Cyber Security News

A sophisticated new Phishing-as-a-Service (PhaaS) framework dubbed “Salty 2FA” has emerged as a significant threat to Microsoft 365 users across the US and European industries. This previously undocumented platform employs advanced obfuscation techniques and multi-stage execution chains specifically designed to bypass two-factor authentication mechanisms while stealing corporate credentials. The framework targets organizations spanning finance, telecommunications, […]

The post New Salty 2FA PhaaS Attacking Microsoft 365 Users to Steal Login Credentials appeared first on Cyber Security News.

A critical security flaw in Lenovo’s AI chatbot “Lena” has been discovered that allows attackers to execute malicious scripts on corporate machines through simple prompt manipulation.  The vulnerability, identified by cybersecurity researchers, exploits Cross-Site Scripting (XSS) weaknesses in the chatbot’s implementation, potentially exposing customer support systems and enabling unauthorized access to sensitive corporate data.  Key […]

The post Lenovo AI Chatbot Vulnerability Let Attackers Run Remote Scripts on Corporate Machines appeared first on Cyber Security News.

Microsoft’s comprehensive suite of online services, including the central Office.com portal, is currently experiencing a significant and widespread outage, leaving millions of users unable to access essential productivity applications. The company has confirmed the issue and is actively investigating the root cause to restore service as quickly as possible. The disruption, which began escalating earlier […]

The post Microsoft Office.com Suffers Major Outage, Investigation Underway – Updated appeared first on Cyber Security News.

An alleged threat actor has listed a Windows Zero-Day Remote Code Execution (RCE) exploit for sale, claiming it targets fully updated Windows 10, Windows 11, and Windows Server 2022 systems.  The posting reported by ThreatMon advertises weaponized exploit code purportedly capable of granting SYSTEM-level privileges with no prior authentication or user interaction, bypassing intrinsic Windows […]

The post Threat Actors Allegedly Listed Windows Zero-Day RCE Exploit For Sale on Dark Web appeared first on Cyber Security News.

A sophisticated campaign uncovered where adversaries are exploiting CVE-2023-46604, a critical remote code execution vulnerability in Apache ActiveMQ, to compromise cloud-based Linux systems. In this case, attackers are patching the very vulnerability they exploited to maintain exclusive access and evade detection, demonstrating advanced operational security practices typically reserved for nation-state actors. Key Takeaways1. Attackers exploit […]

The post Hackers Exploiting Apache ActiveMQ Vulnerability to Gain Access to Cloud Linux Systems appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated campaign by the Paper Werewolf threat actor group, also known as GOFFEE, targeting Russian organizations through the exploitation of critical vulnerabilities in WinRAR archiving software. The campaign, active since July 2025, demonstrates the group’s advanced capabilities in leveraging both known and previously undiscovered security flaws to establish persistent access […]

The post Paper Werewolf Exploiting WinRAR Zero‑Day Vulnerability to Deliver Malware appeared first on Cyber Security News.

A critical remote code execution (RCE) vulnerability in CodeRabbit’s production infrastructure that provided unauthorized access to over one million code repositories, including private ones.  The vulnerability, discovered in December 2024 and responsibly disclosed in January 2025, exploited the platform’s static analysis tool integration to leak sensitive API credentials and gain write access to GitHub repositories […]

The post CodeRabbit’s Production Servers RCE Vulnerability Enables Write Access on 1M Repositories appeared first on Cyber Security News.

A Chrome VPN extension with over 100,000 installations and verified badge status has been discovered operating as sophisticated spyware, continuously capturing user screenshots and exfiltrating sensitive data without consent. The extension, known as FreeVPN.One, masqueraded as a legitimate privacy tool while secretly implementing comprehensive surveillance capabilities that directly contradict its stated privacy promises. The malicious […]

The post Legitimate Chrome VPN With 100,000+ Installs Silently Captures Screenshots and Exfiltrate Sensitive Data appeared first on Cyber Security News.

Google has released an emergency security update for Chrome to address a critical vulnerability that could allow attackers to crash the browser or execute arbitrary code on affected systems.  The high-severity flaw, designated as CVE-2025-9132, affects Chrome’s V8 JavaScript engine and was discovered by Google’s automated vulnerability detection system, Big Sleep, on August 4, 2025. […]

The post Chrome High-Severity Vulnerability Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.

A sophisticated new Remote Access Trojan named GodRAT has emerged as a significant threat to financial institutions, leveraging deceptive screen saver files and steganographic techniques to infiltrate organizational networks. First detected in September 2024, this malware campaign has demonstrated remarkable persistence, with the most recent attacks observed as recently as August 12, 2025, indicating an […]

The post New GodRAT Weaponizing Screen Saver and Program Files to Attack Organizations appeared first on Cyber Security News.

A cybersecurity researcher has disclosed zero-day clickjacking vulnerabilities affecting eleven major password managers, potentially exposing tens of millions of users to credential theft through a single malicious click. The research, conducted by security expert Marek Tóth, reveals that attackers can exploit these vulnerabilities to steal credit card details, personal information, login credentials, and even two-factor […]

The post 0-Day Clickjacking Vulnerabilities Found in Major Password Managers like 1Password, LastPass and Others appeared first on Cyber Security News.

Microsoft is in the process of deploying a fix for a service degradation issue affecting Microsoft Teams users globally, which presents a “couldn’t connect to this app” error upon launching the desktop and web applications. The problem, tracked under Microsoft reference TM1131505, stems from a recent update intended to enhance the platform’s user interface. Users […]

The post Microsoft Teams “couldn’t connect” Error Following Recent Sidebar Update – Fix Released appeared first on Cyber Security News.

Recent cybersecurity intelligence has exposed a sophisticated infiltration campaign orchestrated by North Korean state-sponsored threat actors, specifically the Jasper Sleet group, who have systematically penetrated Western organizations through fraudulent employment schemes. This operation, targeting primarily Web3, blockchain, and cryptocurrency companies, represents a significant evolution in North Korean cyber warfare tactics, eliminating the need for traditional […]

The post New Research Unmask DPRK IT Workers Email Address and Hiring Patterns appeared first on Cyber Security News.

A comprehensive security analysis has revealed alarming vulnerabilities affecting over 700 million users across multiple VPN applications, exposing critical flaws that compromise the very privacy and security these services promise to protect. Research conducted by cybersecurity experts from Arizona State University, Citizen Lab, and Bowdoin College has uncovered three distinct families of VPN providers that […]

The post New Research Uncovers Connection Between VPN Apps and Multiple Security Vulnerabilities appeared first on Cyber Security News.

Despite the escalating danger of cybersecurity breaches, high-performing Security Operations Centers are able to maintain their resilience and prevent attacks. That’s what makes them essential for sustainable growth of businesses and organizations. But what enables powerful SOC teams to stay ahead of threats?  Choosing Quality Over Quantity  Winning SOCs use threat intelligence for early detection […]

The post How Winning SOCs Always Stay Ahead of Threats  appeared first on Cyber Security News.

OpenAI has unveiled ChatGPT Go, a budget-friendly subscription plan priced at just ₹399 per month (approximately $4 USD, GST included). The announcement, made today, positions the service as an accessible entry point to cutting-edge AI capabilities, including unlimited access to the company’s latest GPT-5 model. Initially rolling out exclusively in India, this geo-restricted launch underscores […]

The post OpenAI Launches $4 ChatGPT Go Plan with Unlimited Access to GPT-5 appeared first on Cyber Security News.

Researchers have identified a significant surge in malicious HTTP scanning activities originating from approximately 2,200 compromised small business routers across multiple vendors.  The campaign, which began escalating on July 30th, 2025, primarily targets Cisco Small Business RV series, Linksys LRT series, and Araknis Networks AN-300-RT-4L2W devices, indicating a coordinated botnet operation exploiting known vulnerabilities in […]

The post Scans From Hacked Cisco Small Business Routers, Linksys and Araknis are at the Raise appeared first on Cyber Security News.

Microsoft has unveiled a groundbreaking AI-powered security feature that addresses one of cybersecurity’s most persistent vulnerabilities: plain text credentials stored in Active Directory (AD) free-text fields.  The new posture alert in Microsoft Defender for Identity leverages artificial intelligence to detect exposed credentials with unprecedented precision, helping organizations identify and remediate identity misconfigurations before they can […]

The post Microsoft Defender AI to Uncover Plain Text Credentials Within Active Directory appeared first on Cyber Security News.

A sophisticated phishing campaign has emerged targeting enterprises with significant social media footprints, leveraging weaponized copyright infringement notices to deliver the evolved Noodlophile Stealer malware. This highly targeted threat represents a significant escalation from previous iterations, exploiting enterprises’ reliance on social media platforms through meticulously crafted spear-phishing emails that allege copyright violations on specific Facebook […]

The post Threat Actors Attacking Organizations Key Employees With Weaponized Copyright Documents to Deliver Noodlophile Stealer appeared first on Cyber Security News.

A series of alarming vulnerabilities in McDonald’s digital infrastructure, from free food exploits to exposed executive data. What started as a simple app glitch developed into a months-long trial, culminating in the researcher, BobDaHacker, cold-calling the company’s headquarters while mentioning security employees he found on LinkedIn. The fixes were implemented only after extraordinary efforts to […]

The post MCDonald’s Free Nuggets Hack Leads to Expose of Confidential Data appeared first on Cyber Security News.