Cyber Security News

AI assistant systems were successfully exploited by using a crafted Gmail message to trigger code execution through Claude Desktop while bypassing built-in security protections.  The attack exploits the Model Context Protocol (MCP) ecosystem, where individual components remain secure in isolation but create dangerous attack surfaces when combined.  Key Takeaways1. Attack succeeded by chaining secure components […]

The post Gmail Message Used to Trigger Code Execution in Claude and Bypass Protections appeared first on Cyber Security News.

Oracle released its July 2025 Critical Patch Update on July 15, addressing 309 security vulnerabilities across its extensive product portfolio.  This quarterly security update represents one of the most comprehensive patches in recent history, targeting critical flaws in database systems, middleware, cloud applications, and enterprise software that could potentially expose organizations to severe cyberattacks. The […]

The post Oracle Critical Security Update – 309 Vulnerabilities with 145 Remotely Exploitable Patched appeared first on Cyber Security News.

A critical security vulnerability has been discovered in Vim, the popular open-source command line text editor used by millions of developers worldwide.  The vulnerability, designated as CVE-2025-53906, affects the zip.vim plugin and enables attackers to overwrite arbitrary files through specially crafted zip archives.  Key Takeaways1. CVE-2025-53906, Vim's zip.vim plugin is vulnerable to path traversal attacks […]

The post Vim Command Line Text Editor Vulnerability Let Attackers Overwrite Sensitive Files appeared first on Cyber Security News.

Iranian cyber operatives have intensified their assault on American critical infrastructure, with Intelligence Group 13 emerging as a primary threat actor targeting water treatment facilities, electrical grids, and industrial control systems across the United States. The group, operating under the umbrella of the Islamic Revolutionary Guard Corps (IRGC) Shahid Kaveh Cyber Group, has demonstrated sophisticated […]

The post Iranian Threat Actors Attacking U.S. Critical Infrastructure Including Water Systems appeared first on Cyber Security News.

Multiple severe vulnerabilities have been addressed affecting VMware ESXi, Workstation, Fusion, and Tools that could allow attackers to execute malicious code on host systems.  The vulnerabilities, identified as CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, and CVE-2025-41239, carry CVSS scores ranging from 6.2 to 9.3, with three classified as critical severity.  Security researchers discovered these flaws through the Pwn2Own […]

The post VMware ESXi and Workstation Vulnerabilities Let Attackers Execute Malicious Code on Host appeared first on Cyber Security News.

A sophisticated new credential stealer disguised as a legitimate forensic toolkit has emerged on GitHub, targeting sensitive user data including VPN configurations, browser credentials, and cryptocurrency wallet information. The Octalyn Stealer, first identified in July 2025, presents itself as an educational research tool while functioning as a fully operational malware designed for large-scale data theft […]

The post Octalyn Stealer Steals VPN Configurations, Passwords and Cookies in Structured Folders appeared first on Cyber Security News.

North Korean threat actors have escalated their software supply chain attacks with the deployment of 67 malicious npm packages that collectively garnered over 17,000 downloads before detection. This latest campaign represents a significant expansion of the ongoing “Contagious Interview” operation, introducing a previously unreported malware loader dubbed XORIndex alongside the existing HexEval Loader infrastructure. The […]

The post North Korean Hackers Weaponized 67 Malicious npm Packages to Deliver XORIndex Malware appeared first on Cyber Security News.

A massive network of fraudulent news websites has been uncovered, with cybersecurity researchers identifying over 17,000 Baiting News Sites (BNS) across 50 countries orchestrating sophisticated investment fraud schemes. These malicious platforms masquerade as legitimate news outlets, publishing fabricated stories featuring well-known public figures and respected financial institutions to build trust and lure unsuspecting victims into […]

The post BaitTrap – 17,000+ Fake News Websites Caught Promoting Investment Frauds appeared first on Cyber Security News.

The cybersecurity landscape has witnessed an alarming evolution in hacktivist operations, with threat actors increasingly shifting their focus from traditional DDoS attacks and website defacements to sophisticated industrial control system (ICS) infiltrations. This tactical transformation represents a significant escalation in the hacktivist threat ecosystem, as groups now target critical infrastructure components that directly impact national […]

The post Hacktivist Groups Attacks on Critical ICS Systems to Steal Sensitive Data appeared first on Cyber Security News.

Google has released an emergency security update for Chrome, addressing a critical zero-day vulnerability that attackers are actively exploiting in real-world attacks. The tech giant confirmed that CVE-2025-6558 is being leveraged by threat actors, prompting an immediate patch deployment across all supported platforms. Google Chrome has been updated to version 138.0.7204.157/.158 for Windows and Mac […]

The post Google Chrome 0-day Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.

The cybersecurity landscape has experienced a dramatic shift as ransomware operators increasingly target Linux and VMware environments, abandoning their traditional focus on Windows systems. Recent threat intelligence indicates that criminal groups are developing sophisticated, Linux-native ransomware specifically engineered to exploit the unique vulnerabilities of enterprise virtualization platforms and cloud infrastructures. This strategic pivot represents a […]

The post Ransomware Gangs Actively Expanding to Attack VMware and Linux Systems appeared first on Cyber Security News.

North Korean threat actors have escalated their sophisticated cyber operations against cryptocurrency startups, deploying an evolved malware campaign that leverages fraudulent Zoom meeting invitations to infiltrate target organizations. The campaign, which has been active for over a year, specifically targets individuals and businesses operating within the Web3, cryptocurrency, and blockchain sectors through carefully orchestrated social […]

The post North Korean Hackers Using Fake Zoom Invites to Attack Crypto Startups appeared first on Cyber Security News.

A newly disclosed flaw in Apache Tomcat’s Coyote engine—tracked as CVE-2025-53506—has surfaced in the latest round of HTTP/2 security advisories. First noted in the National Vulnerability Database five days ago, the weakness stems from Coyote’s failure to enforce a hard cap on concurrent streams when an HTTP/2 client never acknowledges the server’s initial SETTINGS frame. […]

The post Apache Tomcat Coyote Vulnerability Let Attackers Trigger DoS Attack appeared first on Cyber Security News.

The National Cyber Security Centre (NCSC) has issued a critical advisory urging organizations to prioritize upgrading to Windows 11 before the October 14, 2025 end-of-life deadline for Windows 10. This recommendation comes amid growing concerns about the cybersecurity implications of maintaining legacy operating systems, particularly as cyber criminals increasingly target outdated infrastructure for exploitation. The […]

The post NCSC Urges Organizations to Upgrade Microsoft Windows 11 to Defend Cyberattacks appeared first on Cyber Security News.

Cybersecurity researchers have identified a sophisticated international fraud campaign that leverages impersonated news websites from major outlets including CNN, BBC, CNBC, News24, and ABC News to orchestrate large-scale investment scams. The operation demonstrates advanced social engineering tactics combined with technical deception methods to target victims across multiple countries. The campaign operates through a multi-stage attack […]

The post Threat Actors Mimic CNN, BBC, and CNBC Websites to Promote Investment Scams appeared first on Cyber Security News.

Sophisticated Android malware variant exploits ZIP-level manipulation and dynamic code loading to evade detection while conducting ad fraud operations targeting mobile users globally. Zimperium’s zLabs security research team has identified a new and highly sophisticated variant of the Konfety Android malware that employs advanced evasion techniques to bypass security analysis tools and conduct fraudulent advertising […]

The post Konfety Android Malware on Google Play Uses ZIP Manipulation to Imitate Legitimate Apps appeared first on Cyber Security News.

Security Operations Centers (SOCs) face a fundamental challenge: distinguishing genuine threats from false positives while maintaining rapid response times. The key to meeting this challenge lies in enriching threat data with actionable context that enables faster, more informed decision-making.  Core SOC Performance Metrics  SOC teams juggle multiple competing priorities while working under constant time pressure. […]

The post How SOC Teams Reduce MTTD And MTTR With Threat Context Enrichment  appeared first on Cyber Security News.

The cybersecurity landscape has witnessed a paradigm shift in 2025, with Distributed Denial of Service (DDoS) attacks reaching unprecedented levels of scale and sophistication. The second quarter of 2025 has marked a historic milestone with the largest DDoS attack ever recorded, demonstrating the evolving nature of digital threats and the critical importance of robust cybersecurity […]

The post Hackers Breaking Internet with 7.3 Tbps and 4.8 Billion Packets Per Second DDoS Attack appeared first on Cyber Security News.

A sophisticated new ransomware-as-a-service operation has emerged with advanced AI-powered negotiation capabilities and mobile management features, targeting organizations across healthcare, automotive, and industrial sectors. GLOBAL GROUP, operated by threat actor “$$$”, has claimed 17 victims across multiple countries since its June 2025 launch, demonstrating rapid operational scaling through automated systems and strategic partnerships with Initial […]

The post GLOBAL GROUP RaaS Operators Enable AI-powered Negotiation Functionality appeared first on Cyber Security News.

GitGuardian, the leader in automated secrets detection and remediation, today announced the launch of its Model Context Protocol (MCP) Server, a powerful new infrastructure designed to bring AI-assisted secrets security directly into developer environments. As intelligent agents begin to reshape the software development landscape, GitGuardian’s MCP server marks a pivotal shift in aligning security practices with […]

The post GitGuardian Launches MCP Server to Bring Secrets Security into Developer Workflows appeared first on Cyber Security News.