Cyber Security News

A critical Stored XSS vulnerability in Angular’s template compiler (CVE-2025-66412) allows attackers to execute arbitrary code by weaponizing SVG animation attributes. Bypassing Angular’s built-in security sanitization mechanisms and affecting applications using versions below 19.2.17, 20.3.15, or 21.0.2. The Angular template compiler includes an incomplete security schema that fails to classify and sanitize URL-holding attributes and […]

The post Angular Platform Vulnerability Allows Malicious Code Execution Via Weaponized SVG Animation Files appeared first on Cyber Security News.

A critical warning regarding a severe authentication vulnerability affecting Iskra’s iHUB and iHUB Lite intelligent metering gateways used in energy infrastructure worldwide. The flaw, tracked as CVE-2025-13510, carries a CVSS v4 severity score of 9.3, indicating an exploit that requires minimal technical complexity for attackers. The vulnerability stems from the absence of an authentication mechanism […]

The post CISA Warns of Iskra iHUB Vulnerability Allowing Remote Device Reconfiguration appeared first on Cyber Security News.

A concerning development has emerged within the cybercriminal ecosystem as threat actors continue distributing K.G.B RAT, a remote access trojan bundled with advanced detection evasion capabilities. According to recent reports, this tool combination surfaced on underground forums and has caught the attention of security researchers worldwide. The malware package includes not only the K.G.B RAT […]

The post Threat Actors Allegedly Promoting Fully Undetectable K.G.B RAT on Hacker Forums appeared first on Cyber Security News.

Two sophisticated Linux rootkits are posing increasingly serious threats to network security by exploiting eBPF technology to hide their presence from traditional detection systems. BPFDoor and Symbiote, both originating from 2021, represent a dangerous class of malware that combines advanced kernel-level access with powerful evasion capabilities. In 2025 alone, security researchers detected 151 new samples […]

The post BPFDoor and Symbiote Rootkits Attacking Linux Systems Exploiting eBPF Filters appeared first on Cyber Security News.

Matanbuchus represents a significant threat in the cybercriminal landscape as a dangerous malware downloader written in C++. Since 2020, this tool has been sold as Malware-as-a-Service, allowing threat actors to rent access and deploy it against targeted organizations. In July 2025, security researchers discovered version 3.0 operating in real-world attacks, marking a notable evolution in […]

The post Threat Actors Leveraging Matanbuchus Malicious Downloader to Ransomware and Establish Persistence appeared first on Cyber Security News.

Dashcams have become essential devices for drivers worldwide, serving as reliable witnesses in case of accidents or roadside disputes. However, a team of Singaporean cybersecurity researchers has uncovered a disturbing reality: these seemingly harmless devices can be hijacked within seconds and turned into powerful surveillance tools. The findings, presented at the Security Analyst Summit 2025, […]

The post Hackers can Hijack Your Dash Cams in Seconds and Weaponize it for Future Attacks appeared first on Cyber Security News.

Insider threats remain one of the most challenging security problems that organizations face today. These threats typically do not show obvious warning signs at first. Instead, they reveal themselves through small, unusual activities that often blend into normal daily operations. Many companies struggle to identify these early indicators because they occur within legitimate user accounts […]

The post Nisos Details Earlier Signs of Insider Detection via Authentication and Access Controls appeared first on Cyber Security News.

Ukraine-linked hackers are stepping up cyberattacks against Russian aerospace and wider defence-related companies, using new custom malware to steal designs, schedules, and internal emails. The campaign targets both prime contractors and smaller suppliers, aiming to map production chains and expose weak points in Russia’s war industry. The tools used in this campaign are simple, but […]

The post Ukraine Hackers Attacking Russian Aerospace Companies and Other Defence-Related Sectors appeared first on Cyber Security News.

Hackers are turning to Evilginx, a powerful adversary-in-the-middle tool, to get around multi-factor authentication and take over cloud accounts. The framework acts as a reverse proxy between the victim and real single sign-on pages, so the login screen looks and behaves just like the real thing. To the user, the fake site feels normal, with […]

The post Hackers Leverage Evilginx to Undermine MFA Security Mimicking Legitimate SSO Sites appeared first on Cyber Security News.

A new type of phishing attack that combines two different phishing kits: Salty2FA and Tycoon2FA. This marks a significant change in the Phishing-as-a-Service (PhaaS) landscape. While phishing kits typically maintain unique signatures in their code and delivery mechanisms, recent campaigns targeting enterprise users have begun deploying payloads that combine elements from both frameworks. This convergence […]

The post Salty2FA and Tycoon2FA Phishing Kits Attacking Enterprise Users to Steal Login Credentials appeared first on Cyber Security News.

Cybercriminals targeting Brazilian users have aggressively escalated their tactics, launching a highly sophisticated campaign dubbed “Water Saci.” This new wave of attacks weaponizes WhatsApp Web, a platform implicitly trusted by millions, to deliver banking trojans and steal sensitive financial data. By compromising user accounts, the attackers send convincing messages to trusted contacts, creating a rapid, […]

The post Water Saci Hackers Leveraging AI Tools to Attack WhatsApp Web Users appeared first on Cyber Security News.

A collaborative investigation by Mauro Eldritch of BCA LTD, ANYRUN, and NorthScan has provided unprecedented visibility into how North Korean threat actors from the Lazarus Group recruit and operate against Western companies. Researchers documented the complete attack cycle in real-time, capturing live footage of attackers using compromised systems. This breakthrough reveals the human side of […]

The post Researchers Expose Lazarus Recruitment Pipeline Live on Camera Through Honeypot Operation appeared first on Cyber Security News.

The Android TV community faces a significant security crisis as SmartTube, a popular third-party YouTube client, has been compromised due to exposed signing keys. Security researchers have identified malicious code embedded within official releases, prompting Google to forcibly disable the application on affected devices. The incident, which came to light through extensive community analysis, demonstrates […]

The post SmartTube YouTube App for Android TV Compromised Following Exposure of Signing Keys appeared first on Cyber Security News.

Bethesda, USA / Maryland, December 2nd, 2025, CyberNewsWire While most cybersecurity companies pour resources into AI models, massive compute, hoovering up all the data, and enhanced analytics to detect and prevent threats, Frenetik, a Maryland cyber startup, is betting on something simpler: making sure attackers don’t know what defenders know. The company emerged today with […]

The post Cyber Startup Frenetik Launches with Patented Deception Technology That Bets Against the AI Arms Race appeared first on Cyber Security News.

Baltimore, MD, December 2nd, 2025, CyberNewsWire The 2025 State of AI Data Security Report reveals a widening contradiction in enterprise security: AI adoption is nearly universal, yet oversight remains limited. Eighty-three percent of organizations already use AI in daily operations, but only 13 percent say they have strong visibility into how these systems handle sensitive […]

The post AI Adoption Surges While Governance Lags — Report Warns of Growing Shadow Identity Risk appeared first on Cyber Security News.

Google has released critical security updates to address multiple zero-day vulnerabilities affecting Android devices worldwide. The December 2025 security bulletin reveals that threat actors are actively exploiting at least two of these vulnerabilities in real-world attacks, prompting urgent action from the tech giant. Critical Vulnerabilities Under Active Exploitation The two most concerning vulnerabilities being actively […]

The post Google Patches Android 0-Day Vulnerabilities Exploited in the Wild appeared first on Cyber Security News.

OpenVPN has released critical security updates for its 2.6 stable and 2.7 development branches, addressing three vulnerabilities that could lead to local denial-of-service (DoS), security bypasses, and buffer over-reads. The patches, included in the newly released version 2.6.17 and 2.7_rc3, fix issues ranging from logic errors in HMAC verification to stability flaws in the Windows […]

The post OpenVPN Vulnerabilities Let Hackers Triggers Dos Attack and Bypass Security Checks appeared first on Cyber Security News.

India’s Department of Telecommunications (DoT) has ordered smartphone manufacturers to preload a government-backed cybersecurity app, “Sanchar Saathi,” on all new devices sold in the country. The order, issued privately on November 28, 2025, gives major players like Apple, Samsung, Xiaomi, Vivo, and Oppo 90 days to comply, requiring the “Sanchar Saathi” app to be installed […]

The post India Mandates ‘Undeletable’ Government Cybersecurity App for All Smartphones appeared first on Cyber Security News.

A malicious Visual Studio Code extension posing as the popular “Material Icon Theme” has been used to attack Windows and macOS users, turning the add-on into a hidden backdoor. The fake extension shipped through the marketplace with backdoored files, giving the attackers a direct path into developer workstations once it was installed. After installation, the […]

The post Malicious VS Code Extension as Icon Theme Attacking Windows and macOS Users appeared first on Cyber Security News.

Advanced steganography techniques are becoming increasingly central to state-sponsored cyber operations. Recent analysis has exposed two Chinese technology companies, BIETA and CIII, that allegedly provide sophisticated steganography solutions to support advanced persistent threat campaigns. These organizations operate as front companies linked to China’s Ministry of State Security, playing a critical role in modernizing the country’s […]

The post Chinese Front Companies Providing Advanced Steganography Solutions for APT Operations appeared first on Cyber Security News.