Cyber Security News

Security researchers have recently observed a surge in sophisticated fileless malware campaigns targeting enterprise environments. AsyncRAT, a powerful Remote Access Trojan, leverages legitimate system tools to execute malicious payloads entirely in memory, effectively sidestepping traditional disk-based defenses. Emergence of this threat underscores the evolving tactics employed by cyber adversaries to maintain stealth and persistence on […]

The post AsyncRAT Uses Fileless Loader to Bypass Detections and Gain Remote Access appeared first on Cyber Security News.

Malicious actors have launched a sophisticated malvertising campaign on Facebook that coerces unsuspecting users into installing a fake “Meta Verified” browser extension. Promoted through seemingly legitimate video tutorials, these ads promise to unlock the coveted blue verification tick without paying Meta’s subscription fee. In reality, the extension is engineered to harvest sensitive user data, including […]

The post Beware of Malicious Facebook Ads With Meta Verified Steals User Account Details appeared first on Cyber Security News.

A critical security vulnerability has been discovered in the Amp’ed RF BT-AP 111 Bluetooth Access Point, exposing organizations to significant security risks through an unauthenticated administrative interface. The device, which serves as a Bluetooth-to-Ethernet bridge supporting both access point and gateway functionality, lacks fundamental authentication controls on its web-based management system. The vulnerability, designated as […]

The post Amp’ed RF BT-AP 111 Bluetooth Access Point Vulnerability Let Attackers Gain Full Admin Access appeared first on Cyber Security News.

Early this month, cybersecurity researchers uncovered a novel phishing campaign attributed to the Lazarus Group that targets developers and crypto professionals through a cleverly crafted Git symlink vulnerability. Rather than relying solely on traditional malware distribution channels, the attackers have weaponized the way Git handles repository paths, embedding malicious hooks within symbolic links to trigger […]

The post Lazarus Hackers Exploiting Git Symlink Vulnerability in Sophisticated Phishing Attack appeared first on Cyber Security News.

In recent months, security researchers have observed a surge in activity by a previously undocumented ransomware group known as The Gentlemen. This threat actor has rapidly distinguished itself through the deployment of highly specialized tools and meticulous reconnaissance tactics, targeting critical infrastructure across multiple sectors and regions. Leveraging legitimate Windows drivers and nuanced Group Policy […]

The post New Gentlemen Ransomware Leverages Legitimate Drivers, Group Policies to Infiltrate Organizations appeared first on Cyber Security News.

GitLab has released urgent security patches for its Community (CE) and Enterprise (EE) editions, addressing multiple vulnerabilities, including two high-severity flaws that could lead to Server-Side Request Forgery (SSRF) and Denial of Service (DoS) attacks. The company is strongly advising all administrators of self-managed GitLab installations to upgrade immediately to the newly released versions: 18.3.2, […]

The post GitLab Patches Multiple Vulnerabilities That Enables Denial Of Service and SSRF Attacks appeared first on Cyber Security News.

A high-quality mobile application penetration testing company is essential for businesses that want to safeguard their digital assets and user data. These specialized firms employ ethical hackers who simulate real-world cyberattacks to identify and exploit vulnerabilities within mobile apps. The insights from these tests enable developers to fix security flaws before they can be leveraged […]

The post Top 10 Best Mobile Application Penetration Testing Companies in 2025 appeared first on Cyber Security News.

A security vulnerability has been found in the Google Drive Desktop application for Windows. It allows a logged-in user on a shared machine to access another user’s Drive files completely without needing their credentials. This vulnerability stems from a broken access control mechanism in how the application handles cached data. While Google Drive is widely […]

The post Google Drive Desktop for Windows Vulnerability Grants Full Access to Another User’s Drive appeared first on Cyber Security News.

Microsoft has issued an updated warning for a critical security vulnerability in Active Directory Domain Services, tracked as CVE-2025-21293. This flaw could permit an attacker who has already gained initial access to a system to escalate their privileges, potentially gaining complete control over the affected domain controller and undermining the security of the network infrastructure. […]

The post Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges appeared first on Cyber Security News.

Microsoft has released patches for two significant vulnerabilities in Microsoft Office that could allow attackers to execute malicious code on affected systems. The flaws, tracked as CVE-2025-54910 and CVE-2025-54906, were disclosed on September 9, 2025, and affect various versions of the popular productivity suite. While Microsoft has assessed exploitation as “less likely” for both vulnerabilities […]

The post Critical Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code appeared first on Cyber Security News.

HackerOne has confirmed it was among the companies affected by a recent data breach that provided unauthorized access to its Salesforce instance. The access was gained through a compromise of the third-party application Drift, which Salesloft owns. The bug bounty platform announced the security incident, aligning with its company value of “Default to Disclosure.” According […]

The post HackerOne Confirms Data Breach – Hackers Gained Unauthorized Access To Salesforce Instance appeared first on Cyber Security News.

Sophos has resolved an authentication bypass vulnerability in its AP6 Series Wireless Access Points that could allow attackers to gain administrator-level privileges. The company discovered the issue during internal security testing and has released a firmware update to address it. The security vulnerability allows an attacker with network access to the access point’s management IP […]

The post Sophos Wireless Access Points Vulnerability Let Attackers Bypass Authentication appeared first on Cyber Security News.

Microsoft has addressed two significant elevation of privilege vulnerabilities affecting its Windows BitLocker encryption feature. The flaws, tracked as CVE-2025-54911 and CVE-2025-54912, were disclosed on September 9, 2025, and carry an “Important” severity rating. Both vulnerabilities could allow an authorized attacker to gain full SYSTEM privileges on a compromised machine, bypassing the security layers that […]

The post Windows BitLocker Vulnerability Let Attackers Elevate Privileges appeared first on Cyber Security News.

A critical vulnerability CVE-2025-42922 has been discovered in SAP NetWeaver that allows an authenticated, low-privileged attacker to execute arbitrary code and achieve a full system compromise. The flaw resides in the Deploy Web Service upload mechanism, where insufficient access control validation permits the upload and execution of malicious files. This vulnerability poses a significant risk […]

The post Critical SAP NetWeaver Vulnerability Let Attackers Execute Arbitrary Code And Compromise System appeared first on Cyber Security News.

Every SOC analyst knows the frustration. Your SIEM generates hundreds, sometimes thousands of alerts daily. Each alert demands attention, but with limited time and resources, how do you prioritize effectively? Investigating each alert in isolation leaves teams reactive, overwhelmed, and ultimately vulnerable to sophisticated attacks that blend into the background noise.  The Alert Triage Dilemma: […]

The post How to Enrich Alerts with Live Attack Data From 15K SOCs  appeared first on Cyber Security News.

Microsoft has released its September 2025 Patch Tuesday updates, addressing a total of 81 security vulnerabilities across its product suite. The security patches cover a wide range of software, including Windows, Microsoft Office, Azure, and SQL Server. Among the fixes are 22 Remote Code Execution (RCE) vulnerabilities, making this a significant update for system administrators. […]

The post Microsoft September 2025 Patch Tuesday – 81 Vulnerabilities Fixed Including 22 RCE appeared first on Cyber Security News.

Salat Stealer has emerged as a pervasive threat targeting Windows endpoints with a focus on harvesting browser-stored credentials and cryptocurrency wallet data. First detected in August 2025, this Go-based infostealer leverages a range of evasion tactics, including UPX packing and process masquerading, to slip past conventional defenses. Its operators advertise the malware through social engineering […]

The post Salat Stealer Exfiltrates Browser Credentials Via Sophisticated C2 Infrastructure appeared first on Cyber Security News.

Fortinet has disclosed a medium-severity vulnerability in its FortiDDoS-F product line that could allow a privileged attacker to execute unauthorized commands. Tracked as CVE-2024-45325, the flaw is an OS command injection vulnerability residing within the product’s command-line interface (CLI). The vulnerability, identified as CWE-78, stems from an improper neutralization of special elements used in an […]

The post FortiDDoS OS Command Injection Vulnerability Let Attackers Execute Unauthorized Commands appeared first on Cyber Security News.

A new wave of phishing attacks purporting to originate from South Korea’s National Tax Service has emerged, leveraging familiar electronic document notifications to trick recipients into divulging their Naver credentials. Distributed on August 25, 2025, the email mimics the official format used by Naver’s secure document service, displaying the sender as “National Tax Service” and […]

The post Beware of Phishing Email from Kimusky Hackers With Subject Spetember Tax Return Due Date Notice appeared first on Cyber Security News.

Ivanti has released security updates to address two high-severity vulnerabilities in its Endpoint Manager (EPM) software that could allow remote code execution. The vulnerabilities, tracked as CVE-2025-9712 and CVE-2025-9872, affect multiple versions of the product. The company has stated that it is not aware of any active exploitation of these flaws in the wild at […]

The post Critical Ivanti Endpoint Manager Vulnerabilities Let Attackers Execute Remote Code appeared first on Cyber Security News.