Cyber Security News

HashiCorp has disclosed two critical vulnerabilities in its Vault software that could allow attackers to bypass authentication controls and launch denial-of-service (DoS) attacks. Published on October 23, 2025, these flaws affect both Vault Community Edition and Vault Enterprise, prompting urgent recommendations for upgrades. The issues, tracked as CVE-2025-12044 and CVE-2025-11621, stem from misconfigurations in resource […]

The post HashiCorp Vault Vulnerabilities Let Attack Bypass Authentication And Trigger DoS Attack appeared first on Cyber Security News.

Cybercriminals continue to evolve their tactics for compromising systems, with recent campaigns demonstrating a significant shift from traditional fake update methods to more sophisticated social engineering approaches. Throughout 2025, threat actors have increasingly adopted the ClickFix technique as their primary delivery mechanism for deploying NetSupport Manager, a legitimate remote administration tool that has become attractive […]

The post Hackers Leveraging ClickFix Technique to Deploy NetSupport RAT Loaders appeared first on Cyber Security News.

The notorious cybercrime forum BreachForums has resurfaced online, this time on a clearnet domain accessible without specialized tools like Tor. The platform, long a hub for data leaks, hacking tools, and illicit trades, went dark earlier this year following a series of law enforcement takedowns and internal disruptions. Now, just months later, it’s operational again, […]

The post Infamous Cybercriminal Forum BreachForums Is Back Again With a New Clear Net Domain appeared first on Cyber Security News.

Dell Technologies has disclosed three critical vulnerabilities in its Storage Manager software that could allow attackers to bypass authentication, disclose sensitive information, and gain unauthorized access to systems. Announced on October 24, 2025, these flaws affect versions of Dell Storage Manager up to 20.1.21 and pose significant risks to organizations relying on the tool for […]

The post Critical Dell Storage Manager Vulnerabilities Let Attackers Compromise System appeared first on Cyber Security News.

Hackers are actively exploiting a critical flaw in Microsoft’s Windows Server Update Services (WSUS), with security researchers reporting widespread attempts in the wild. The vulnerability, tracked as CVE-2025-59287, allows remote code execution on unpatched WSUS servers, potentially granting attackers full control over enterprise networks. As of October 27, 2025, firms monitoring global scan data have […]

The post Hackers Exploiting Microsoft WSUS Vulnerability In The Wild – 2800 Instances Exposed Online appeared first on Cyber Security News.

Law enforcement agencies from the United States and France have seized the onion leak website operated by the notorious Scattered LAPSUS$ Hunters collective, displaying a prominent seizure notice featuring logos from the FBI, Department of Justice, and international partners. This coordinated action, executed around October 9, 2025, targeted the BreachForums infrastructure, which the group had […]

The post Scattered LAPSUS$ Hunters Onion Leak Website Taken Down By Law-enforcement Agencies appeared first on Cyber Security News.

A new tool called EDR-Redir has emerged, allowing attackers to redirect or isolate the executable folders of popular Endpoint Detection and Response (EDR) solutions. Demonstrated by cybersecurity researcher TwoSevenOneT, the technique leverages Windows’ Bind Filter driver (bindflt.sys) and Cloud Filter driver (cldflt.sys) to undermine EDR protections without requiring kernel-level access. This user-mode exploit, rooted in […]

The post New EDR-Redir Tool Breaks EDR Exploiting Bind Filter and Cloud Filter Driver appeared first on Cyber Security News.

A sophisticated phishing technique called CoPhish exploits Microsoft Copilot Studio to trick users into granting attackers unauthorized access to their Microsoft Entra ID accounts. Dubbed by Datadog Security Labs, this method uses customizable AI agents hosted on legitimate Microsoft domains to wrap traditional OAuth consent attacks, making them appear trustworthy and bypassing user suspicions. The […]

The post New CoPhish Attack Exploits Copilot Studio to Exfiltrate OAuth Tokens appeared first on Cyber Security News.

Welcome to this week’s edition of the Cybersecurity Newsletter, where we dissect the latest threats, vulnerabilities, and disruptions shaping the digital landscape. As organizations navigate an increasingly complex threat environment, staying ahead of emerging risks has never been more critical. This week, we’re zeroing in on major incidents that underscore the fragility of cloud infrastructure, […]

The post Cybersecurity Newsletter Weekly – AWS Outage, WSUS Exploitation, Chrome Flaws, and RDP Attacks appeared first on Cyber Security News.

A high-severity vulnerability in BIND 9 resolvers has been disclosed, potentially allowing attackers to poison caches and redirect internet traffic to malicious sites. Tracked as CVE-2025-40778, the flaw affects over 706,000 exposed instances worldwide, as identified by internet scanning firm Censys. Assigned a CVSS score of 8.6, this issue stems from BIND’s overly permissive handling […]

The post 706,000+ BIND 9 Resolver Instances Vulnerable to Cache Poisoning Exposed Online – PoC Released appeared first on Cyber Security News.

The notorious LockBit ransomware operation has resurfaced with a vengeance after months of dormancy following Operation Cronos takedown efforts in early 2024. Despite law enforcement disruptions and infrastructure seizures, the group’s administrator, LockBitSupp, has successfully rebuilt the operation and launched LockBit 5.0, internally codenamed “ChuongDong.” This latest variant represents a significant evolution in the group’s […]

The post LockBit 5.0 Actively Attacking Windows, Linux, and ESXi Environments appeared first on Cyber Security News.

A sophisticated backdoor named Android.Backdoor.Baohuo.1.origin has been discovered in maliciously modified versions of Telegram X messenger, granting attackers complete control over victims’ accounts while operating undetected. The malware infiltrates devices through deceptive in-app advertisements and third-party app stores, masquerading as legitimate dating and communication platforms. With more than 58,000 infected devices spread across approximately 3,000 […]

The post Hackers Weaponizing Telegram Messenger with Dangerous Android Malware to Gain Full System Control appeared first on Cyber Security News.

Southeast Asia’s online gambling ecosystem has become a breeding ground for sophisticated cyber threats, with criminal networks leveraging seemingly legitimate platforms to distribute malicious software to millions of unsuspecting users. A recently uncovered operation demonstrates how threat actors exploit the region’s thriving illegal gambling market by deploying a weaponized browser disguised as a privacy tool. […]

The post Vault Viper Exploits Online Gambling Websites Using Custom Browser to Install Malicious Program appeared first on Cyber Security News.

Cybercriminals have adopted a sophisticated social engineering strategy that exploits the trust inherent in job hunting, according to a recent security advisory. A financially motivated threat cluster operating from Vietnam has been targeting digital advertising and marketing professionals through fake job postings on legitimate employment platforms and custom-built recruitment websites. The campaign, which leverages remote […]

The post Google Warns of Threat Actors Using Fake Job Posting to Deliver Malware and Steal Credentials appeared first on Cyber Security News.

A sophisticated cyberattack campaign targeting Microsoft Internet Information Services (IIS) servers has emerged, exploiting decades-old security vulnerabilities to deploy malicious modules that enable remote command execution and search engine optimization fraud. The operation, which came to light in late August and early September 2025, leverages publicly exposed ASP.NET machine keys to compromise servers worldwide, affecting […]

The post Hackers Hijacking IIS Servers in The Wild Using Exposed ASP .NET Machine Keys to Inject Malicious Modules appeared first on Cyber Security News.

North Korean state-sponsored hackers from the Lazarus APT group launched a cyberespionage campaign targeting European companies involved in unmanned aerial vehicle development. Starting in late March 2025, attackers compromised three defense organizations across Central and Southeastern Europe, deploying advanced malware to steal proprietary UAV technology. The campaign, tracked as Operation DreamJob, employed social engineering using […]

The post North Korean Hackers Attacking Unmanned Aerial Vehicle Industry to Steal Confidential Data appeared first on Cyber Security News.

Cyber attackers are using new ways to breach systems, making threats hard to detect. Traditional tools like firewalls alone can’t keep up.  That’s where cyber deception steps in!  Using traps and decoys that lure and mislead attackers, deception technology allows security teams to capture attackers even before intrusion, speed up the response, and reduce damage.  Why Deception Technology Matters  […]

The post 5 Deception Solutions that are Changing the Cybersecurity Game  appeared first on Cyber Security News.

A sophisticated phishing campaign leveraging randomly generated Universal Unique Identifiers (UUIDs) has emerged, successfully bypassing Secure Email Gateways (SEGs) and evading perimeter defenses. The attack employs an advanced JavaScript-based phishing script combining random domain selection, dynamic UUID generation, and server-driven page replacement to steal credentials. Unlike conventional phishing operations relying on static redirects, this campaign […]

The post New Phishing Attack Bypasses Using UUIDs Unique to Bypass Secure Email Gateways appeared first on Cyber Security News.

OpenAI’s newly launched ChatGPT Atlas browser, designed to blend AI assistance with web navigation, faces a serious security flaw that allows attackers to jailbreak the system by disguising malicious prompts as harmless URLs. This vulnerability exploits the browser’s omnibox, a combined address and search bar that interprets inputs as either navigation commands or natural-language prompts […]

The post OpenAI ChatGPT Atlas Browser Jailbroken to Disguise Malicious Prompt as URLs appeared first on Cyber Security News.

In 2025, ransomware attacks against the public sector continue to accelerate at an alarming rate, showing no signs of slowing down despite increased cybersecurity awareness and defensive measures. Throughout the year, approximately 196 public sector entities worldwide have fallen victim to ransomware campaigns, resulting in crippling service outages, massive data loss, erosion of public trust, […]

The post Ransomware Actors Targeting Global Public Sectors and Critical Services in Targeted Attacks appeared first on Cyber Security News.