Cyber Security News

OpenAI has patched a command injection flaw in its Codex CLI tool that allowed attackers to execute arbitrary commands on developers’ machines simply by getting a malicious configuration file into a project repository. The issue, now fixed in Codex CLI version 0.23.0, effectively turned routine use of the codex command into a silent remote‑code‑execution trigger.​ […]

The post OpenAI Codex CLI Command Injection Vulnerability Let Attackers Execute Arbitrary Commands appeared first on Cyber Security News.

A critical security vulnerability in Microsoft Azure API Management (APIM) Developer Portal enables attackers to register accounts across different tenant instances, even when administrators have explicitly disabled user signup through the portal interface. The flaw, which Microsoft has classified as “by design,” remains unpatched as of December 1, 2025, leaving organizations potentially exposed to unauthorized […]

The post Microsoft Azure API Management Flaw Enables Cross-Tenant Account Creation, Bypassing Admin Restrictions appeared first on Cyber Security News.

The Tomiris hacker group has resurfaced with a sophisticated campaign targeting foreign ministries and government entities worldwide. Beginning in early 2025, this advanced persistent threat (APT) actor shifted its operational strategy to focus on high-value diplomatic infrastructure. By leveraging a diverse array of programming languages—including Go, Rust, C/C++, and Python—the group has enhanced its ability […]

The post Tomiris Hacker Group Added New Tools and Techniques to Attack Organizations Globally appeared first on Cyber Security News.

A new threat has emerged in the cybersecurity landscape as security experts discover a private Out-of-Band Application Security Testing (OAST) service operating on Google Cloud infrastructure. This mystery operation stands out from typical exploit scanning activities because it uses custom infrastructure rather than relying on public services. The attackers have been running a focused campaign […]

The post Mystery OAST With Exploit for 200 CVEs Leveraging Google Cloud to Launch Attacks appeared first on Cyber Security News.

Pakistan-based threat actor APT36, also known as Transparent Tribe, has launched a sophisticated cyber-espionage campaign against Indian government institutions using a newly developed Python-based ELF malware. The attack marks a significant escalation in the group’s capabilities, demonstrating their growing technical maturity and adaptability to Linux-based operating systems. The campaign centers on spear-phishing emails containing weaponized […]

The post APT36 Hackers Used Python-Based ELF Malware to Target Indian Government Entities appeared first on Cyber Security News.

Claymont, Delaware, December 1st, 2025, CyberNewsWire Lancaster’s arrival brings significant North American channel experience and expertise, supporting usecure’s ambition to cement its position as the market-leading human risk management solution for MSPs. usecure today announced the appointment of Kevin Lancaster as a Non-Executive Director. Kevin joins usecure with a wealth of experience in the North […]

The post Kevin Lancaster Joins the usecure Board to Accelerate North American Channel Growth appeared first on Cyber Security News.

A critical security vulnerability has been discovered in the Apache bRPC framework that could allow remote attackers to crash servers by sending specially crafted JSON data. The flaw, tracked as CVE-2025-59789, affects all versions of Apache bRPC before 1.15.0 across all platforms. The vulnerability exists in the json2pb component of Apache bRPC, which converts JSON data to Protocol […]

The post Critical Apache bRPC Framework Vulnerability Let Attackers Crash the Server appeared first on Cyber Security News.

Linus Torvalds has officially announced the release of Linux kernel 6.18 on November 30, 2025, marking another significant milestone in the open-source operating system’s development. The new kernel version brings numerous improvements across hardware support, driver updates, and file system enhancements. The Linux 6.18 release includes extensive bug fixes and driver improvements that were finalized […]

The post Linux 6.18 Released With Enhanced Hardware Support, Updated Drivers and File Systems appeared first on Cyber Security News.

Microsoft has confirmed a bizarre user interface bug affecting Windows 11 version 24H2 devices that renders the password sign-in icon invisible on the lock screen. The issue, stemming from the August 2025 non-security preview update (KB5064081) and persisting in subsequent cumulative updates, has left many users confused when switching between authentication methods.​ The glitch impacts […]

The post Windows 11 24H2 Update Hides the Password Icon in the Sign-in Options on the Lock Screen appeared first on Cyber Security News.

A Proof-of-Concept (PoC) exploit code has been released for a critical remote code execution (RCE) vulnerability in Microsoft Outlook, identified as CVE-2024-21413. Dubbed “MonikerLink,” this flaw allows attackers to bypass Outlook’s security mechanisms, specifically the “Protected View,” to execute malicious code or steal credentials. The release of this PoC highlights the continued risk posed by […]

The post PoC Exploit Released for Critical Outlook 0-Click Remote Code Execution Vulnerability appeared first on Cyber Security News.

A threat actor known as “zestix” has claimed responsibility for a significant data breach affecting Mercedes-Benz USA (MBUSA), allegedly exfiltrating 18.3 GB of sensitive legal and customer information. The threat actor posted the dataset for sale on a dark web forum, pricing the complete archive at $5,000. According to the listing, the breach exposes a […]

The post Hackers Allegedly Claim Breach of Mercedes-Benz USA Legal and Customer Data appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has officially updated its Known Exploited Vulnerabilities (KEV) catalog to include a critical flaw in OpenPLC ScadaBR, confirming that threat actors are actively weaponizing it in the wild. The security defect, identified as CVE-2021-26829, is a Cross-Site Scripting (XSS) vulnerability rooted in the system_settings.shtm component of ScadaBR. While […]

The post CISA Warns of OpenPLC ScadaBR cross-site scripting vulnerability Exploited in Attacks appeared first on Cyber Security News.

A sophisticated new Android malware family dubbed “Albiriox” has emerged on the cybercrime landscape, offering advanced remote access capabilities as a Malware-as-a-Service (MaaS). Identified by researchers at Cleafy, the malware is designed to execute On-Device Fraud (ODF) by granting attackers full control over infected devices, allowing them to bypass security measures and drain financial accounts. […]

The post New Albiriox Malware Attacking Android Users to Take Complete Control of their Device appeared first on Cyber Security News.

A new, highly sophisticated malware campaign has been identified targeting remote workers and organizations through a fake Google Meet landing page. Hosted on the deceptive domain gogl-meet[.]com, this attack leverages the “ClickFix” social engineering technique to bypass traditional browser security controls and deliver a Remote Access Trojan (RAT) directly to the victim’s system. The attack […]

The post Beware of Weaponized Google Meet Page uses ClickFix Technique to Deliver Malicious Payload appeared first on Cyber Security News.

The French Football Federation (FFF) has confirmed a significant cybersecurity incident resulting in the theft of personal data belonging to members and licensees. The federation revealed that cybercriminals had infiltrated the centralized administrative software used by football clubs across the country to manage memberships and daily operations. According to the disclosure, the breach was not […]

The post French Football Federation Reports Data Breach – Hackers Access Club Software Admin Controls appeared first on Cyber Security News.

The 2025 holiday season has unleashed an unprecedented wave of cyber threats, with attackers deploying industrialized infrastructure to exploit the global surge in online commerce. This year’s threat landscape is characterized by a calculated expansion of deceptive digital assets, where criminals leverage automated tools to scale their operations across multiple merchant categories. The primary vector […]

The post Hackers Registered 18,000 Holiday-Themed Domains Targeting ‘Christmas,’ ‘Black Friday,’ and ‘Flash Sale’ appeared first on Cyber Security News.

The Handala hacker group has launched a targeted campaign against Israeli high-tech and aerospace professionals, marking a concerning shift in geopolitically motivated cyber operations. The group recently published a list of individuals working in these critical sectors, accompanied by hostile descriptions that falsely label them as criminals. This campaign represents a significant escalation from traditional […]

The post Handala Hacker Group Attacking Israeli High-Tech and Aerospace Professionals appeared first on Cyber Security News.

The company has agreed to pay a $1.5 million fine to settle a Federal Communications Commission investigation into a data breach that exposed personal information from over 237,000 customers. Reuters reports that the FCC announced the settlement on Monday, ending an investigation into how the company’s vendor mishandled customer data. The breach occurred at Financial […]

The post Comcast to Pay a $1.5 Million Fine to Settle an FCC Investigation Linked to Vendor Data Breach appeared first on Cyber Security News.

Polish authorities have arrested a Russian citizen suspected of conducting unauthorized cyberattacks against the computer networks of local organizations. The arrest marks a significant development in the country’s efforts to combat cybercrime targeting Polish and European businesses. On November 16, 2025, officers from the Central Bureau for Combating Cybercrime, operating under the Krakow District Prosecutor’s […]

The post Poland Arrested Suspected Russian Citizen Hacking for Local Organizations Computer Networks appeared first on Cyber Security News.

Microsoft has announced a significant security upgrade to its Microsoft Entra ID authentication process, as part of the company’s broader Secure Future Initiative. Microsoft is updating its Content Security Policy (CSP) to block the execution of external scripts during user sign-ins. This proactive measure is designed to shield organizations from evolving cyber threats, specifically cross-site […]

The post Microsoft to Block External Scripts  in Entra ID Logins to Enhance Protections appeared first on Cyber Security News.