Cyber Security News

A new, highly sophisticated malware campaign has been identified targeting remote workers and organizations through a fake Google Meet landing page. Hosted on the deceptive domain gogl-meet[.]com, this attack leverages the “ClickFix” social engineering technique to bypass traditional browser security controls and deliver a Remote Access Trojan (RAT) directly to the victim’s system. The attack […]

The post Beware of Weaponized Google Meet Page uses ClickFix Technique to Deliver Malicious Payload appeared first on Cyber Security News.

The French Football Federation (FFF) has confirmed a significant cybersecurity incident resulting in the theft of personal data belonging to members and licensees. The federation revealed that cybercriminals had infiltrated the centralized administrative software used by football clubs across the country to manage memberships and daily operations. According to the disclosure, the breach was not […]

The post French Football Federation Reports Data Breach – Hackers Access Club Software Admin Controls appeared first on Cyber Security News.

The 2025 holiday season has unleashed an unprecedented wave of cyber threats, with attackers deploying industrialized infrastructure to exploit the global surge in online commerce. This year’s threat landscape is characterized by a calculated expansion of deceptive digital assets, where criminals leverage automated tools to scale their operations across multiple merchant categories. The primary vector […]

The post Hackers Registered 18,000 Holiday-Themed Domains Targeting ‘Christmas,’ ‘Black Friday,’ and ‘Flash Sale’ appeared first on Cyber Security News.

The Handala hacker group has launched a targeted campaign against Israeli high-tech and aerospace professionals, marking a concerning shift in geopolitically motivated cyber operations. The group recently published a list of individuals working in these critical sectors, accompanied by hostile descriptions that falsely label them as criminals. This campaign represents a significant escalation from traditional […]

The post Handala Hacker Group Attacking Israeli High-Tech and Aerospace Professionals appeared first on Cyber Security News.

The company has agreed to pay a $1.5 million fine to settle a Federal Communications Commission investigation into a data breach that exposed personal information from over 237,000 customers. Reuters reports that the FCC announced the settlement on Monday, ending an investigation into how the company’s vendor mishandled customer data. The breach occurred at Financial […]

The post Comcast to Pay a $1.5 Million Fine to Settle an FCC Investigation Linked to Vendor Data Breach appeared first on Cyber Security News.

Polish authorities have arrested a Russian citizen suspected of conducting unauthorized cyberattacks against the computer networks of local organizations. The arrest marks a significant development in the country’s efforts to combat cybercrime targeting Polish and European businesses. On November 16, 2025, officers from the Central Bureau for Combating Cybercrime, operating under the Krakow District Prosecutor’s […]

The post Poland Arrested Suspected Russian Citizen Hacking for Local Organizations Computer Networks appeared first on Cyber Security News.

Microsoft has announced a significant security upgrade to its Microsoft Entra ID authentication process, as part of the company’s broader Secure Future Initiative. Microsoft is updating its Content Security Policy (CSP) to block the execution of external scripts during user sign-ins. This proactive measure is designed to shield organizations from evolving cyber threats, specifically cross-site […]

The post Microsoft to Block External Scripts  in Entra ID Logins to Enhance Protections appeared first on Cyber Security News.

Three West London councils are struggling with significant disruption to IT systems and phone lines after a cyberattack on a shared services provider, which officials are publicly describing only as an “IT incident”. The Royal Borough of Kensington and Chelsea (RBKC), Westminster City Council (WCC), and Hammersmith and Fulham Council have all been affected. According […]

The post London Councils’ IT Systems Impacted by CyberAttack, Including Phone Lines appeared first on Cyber Security News.

The Shai Hulud 2.0 worm, first detected on November 24, 2025, has compromised nearly 1,200 organizations, including major banks, government bodies, and Fortune 500 technology firms. While initial reports described it as a simple npm supply chain attack that flooded GitHub with spam repositories, new analysis reveals a far more sophisticated operation. Entro Security researchers […]

The post Shai Hulud 2.0 Compromises 1,200+ Organizations, Exposing Critical Runtime Secrets appeared first on Cyber Security News.

A sophisticated, complex new cyber offensive has emerged from the “Scattered Lapsus$ Hunters,” a threat collective that has aggressively shifted toward exploiting supply-chain vulnerabilities. This latest campaign targets Zendesk, a critical customer support platform, effectively turning a trusted business tool into a launchpad for corporate spying. The attackers have successfully registered over 40 typosquatted domains, […]

The post Scattered Lapsus$ Hunters Registered 40+ Domains Mimicking Zendesk Environments appeared first on Cyber Security News.

Hidden vulnerabilities in legacy code often create unseen risks for modern development environments. One such issue recently surfaced within the Python ecosystem, where outdated bootstrap scripts associated with the zc.buildout tool expose users to domain takeover attacks. These scripts, designed to automate the installation of package dependencies, contain hardcoded references to external domains that are […]

The post Vulnerable Codes in Legacy Python Packages Enables Attacks on Python Package Index Via Domain Compromise appeared first on Cyber Security News.

Digital calendars have become indispensable tools for managing personal and professional schedules. Users frequently subscribe to external calendars for public holidays, sports schedules, or community events to keep their agendas up to date. While these subscriptions offer convenience, they create a persistent connection between a user’s device and an external server. If the domain hosting […]

The post Over 390 Abandoned iCalendar Sync Domains Could Expose ~4 Million Devices to Security Risks appeared first on Cyber Security News.

Alisa Viejo, CA, USA, November 27th, 2025, CyberNewsWire Gartner has recognized One Identity as a Visionary in the 2025 Gartner Magic Quadrant for Privileged Access Management (PAM).  In a rapidly transforming market, innovation and demonstrated performance continue to shape expectations. The placement as a Visionary reflects what the company observes across its customer and partner ecosystem, […]

The post One Identity Safeguard Named a Visionary in the 2025 Gartner Magic Quadrant for PAM appeared first on Cyber Security News.

New API capabilities and AI-powered Threat Encyclopedia eliminate manual audit preparation, providing real-time compliance evidence and instant threat intelligence Quttera today announced major enhancements to its Web Malware Scanner API that transform static security scanning into automated compliance evidence. The update introduces real-time evidence streaming and compliance mapping, directly addressing the manual burden of audit […]

The post Quttera Launches “Evidence-as-Code” API to Automate Security Compliance for SOC 2 and PCI DSS v4.0V appeared first on Cyber Security News.

The software supply chain is under siege from “Shai Hulud v2,” a sophisticated malware campaign that has compromised 834 packages across the npm and Maven ecosystems. This new wave specifically targets GitHub Actions workflows, exploiting pull_request_target triggers to inject malicious code into widely used libraries. The attack has impacted major projects like PostHog, Zapier, and […]

The post Shai Hulud v2 Exploits GitHub Actions Workflows as Attack Vector to Steal Secrets appeared first on Cyber Security News.

The “Korean Leaks” campaign has emerged as one of the most sophisticated supply chain attacks targeting South Korea’s financial sector in recent memory. This operation combined the capabilities of the Qilin Ransomware-as-a-Service (RaaS) group with potential involvement from North Korean state-affiliated actors known as Moonstone Sleet. The attackers leveraged a compromised Managed Service Provider (MSP) […]

The post Qilin RaaS Exposed 1 Million Files and 2 TB of Data Linked to Korean MSP Breach appeared first on Cyber Security News.

GitLab’s Vulnerability Research team has uncovered a large-scale supply chain attack spreading a destructive malware variant through the npm ecosystem. The malware, an evolved version of “Shai-Hulud,” contains a dangerous feature that threatens to destroy user data if attackers lose control of their infrastructure. The malware spreads through infected npm packages using a multi-stage process. […]

The post Dead Man’s Switch – Widespread npm Supply Chain Attack Driving Malware Attacks appeared first on Cyber Security News.

An urgent security update for its DGX Spark AI workstation after discovering 14 vulnerabilities in the system’s firmware that could allow attackers to execute malicious code and launch denial-of-service attacks. The most severe flaw has a CVSS score of 9.3 and affects all DGX Spark devices running versions before the new OTA0 update. The vulnerabilities […]

The post NVIDIA DGX Spark Vulnerabilities Let Attackers Execute Malicious Code and DoS Attacks appeared first on Cyber Security News.

KawaiiGPT emerges as an accessible, open-source tool that mimics the controversial WormGPT, providing unrestricted AI assistance via jailbroken large language models. Hosted on GitHub with over 188 stars and 52 forks, it requires no API keys and installs quickly on Linux or Termux environments.​ Users can deploy KawaiiGPT in minutes by updating packages, installing Python […]

The post KawaiiGPT – Free WormGPT Variant Leveraging DeepSeek, Gemini, and Kimi-K2 AI Models appeared first on Cyber Security News.

A major security threat has emerged targeting software developers worldwide. North Korean state-sponsored threat actors, operating under the “Contagious Interview” campaign, are systematically spreading malicious packages across npm, GitHub, and Vercel infrastructure to deliver OtterCookie malware. This sophisticated multi-stage operation demonstrates how threat actors have adapted their tools to target modern JavaScript and Web3 development […]

The post North Korean Hackers Exploiting npm, GitHub, and Vercel to Deliver OtterCookie Malware appeared first on Cyber Security News.