Cyber Security News

A sophisticated social engineering campaign by the EncryptHub threat group that combines impersonation tactics with technical exploitation to compromise corporate networks. The Russian-linked cybercriminals are posing as IT support staff and using Microsoft Teams requests to establish remote access, ultimately deploying malicious payloads through a previously unknown Windows vulnerability. The attack begins with threat actors […]

The post Hackers Mimic IT Teams to Exploit Microsoft Teams Request to Gain System Remote Access appeared first on Cyber Security News.

API, short for Application Programming Interface, is a mechanism that helps extract data from software applications and transfer it to other software or users using APIs. Communication through APIs is based on different requests and responses, and developers provide good documentation on structuring requests to get the desired response. APIs allow many software/applications to automatically […]

The post <strong>10 Best API Protection Tools</strong> in 2025 appeared first on Cyber Security News.

Cybersecurity researchers from watchTowr Labs have published a comprehensive technical analysis of a critical pre-authentication command injection vulnerability affecting Fortinet FortiSIEM systems, designated as CVE-2025-25256. The vulnerability carries a maximum CVSS score of 9.8 and has already been exploited in the wild, making it one of the most pressing security threats facing enterprise security operations […]

The post Fortinet FortiSIEM Command Injection Vulnerability (CVE-2025-25256) – Technical Details Revealed appeared first on Cyber Security News.

Palo Alto Networks has published an extensive malware analysis tutorial detailing the dissection of a sophisticated .NET-based threat that delivers the Remcos remote access trojan (RAT). The malware’s emergence highlights a trend in which threat actors increasingly abuse legitimate development environments and tools—such as the Microsoft .NET runtime—to execute complex, multi-stage infection campaigns. This particular […]

The post Palo Alto Networks Released A Mega Malware Analysis Tutorials Useful for Every Malware Analyst appeared first on Cyber Security News.

The cybersecurity landscape faces a new sophisticated threat as the Crypto24 ransomware group demonstrates an alarming evolution in attack methodology, seamlessly blending legitimate administrative tools with custom-developed malware to execute precision strikes against high-value targets. This emerging ransomware operation has successfully compromised organizations across Asia, Europe, and the United States, with a particular focus on […]

The post Ransomware Actors Blending Legitimate Tools with Custom Malware to Evade Detection appeared first on Cyber Security News.

Google Play has implemented comprehensive licensing requirements for cryptocurrency exchanges and software wallets, fundamentally reshaping the mobile app ecosystem for digital asset services. The policy mandates that developers seeking to publish cryptocurrency applications must obtain specific licenses and certifications from relevant financial authorities in their target jurisdictions before distribution through Google’s platform. The new regulatory […]

The post Google Requires Crypto App Developers to Have License or Certification From Relevant Authorities appeared first on Cyber Security News.

A sophisticated threat campaign has emerged that leverages CrossC2, an unofficial extension tool that expands Cobalt Strike’s notorious capabilities beyond Windows systems to target Linux and macOS environments. Between September and December 2024, cybersecurity incidents involving this cross-platform malware have been documented, representing a significant evolution in threat actor tactics that traditionally focused on Windows-based […]

The post Threat Actors Using CrossC2 Tool to Expand Cobalt Strike to Operate on Linux and macOS appeared first on Cyber Security News.

Security researchers have uncovered a sophisticated new phishing campaign that exploits the Japanese hiragana character “ん” to create deceptively authentic-looking URLs that can fool even vigilant internet users. The attack, first identified by security researcher JAMESWT, targets explicitly customers of the popular travel booking platform Booking.com. The malicious technique leverages the visual similarity between the […]

The post New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash “/” appeared first on Cyber Security News.

A new AI tool named HexStrike AI has been launched, designed to bridge the gap between large language models (LLMs) and practical cybersecurity operations. The latest release, v6.0, equips AI agents like OpenAI’s GPT, Anthropic’s Claude, and GitHub’s Copilot with a formidable arsenal of over 150 professional security tools, enabling autonomous penetration testing, vulnerability research, […]

The post HexStrike AI Connects ChatGPT, Claude, Copilot with 150+ Security Tools like Burp Suite and Nmap appeared first on Cyber Security News.

Critical security flaw CVE-2025-20217 allows unauthenticated attackers to trigger denial-of-service conditions in Cisco’s widely deployed firewall systems Cisco has disclosed a high-severity vulnerability in its Secure Firewall Threat Defense (FTD) Software that could allow remote attackers to cause denial-of-service conditions through the Snort 3 Detection Engine. The vulnerability, tracked as CVE-2025-20217 with a CVSS score […]

The post Cisco Secure Firewall Snort 3 Detection Engine Vulnerability Enables DoS Attacks appeared first on Cyber Security News.

The goal of deception technology, which uses some of the best deception tools, is to trick attackers by dispersing a variety of traps and dummy assets throughout a system’s infrastructure to mimic real assets. There is always a possibility that cybercriminals will breach your network, regardless of how effective your perimeter defenses.  You’ll lure them […]

The post 10 Best Deception Tools in 2025 appeared first on Cyber Security News.

A zero-day vulnerability in WinRAR allows malware to be deployed on unsuspecting users’ systems, highlighting the ongoing threats to popular software. Tracked as CVE-2025-8088, this path traversal flaw affects the Windows version of the widely used file archiving tool, enabling attackers to execute arbitrary code through specially crafted archives. The vulnerability, discovered in mid-July 2025, […]

The post CVE-2025-8088 – WinRAR 0-Day Path Traversal Vulnerability Exploited to Execute Malware appeared first on Cyber Security News.

A sophisticated new malware campaign targeting Windows systems has emerged, employing a multi-stage framework dubbed “PS1Bot” that combines PowerShell and C# components to conduct extensive information theft operations. The malware represents a significant evolution in attack methodologies, utilizing modular architecture and in-memory execution techniques to evade traditional detection mechanisms while maintaining persistent access to compromised […]

The post Threat Actors Attacking Windows Systems With New Multi-Stage Malware Framework PS1Bot appeared first on Cyber Security News.

Security researchers have identified a new denial-of-service (DoS) vulnerability in HTTP/2 implementations, referred to as MadeYouReset (CVE-2025-8671). This discovery represents a notable escalation in the threats associated with web protocols. Publicly disclosed on August 13, 2025, this flaw allows attackers to bypass built-in concurrency limits, overwhelming servers with unbounded concurrent requests and potentially crashing systems […]

The post New HTTP/2 MadeYouReset Vulnerability Enables Large-Scale DDoS Attacks appeared first on Cyber Security News.

A sophisticated new Android malware dubbed PhantomCard has emerged from the shadows of Brazil’s cybercriminal underground, representing a significant evolution in mobile banking threats. This malicious application leverages Near Field Communication (NFC) technology to create a seamless bridge between victims’ physical banking cards and fraudsters’ devices, enabling real-time financial theft without the need for physical […]

The post New NFC-Driven PhantomCard Android Malware Attacking Banking Users appeared first on Cyber Security News.

Cisco has disclosed a critical security vulnerability in its Secure Firewall Management Center (FMC) Software that could allow unauthenticated attackers to execute arbitrary shell commands with high-level privileges remotely. The vulnerability, tracked as CVE-2025-20265 and assigned the maximum CVSS score of 10.0, represents one of the most severe security flaws discovered in enterprise firewall infrastructure […]

The post Cisco Secure Firewall Vulnerability Allows Hackers to Inject Remote Shell Command Injection appeared first on Cyber Security News.

Cybercriminals are increasingly leveraging personalization tactics to enhance the effectiveness of their malware-delivery phishing campaigns, with threat actors customizing subject lines, attachment names, and embedded links to create a false sense of authenticity and urgency. This sophisticated approach represents a significant evolution in social engineering techniques, as attackers craft emails that appear legitimate by incorporating […]

The post Threat Actors Personalize Phishing Attacks With Advanced Tactics for Malware Delivery appeared first on Cyber Security News.

The ransomware threat landscape witnessed a concerning surge in July 2025, with the Qilin ransomware group maintaining its dominant position for the third time in four months. The group successfully claimed 73 victims on its data leak site, representing 17.3% of the month’s total 423 ransomware incidents. This marks a significant consolidation of criminal operations […]

The post Qilin Ransomware Leads The Attack Landscape With 70+ Claimed Victims in July appeared first on Cyber Security News.

A sophisticated new variant of the FireWood backdoor has emerged, targeting Linux systems with enhanced evasion capabilities and streamlined command execution functionality. This latest iteration represents a significant evolution of the malware family first discovered by ESET’s research team, which has been linked to the long-running “Project Wood” malware lineage dating back to at least […]

The post New FireWood Malware Attacking Linux Systems to Execute Commands and Exfiltrate Sensitive Data appeared first on Cyber Security News.

The cyberthreat landscape continues to evolve as malicious actors develop increasingly sophisticated attack methods, with the EncryptHub threat group emerging as a particularly concerning adversary. This emerging threat actor, also known as LARVA-208 and Water Gamayun, has been making headlines for its aggressive campaigns targeting Web3 developers and abusing legitimate platforms to deliver malicious payloads. […]

The post New EncryptHub Campaign Leverages Brave Support Platform to Deliver Malicious Payloads via MMC Vulnerability appeared first on Cyber Security News.