Cyber Security News

Microsoft has confirmed that threat actors are actively exploiting two critical vulnerabilities in the Windows Common Log File System (CLFS) driver to gain SYSTEM-level privileges on compromised systems. The vulnerabilities, tracked as CVE-2025-32706 and CVE-2025-32701, were addressed in the May 2025 Patch Tuesday security update released on May 13, 2025. Critical Vulnerabilities Under Active Exploitation […]

The post Windows Common Log File System 0-Day Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.

Microsoft has released its Patch Tuesday updates for May 2025, addressing a total of 78 vulnerabilities across its product ecosystem, with five identified as actively exploited zero-day flaws. The updates cover a wide range of software, including Windows, Microsoft Office, Azure, Visual Studio, and more, urging users and administrators to apply patches immediately to mitigate […]

The post Microsoft Patch Tuesday May 2025: 72 Vulnerabilities Fixed, Including 5 Actively Exploited Zero-Day appeared first on Cyber Security News.

Ivanti has disclosed a high-severity security vulnerability affecting its Cloud Services Application (CSA) that could allow attackers to escalate privileges on vulnerable systems. The security flaw, tracked as CVE-2025-22460, was announced on May 13, 2025, as part of Ivanti’s ongoing security update program. According to the company’s security advisory, the vulnerability is caused by default […]

The post Ivanti Cloud Services Application Vulnerability Leads to Privilege Escalation appeared first on Cyber Security News.

Fortinet has disclosed a critical stack-based buffer overflow vulnerability (CVE-2025-32756) affecting multiple products in its security portfolio, with confirmed exploitation targeting FortiVoice systems in the wild. The vulnerability, assigned a CVSS score of 9.6, allows remote unauthenticated attackers to execute arbitrary code or commands through specially crafted HTTP requests, potentially giving them complete control over […]

The post FortiVoice 0-day Vulnerability Exploited in the Wild to Execute Arbitrary Code appeared first on Cyber Security News.

Ivanti has released security updates to address a critical authentication bypass vulnerability in its Neurons for ITSM (IT Service Management) solution that could allow unauthenticated attackers to gain administrative access to vulnerable systems. Disclosed on May 13, 2025, the flaw affects on-premises instances only and has been assigned a CVSS score of 9.8, indicating its […]

The post Critical Ivanti ITSM Vulnerability Let Remote Attacker Gain Administrative Access appeared first on Cyber Security News.

Microsoft has announced a new “Prevent Screen Capture” feature for Teams that will block unauthorized screenshots during meetings. The feature, scheduled for worldwide rollout in July 2025, represents Microsoft’s continued focus on enterprise security and regulatory compliance in an era where sensitive information is increasingly shared in virtual meetings. The new screen capture prevention feature […]

The post Microsoft Teams To Block Screen Capture During Meetings appeared first on Cyber Security News.

A newly identified information-stealing malware, dubbed PupkinStealer, Developed in C# using the .NET framework, this lightweight yet effective malware targets sensitive user data, including browser credentials, desktop files, messaging app sessions, and screenshots. According to a CYFIRMA detailed analysis shared with Cyber Security News, PupkinStealer leverages Telegram’s Bot API for stealthy data exfiltration, underscoring the […]

The post “PupkinStealer” A New .NET-Based Malware Steals Browser Credentials & Exfiltrate via Telegram appeared first on Cyber Security News.

As artificial intelligence (AI) tools gain mainstream traction for content creation, cybercriminals are capitalizing on the hype with a sophisticated new attack vector, fake AI platforms promising advanced video and image editing capabilities. These fraudulent sites, amplified through viral social media campaigns and Facebook groups with tens of thousands of views, lure users into uploading […]

The post Beware! Fake AI Video Generation Platforms Drop Stealer Malware on Your Computers appeared first on Cyber Security News.

In a coordinated effort, Lumen Technologies’ Black Lotus Labs, the U.S. Department of Justice (DOJ), the Federal Bureau of Investigation (FBI), and the Dutch National Police have dismantled a sophisticated criminal proxy network that has operated since 2004. The botnet, tracked by Black Lotus Labs for over a year, infected thousands of Internet of Things […]

The post 20 Years old Proxy Botnet Network Dismantled That Exploits 1000 Unique Unpatched Devices Weekly appeared first on Cyber Security News.

A significant surge in sophisticated recruitment scams has emerged, with cybercriminals exploiting economic vulnerabilities and the competitive job market to target desperate job seekers. These scams employ increasingly refined social engineering tactics that blend legitimate recruitment practices with fraudulent schemes, making them particularly effective at evading detection while extracting money and personal information from victims. […]

The post Threat Actors Attacking Job Seekers With Three New Unique Adversaries appeared first on Cyber Security News.

A critical remote code execution vulnerability in SAP NetWeaver Visual Composer (CVE-2025-31324) is being actively exploited by a Chinese threat actor to compromise enterprise systems worldwide. The vulnerability allows attackers to achieve remote code execution by uploading malicious web shells through the vulnerable /developmentserver/metadatauploader endpoint. Exploitation has been observed primarily targeting manufacturing environments, where compromised […]

The post Chinese Hackers Exploit SAP RCE Vulnerability to Upload Supershell Backdoors appeared first on Cyber Security News.

Cybersecurity experts have uncovered a sophisticated attack campaign targeting IT administrators through search engine optimization (SEO) poisoning tactics. Threat actors are leveraging advanced SEO techniques to push malicious versions of commonly used administrative tools to the top of search engine results, creating a dangerous trap for unsuspecting IT professionals. When administrators search for legitimate tools, […]

The post Hackers Attacking IT Admins by Poisoning SEO to Move Malware on Top of Search Results appeared first on Cyber Security News.

A seemingly innocent Python package has been unmasked as a sophisticated remote access trojan (RAT) targeting the Discord developer community. On March 21, 2022, a package named ‘discordpydebug’ appeared on the Python Package Index (PyPI) under the innocuous description “Discord py error logger.” While presenting itself as a helpful debugging utility for developers working with […]

The post Malicious Python Package Mimic as Attacking Discord Developers With Malicious Remote Commands appeared first on Cyber Security News.

A new ransomware strain dubbed “Mamona” that operates entirely offline and leverages a clever attack strategy that abuses the Windows ping command. Unlike traditional ransomware that communicates with remote servers, Mamona works completely offline, making it particularly difficult to detect with conventional network monitoring tools. “This strain highlights a rising trend: ransomware that trades complexity […]

The post New Mamona Ransomware Attack Windows Machines by Abusing Ping Commands appeared first on Cyber Security News.

A sophisticated supply chain attack targeting the popular npm package ‘rand-user-agent’ was discovered on May 5, 2025. The compromise affects a legitimate JavaScript library used to generate randomized user-agent strings for web scraping operations, inserting malicious code that establishes remote access capabilities on infected systems. Security researchers detected suspicious code in version 1.0.110 of the […]

The post New Supply Chain Attack Targets Legitimate npm Package with 45,000 Weekly Downloads appeared first on Cyber Security News.

Native apps are built compatible with a platform or operating system, such as iOS or Android. While unrestricted access to all device functionalities (camera, GPS, and push notifications) makes native apps attractive for users, it also poses significant risks. Cyber attacks increased by 30% between January 2023 and 2024 and amount to 13 attacks per […]

The post 5 Must-Have Security Features for Native Apps appeared first on Cyber Security News.

Cybersecurity experts have identified an escalating campaign by the notorious hacker collective Scattered Spider, which continues to evolve its sophisticated attack methods in 2025. The group, active since at least 2022, has shifted focus to target business services including Klaviyo, HubSpot, and Pure Storage, posing significant threats to organizations relying on these platforms. Using advanced […]

The post Scattered Spider Malware Targeting Klaviyo, HubSpot, and Pure Storage Services appeared first on Cyber Security News.

Cybercriminals have developed sophisticated vishing techniques that leverage multimedia file formats to bypass security systems and target unsuspecting victims. These new attack vectors, observed in early 2025, represent an evolution in social engineering tactics where threat actors exploit commonly trusted file formats to deliver fraudulent messages prompting victims to make phone calls to fake customer […]

The post Threat Actors Using Multimedia Systems Via Stealthy Vishing Attack appeared first on Cyber Security News.

Threat actors increasingly leverage Windows Remote Management (WinRM) to move stealthily within Active Directory (AD) environments, evading traditional detection mechanisms while escalating privileges and deploying malicious payloads.  WinRM, Microsoft’s implementation of the WS-Management protocol, is a core component of Windows systems. It enables administrators to execute remote commands, manage configurations, and run PowerShell scripts across […]

The post Hackers Using Windows Remote Management to Stealthily Navigate Active Directory Network appeared first on Cyber Security News.

As organizations increasingly adopt hybrid work models, Chief Information Security Officers (CISOs) face new and complex challenges. The traditional boundaries of enterprise security have dissolved, and sensitive data now flows across home offices, cloud platforms, and corporate networks. This shift has forced CISOs to rethink their approach, beyond simply defending a fixed perimeter to orchestrating […]

The post How CISOs Can Successfully Lead Security Transformation in Hybrid Work Environments appeared first on Cyber Security News.