Cyber Security News

CrowdStrike has disclosed and released patches for two medium-severity vulnerabilities in its Falcon sensor for Windows that could allow an attacker to delete arbitrary files. The security vulnerabilities, designated as CVE-2025-42701 and CVE-2025-42706, require an attacker to have already gained the ability to execute code on a target system. The company has stated that there […]

The post CrowdStrike Falcon Windows Sensor Vulnerability Let Attackers Execute Code and Delete Files on Host appeared first on Cyber Security News.

A critical SQL injection vulnerability in FreePBX has emerged as a significant threat to VoIP infrastructure worldwide, enabling attackers to manipulate database contents and achieve arbitrary code execution. FreePBX, a widely deployed PBX system built around the open-source Asterisk VoIP platform, provides organizations with web-based administrative capabilities for managing telecommunications infrastructure. The vulnerability, designated as […]

The post FreePBX SQL Injection Vulnerability Exploited to Modify The Database appeared first on Cyber Security News.

A new threat group calling itself Crimson Collective has emerged as a significant cybersecurity concern, targeting Amazon Web Services (AWS) cloud environments with sophisticated data exfiltration and extortion campaigns. The group has recently claimed responsibility for attacking Red Hat, asserting they successfully compromised and stole private repositories from Red Hat’s GitLab infrastructure. This development represents […]

The post Crimson Collective Leverages AWS Services to Exfiltrate Sensitive Data appeared first on Cyber Security News.

A sophisticated new breed of ransomware attacks is leveraging legitimate database commands to compromise organizations worldwide, bypassing traditional security measures through “malware-less” operations. Unlike conventional ransomware that encrypts files using malicious binaries, threat actors are exploiting exposed database services by abusing standard database functionality to steal, wipe, and ransom critical data. The attack methodology represents […]

The post Hackers Actively Compromising Databases Using Legitimate Commands appeared first on Cyber Security News.

The notorious cybercriminal collective known as Scattered Lapsus$ Hunters has escalated their extortion campaign by launching a dedicated leak site to threaten organizations with the exposure of stolen Salesforce data. This supergroup, comprised of established threat actors including ShinyHunters, Scattered Spider, and Lapsus$, represents a sophisticated evolution in ransomware-as-a-service operations that targets one of the […]

The post Scattered Lapsus$ Hunters Launched a New Leak Site to Release Data Stolen from Salesforce Instances appeared first on Cyber Security News.

In recent weeks, cybersecurity analysts have observed a resurgence of the Mustang Panda threat actor deploying a novel DLL side-loading approach to deliver malicious payloads. Emerging in June 2025, this campaign leverages politically themed lures targeting Tibetan advocacy groups. Victims receive a ZIP archive containing a decoy executable named Voice for the Voiceless Photos.exe alongside […]

The post Mustang Panda Using New DLL Side-Loading Technique to Deliver Malware appeared first on Cyber Security News.

Security teams are constantly on the move. Alerts never stop coming in, workloads keep piling up, and the pressure to react fast can wear anyone down. Add long investigations and a maze of tools on top of that, and burnout becomes almost inevitable.  Still, it doesn’t have to be this way. With the right approach, […]

The post 3 Steps to Beat Burnout in Your SOC and Solve Cyber Incidents Faster  appeared first on Cyber Security News.

A sophisticated cyberattack campaign, active since August 2025, where a China-nexus threat actor has been weaponizing a legitimate server operations tool called Nezha to execute commands and deploy malware on compromised web servers. This campaign, uncovered by Huntress, represents the first publicly reported instance of Nezha being abused in this manner, highlighting a tactical shift […]

The post Chinese Hackers Weaponized Nezha Tool to Execute Commands on Web Server appeared first on Cyber Security News.

Generative AI has gone from a novelty to a foundation of organization efficiency in just a few short years. From copilots embedded in office suites to dedicated large language model (LLM) platforms, personnel now rely on these platforms to code, analyze, draft, and decide. But for CISOs and security architects, the very speed of adoption […]

The post Rethinking AI Data Security: A Buyer’s Guide for CISOs appeared first on Cyber Security News.

Tel Aviv, Israel, October 8th, 2025, CyberNewsWire Miggo Security, pioneer and innovator in Application Detection & Response (ADR) and AI Runtime Defense, today announced it has been recognized as a Gartner Cool Vendor in AI Security. To us, this recognition underscores Miggo’s mission to close the detection-to-mitigation gap that plagues security teams today by providing […]

The post Miggo Security Named a Gartner® Cool Vendor in AI Security appeared first on Cyber Security News.

A China-aligned advanced persistent threat (APT) group is actively leveraging OpenAI’s ChatGPT platform to develop malware and craft sophisticated spear-phishing emails for its global campaigns. Security firm Volexity tracks the actor as UTA0388 and has analyzed its operations since June 2025, concluding with high confidence that the group uses Large Language Models (LLMs) to automate […]

The post APT Hackers Exploit ChatGPT to Create Sophisticated Malware and Phishing Emails appeared first on Cyber Security News.

A sophisticated Android remote access trojan (RAT) has emerged on GitHub, presenting significant security concerns for mobile device users worldwide. The malware, publicly available under the repository “Android-RAT” by user Huckel789, claims to offer fully undetectable (FUD) capabilities that can bypass modern security measures and antivirus detection systems. This malicious software represents a concerning evolution […]

The post New Fully Undetectable FUD Android RAT Hosted on GitHub appeared first on Cyber Security News.

In recent weeks, security teams have observed a surge in malvertising campaigns distributing what appears to be a fully functional PDF editor. Dubbed TamperedChef, this malware masquerades as a legitimate application—AppSuite PDF Editor—leveraging convincing advertisements to lure European organizations and individuals into downloading the installer. Once executed, the installer exhibits expected functionalities for nearly two […]

The post TamperedChef Malware as PDF Editor Harvest Browser Credentials and Allows Backdoor Access appeared first on Cyber Security News.

Google has introduced CodeMender, a new artificial intelligence-powered agent that automatically enhances software security by identifying and fixing vulnerabilities. This initiative addresses the growing gap between the rapid, AI-assisted discovery of security flaws and the time-consuming manual effort required to patch them. Leveraging advanced AI, CodeMender not only reacts to new threats but also proactively […]

The post Google’s New AI Agent, CodeMender, Automatically Rewrites Vulnerable Code appeared first on Cyber Security News.

Yurei ransomware first emerged in early September 2025, targeting Windows environments with a sophisticated Go-based payload designed for rapid, large-scale encryption. Once executed, the malware enumerates all accessible local and network drives, appends a .Yurei extension to each file, and writes unique ransom notes in every affected directory. Its operators then demand payment over Tor, […]

The post Yurei Ransomware Leverages SMB Shares and Removable Drives to Encrypt Files appeared first on Cyber Security News.

Cisco has announced the release of ClamAV 1.5.0, a significant update to the open-source antivirus engine that introduces major security enhancements, new document scanning capabilities, and extensive API improvements. This version strengthens the platform’s detection and verification mechanisms, with a particular focus on Microsoft Office documents, PDF files, and overall cryptographic integrity, providing users with […]

The post ClamAV 1.5.0 Released with New MS Office and PDF Verification Features appeared first on Cyber Security News.

A critical flaw in the AWS Client VPN for macOS has been disclosed, presenting a local privilege escalation risk to non-administrator users.  The vulnerability tracked as CVE-2025-11462 allows attackers to gain root privileges by abusing the client’s log rotation mechanism. AWS Client VPN is a managed, client-based VPN service that secures access to AWS and […]

The post Critical AWS ClientVPN for macOS Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.

Researchers set out to test leading large language models (LLMs) for resilience against the long-standing ASCII Smuggling technique.  By embedding invisible control characters within seemingly harmless text, ASCII Smuggling abuses Unicode “tag” blocks to hide malicious instructions from human reviewers while feeding them directly into the raw input stream consumed by LLMs.  FireTail researcher Viktor […]

The post ASCII Smuggling Attack Lets Hackers Manipulate Gemini to Deliver Smuggled Data to Users appeared first on Cyber Security News.

Three newly disclosed vulnerabilities have been identified in the Lua scripting engine of Redis 7.4.5, each presenting severe risks of remote code execution and privilege escalation.  Redrays has released a detailed proof-of-concept (PoC) to exploit these vulnerabilities, which is now publicly available. Organizations are urged to act immediately. Use-After-Free Flaw (CVE-2025-49844) This vulnerability arises when […]

The post PoC Exploit Released for Critical Lua Engine Vulnerabilities appeared first on Cyber Security News.

OpenAI announced it has banned a series of ChatGPT accounts linked to Chinese state-affiliated hacking groups that used the AI models to refine malware and create phishing content. The October 2025 report details the disruption of several malicious networks as part of the company’s ongoing commitment to preventing the abuse of its AI technologies by […]

The post OpenAI Banned ChatGPT Accounts Used by Chinese and North Korean Hackers to Develop Malware appeared first on Cyber Security News.