybercriminals, has transformed their operational approach to achieve unprecedented speed […]

The post Muddled Libra Actors Attacking Organizations Call Centers for Initial Infiltration appeared first on Cyber Security News.

A sophisticated Russian state-sponsored advanced persistent threat (APT) group known as Laundry Bear has emerged as a significant cybersecurity concern, targeting NATO countries and Ukraine through an extensive campaign of espionage and intelligence gathering. Also tracked as Void Blizzard by Microsoft Threat Intelligence, this threat actor has been actively operating since at least April 2024, […]

The post Laundry Bear Infrastructure, Key Tactics and Procedures Uncovered appeared first on Cyber Security News.

A sophisticated new information stealer named SHUYAL has emerged in the cybersecurity landscape, demonstrating unprecedented scope in its credential harvesting capabilities. The malware targets login credentials from 19 different web browsers, ranging from mainstream applications like Google Chrome and Microsoft Edge to privacy-focused browsers such as Tor and Epic. This comprehensive approach makes SHUYAL particularly […]

The post New SHUYAL Attacking 19 Popular Browsers to Steal Login Credentials appeared first on Cyber Security News.

Singapore’s critical infrastructure is under siege from UNC3886, a sophisticated China-linked advanced persistent threat (APT) group. As of July 2025, the group has been actively targeting essential services like energy, water, telecommunications, and government systems, prompting urgent warnings from officials. This isn’t just another hack, it’s a calculated assault exploiting zero-day vulnerabilities in widely used […]

The post UNC3886 Hackers Exploiting 0-Days in VMware vCenter/ESXi, Fortinet FortiOS, and Junos OS appeared first on Cyber Security News.

Russia’s Aeroflot, one of the world’s oldest airlines, has been left scrambling after pro-Ukraine hackers claimed to have “completely destroyed” the carrier’s internal IT infrastructure in a stealthy, year-long campaign. The groups, known as “Silent Crow” and Belarusian counterpart “Cyber Partisans BY,” said they gained deep-tier access to systems ranging from booking platforms to executive […]

The post Hackers Allegedly Destroyed Aeroflot Airlines’ IT Infrastructure in Year-Long Attack appeared first on Cyber Security News.