Cyber Security News

Google has confirmed that one of its corporate Salesforce instances was compromised in June by the threat group tracked as UNC6040. This incident is part of a Salesforce attack campaign involving voice phishing attacks aimed at stealing sensitive data from organizations’ Salesforce environments, followed by extortion demands. The breach highlights the growing risks of social […]

The post Google’s Salesforce Instances Hacked in Ongoing Attack – Hackers Exfiltrate User Data appeared first on Cyber Security News.

Cybercriminals have escalated their phishing operations by incorporating generative artificial intelligence tools to create sophisticated replicas of government websites, marking a significant evolution in social engineering tactics. A recent campaign targeting Brazilian citizens demonstrates how threat actors are exploiting AI-powered platforms like DeepSite AI and BlackBox AI to construct convincing duplicates of official government portals, […]

The post Threat Actors Leveraging GenAI for Phishing Attacks Impersonating Government Websites appeared first on Cyber Security News.

Danish jewellery giant Pandora has disclosed a significant data breach that compromised customer information through a third-party vendor platform.  The company has begun notifying affected customers, starting with Italian markets, about the cybersecurity incident that resulted in unauthorized access to personal data. Key Takeaways1. Supply-chain breach via third-party vendor exposed customer names, phone numbers, and […]

The post Global Jewellery Brand Pandora Suffers Hacked – Customer Data Exposed appeared first on Cyber Security News.

Rockwell Automation has disclosed three critical memory corruption vulnerabilities in its Arena® Simulation software that could allow threat actors to execute arbitrary code remotely on affected systems.  The security flaws, identified as CVE-2025-7025, CVE-2025-7032, and CVE-2025-7033, carry a high CVSS 4.0 base score of 8.4 and affect all versions 16.20.09 and prior.  The vulnerabilities were […]

The post Rockwell Arena Simulation Vulnerabilities Let Attackers Execute Malicious Code Remotely appeared first on Cyber Security News.

The emergence of DevilsTongue marks a significant escalation in mercenary spyware capabilities, leveraging advanced Windows-based techniques to infiltrate high-value targets worldwide. First observed in campaigns dating back to 2019, this modular malware aggressively exploits zero-day browser vulnerabilities and weaponized documents to gain initial access. Once deployed, it establishes a stealthy presence, exfiltrating sensitive data from […]

The post Sophisticated DevilsTongue Windows Spyware Tracking Users Globally appeared first on Cyber Security News.

Austin, TX, USA, August 6th, 2025, CyberNewsWire SpyCloud Investigations, now with AI Insights, empowers security teams to act decisively with finished intelligence built from billions of breach, malware, and phishing records. SpyCloud, the leader in identity threat protection, today announced a significant enhancement to its SaaS Investigations solution: the integration of advanced AI-powered insights that […]

The post SpyCloud Enhances Investigations Solution With AI-Powered Insights –Revolutionizing Insider Threat and Cybercrime Analysis appeared first on Cyber Security News.

WhatsApp has unveiled a comprehensive security enhancement that implements a “pause, question, and verify” protocol to protect users from sophisticated messaging scams.  The platform has simultaneously disrupted over 6.8 million accounts linked to criminal scam centers in the first half of 2025, while introducing automated detection algorithms and contextual safety overlays to help users identify […]

The post WhatsApp’s New Security Feature Allows Users to Pause, Question, and Verify Malicious Messages appeared first on Cyber Security News.

A sophisticated new malware campaign has emerged that weaponizes fake CAPTCHA verification pages to trick users into executing malicious PowerShell commands, marking a significant evolution in browser-based attack methodologies. The campaign, dubbed “ClickFix,” represents what cybersecurity experts are calling a next-generation mutation of traditional fake browser update scams that dominated the threat landscape throughout 2024. […]

The post CAPTCHAgeddon – New ClickFix Attack Leverages Fake Captcha to Deliver Malware Payload appeared first on Cyber Security News.

A sophisticated evasion technique employed by Akira ransomware affiliates, exploiting legitimate Windows drivers to bypass antivirus and endpoint detection and response (EDR) systems during recent SonicWall VPN attack campaigns.  The attacks, which have escalated from late July through early August 2025, demonstrate the threat actors’ evolving tactics to maintain persistence and avoid detection in compromised […]

The post Akira Ransomware Uses Windows Drivers to Bypass AV/EDR in SonicWall Attacks appeared first on Cyber Security News.

A wide range of vulnerabilities affects millions of Dell laptops used by government agencies, cybersecurity professionals, and enterprises worldwide. The vulnerabilities, collectively dubbed “ReVault,” target the Broadcom BCM5820X security chip embedded in Dell’s ControlVault3 firmware, creating opportunities for attackers to steal passwords, biometric data, and maintain persistent access to compromised systems. The vulnerabilities affect more […]

The post Critical Firmware Vulnerabilities Exposes Millions of Dell Laptops to Device Takeover and Malware Attacks appeared first on Cyber Security News.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert, adding three vulnerabilities affecting D-Link devices to its Known Exploited Vulnerabilities (KEV) Catalog. The inclusion of these flaws in the catalog signifies that they are being actively exploited by malicious cyber actors in real-world attacks, posing a significant threat to networks. The […]

The post CISA Warns of D-Link Vulnerabilities Actively Exploited in Attacks appeared first on Cyber Security News.

The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) has issued a critical warning about the exploitation of convertible virtual currency (CVC) kiosks by criminal organizations. Released on August 4, 2025, the advisory highlights how these cryptocurrency ATMs, while designed as convenient access points for legitimate users, have become significant vectors for fraudulent […]

The post U.S. Treasury Warns of Crypto ATMs Fueling Criminal Activity appeared first on Cyber Security News.

Microsoft has announced the return of its groundbreaking Zero Day Quest, the largest public hacking event in history, offering unprecedented bounty rewards of up to $5 million for high-impact security research. Building upon last year’s successful $4 million initiative, this enhanced program demonstrates Microsoft’s commitment to collaborative security through responsible vulnerability disclosure and community engagement. […]

The post Microsoft Zero Day Quest Hacking Contest – Rewards Up to $5 Million appeared first on Cyber Security News.

Cyber-criminals have gradually shifted their focus toward the high-value infrastructure that trains, tunes and serves modern artificial-intelligence models. Over the past six months, incident-response teams have documented a new malware family, tentatively dubbed “ShadowInit,” that targets GPU clusters, model-serving gateways and orchestration pipelines inside large language model (LLM) deployments. Unlike earlier crypto-mining campaigns, ShadowInit seeks […]

The post Cyber Attacks Against AI Infrastructure Are in The Rise With Key Vulnerabilities Uncovered appeared first on Cyber Security News.

A sophisticated cybercriminal campaign dubbed “ClickTok” has emerged as one of the most extensive threats targeting TikTok Shop users worldwide, with researchers identifying over 10,000 malicious domains designed to steal user credentials and deploy advanced spyware. The campaign represents a significant escalation in e-commerce-focused cyberattacks, combining traditional phishing techniques with cutting-edge malware distribution to exploit […]

The post 10,000+ Malicious TikTok Shop Domains Attacking Users to Steal Logins and Deploy Malware appeared first on Cyber Security News.

You’re on a four-day clock. Following new SEC rules announced on July 26, 2023, U.S. public companies must disclose any cybersecurity incident they determine to be ‘material’ within four business days of that determination. For most companies, this requirement became effective on December 15, 2023. Meanwhile, the average global cost of a data breach jumped […]

The post The Network-Security Compliance Checklist: 25 Controls, Mapped And Audit-Ready appeared first on Cyber Security News.

A critical vulnerability in Cursor IDE, the rapidly growing AI-powered development environment, enables persistent remote code execution through manipulation of the Model Context Protocol (MCP) system. The vulnerability, tracked as CVE-2025-54136 and dubbed “MCPoison,” exploits a trust validation flaw that allows attackers to execute arbitrary commands on developer machines without triggering security warnings. Cursor IDE […]

The post New MCPoison Attack Leverages Cursor IDE MCP Validation to Execute Arbitrary System Commands appeared first on Cyber Security News.

SSL certificates are used everywhere from websites and APIs to mobile apps, internal tools and CI/CD pipelines. While most teams know they’re important, they often don’t manage them well. Certificates are usually forgotten until something breaks. If they expire, get misused, or aren’t monitored, they turn into easy targets for attackers. A small mistake in […]

The post How Certificate Mismanagement Opens The Door For Phishing And MITM Attacks appeared first on Cyber Security News.

Cybersecurity is about staying one step ahead. The security of business assets hinges on proactive threat detection and rapid response powered by data. Every security system and service from network monitoring and incident response to analytics depends on continuous data feeds to function effectively.   The Foundation: Quality Threat Data  Effective cybersecurity hinges on data quality. […]

The post How To Get Real-Time IOCs From Incidents Across 15K SOCs  appeared first on Cyber Security News.

A critical vulnerability in Streamlit, the popular open-source framework for building data applications, enables attackers to conduct cloud account takeover attacks.  The flaw, discovered in February 2025, exploits weaknesses in Streamlit’s st.file_uploader component to bypass file type restrictions and gain unauthorized access to cloud instances running Streamlit applications. The vulnerability demonstrates how seemingly minor components […]

The post New Streamlit Vulnerability Allows Hackers to Launch Cloud Account Takeover Attacks appeared first on Cyber Security News.