Cyber Security News

Security researcher Sergei Volokitin has presented findings on hardware vulnerabilities discovered in Xiaomi devices, including the company’s S3 smartwatch, during a presentation at a major cybersecurity conference. The research was conducted as part of a collaborative security event where researchers and vendors work together to identify and address device vulnerabilities. The security research was conducted […]

The post Xiaomi Smartwatch Hacked Using Touch Point to Find Unlock PIN coordinates appeared first on Cyber Security News.

Halo Security’s Attack Surface Management Platform Honored for Exceptional Innovation and Successful Deployment Through The Channel Halo Security today announced that its attack surface management solution has been named a 2025 MSP Today Product of the Year Award winner by TMC, a leading global media company recognized for building communities in technology and business through live […]

The post Halo Security Honored with 2025 MSP Today Product of the Year Award appeared first on Cyber Security News.

North Korean-aligned threat actors from the infamous Famous Chollima group have escalated their cyber operations by deploying a sophisticated new Python-based remote access trojan targeting Windows and macOS users in the cryptocurrency and blockchain sectors. The malware campaign represents a significant evolution of their previously documented GolangGhost RAT, demonstrating the group’s continued adaptation and technical […]

The post Famous Chollima Hackers Attacking Windows and MacOS Users With GolangGhost RAT appeared first on Cyber Security News.

A comprehensive security investigation has revealed widespread vulnerabilities in GitHub Actions workflows across major open source repositories, including those maintained by prestigious organizations such as MITRE and Splunk. The discovery highlights a concerning pattern of insecure continuous integration and continuous delivery (CI/CD) configurations that expose these projects to potential supply chain attacks and unauthorized access […]

The post Insecure GitHub Actions in Open Source Projects MITRE and Splunk Exposes Critical Vulnerabilities appeared first on Cyber Security News.

In a concerning development for mobile payment security, cybersecurity experts have identified a sophisticated new malware strain named “SuperCard” that exploits Android devices to steal payment card data. This malicious application, a modified version of the legitimate NFCGate program, intercepts Near Field Communication (NFC) traffic during contactless payments, effectively turning compromised phones into relay devices […]

The post New SuperCard Malware Using Hacked Android Phones to Relay Data from Users Payment Cards to Attackers Device appeared first on Cyber Security News.

Phishing remains one of the most effective ways attackers infiltrate corporate environments. Today’s phishing campaigns are no longer just poorly written emails with obvious red flags. They’re sophisticated, well-disguised, and tailored to exploit trust in everyday tools your teams use.  From fileless redirections to abuse of collaboration platforms like Notion, these new tactics are designed […]

The post 5 New Trends In Phishing Attacks On Businesses – Must Aware Threats appeared first on Cyber Security News.

A comprehensive new study reveals the sophisticated architecture behind Russia’s externalized cyber warfare strategy, exposing how the Kremlin systematically exploits private companies, hacktivist collectives, and cybercriminal groups to enhance its digital offensive capabilities while maintaining plausible deniability. The research demonstrates that Russia’s cyber outsourcing model emerged from the chaotic post-Soviet collapse of 1991, when institutional […]

The post Researchers Uncovered on How Russia Leverages Private Companies, Hacktivist to Strengthen Cyber Capabilities appeared first on Cyber Security News.

China’s People’s Liberation Army has accelerated its integration of generative artificial intelligence across military intelligence operations, marking a significant shift in how the world’s largest military force approaches data collection, analysis, and strategic decision-making. This technological transformation represents the PLA’s recognition that traditional intelligence methods can no longer adequately identify threats and opportunities in an […]

The post PLA Rapidly Deploys AI Technology Across Military Intelligence Operations appeared first on Cyber Security News.

Microsoft has announced a new security capability within its Defender for Office 365 suite aimed at combating the growing threat of email bombing attacks.  The feature, officially labeled “Mail Bombing Detection,” will automatically identify and quarantine high-volume email flooding campaigns that attempt to overwhelm user inboxes or obscure legitimate messages.  This technology enhancement will be […]

The post Microsoft Defender for Office 365 to Block Email Bombing Attacks appeared first on Cyber Security News.

The RapperBot botnet has reached unprecedented scale, with security researchers observing over 50,000 active bot infections targeting network edge devices across the globe. This sophisticated malware campaign represents one of the most persistent and evolving cyber threats currently plaguing internet-connected infrastructure, demonstrating remarkable adaptability and technical sophistication since its initial emergence. First disclosed by CNCERT […]

The post RapperBot Botnet Attack Peaks 50,000+ Attacks Targeting Network Edge Devices appeared first on Cyber Security News.

Cybersecurity experts are sounding the alarm about a sophisticated malware campaign that leverages malicious advertisements targeting system administrators through weaponized PuTTY downloads. This emerging threat represents a significant shift in attack vectors, with malicious advertisements now surpassing traditional phishing methods as the primary delivery mechanism for malware infections. The current campaign uncovered by ExpelSecurity specifically […]

The post System Admins Beware! Weaponized Putty Ads in Bing Installs Remote Access Tools appeared first on Cyber Security News.

The Gunra ransomware group escalated its attack on American Hospital Dubai (AHD), a premier healthcare facility in Dubai, UAE, by releasing new evidence of a major cyberattack. The group claims to have leaked 40 terabytes of sensitive data, including personal demographics, credit card details, Emirates ID numbers, health records, and internal documents, following an initial […]

The post Gunra Ransomware Group Allegedly Leaks 40TB of Data from American Hospital appeared first on Cyber Security News.

Microsoft experienced a significant service disruption affecting multiple Microsoft 365 services, including Teams and Exchange Online, impacting users globally whose requests were routed through the affected infrastructure. The company has confirmed that all services have now recovered following swift mitigative actions. The disruption primarily affected three core Microsoft services, causing widespread inconvenience for business users […]

The post Microsoft Investigating Teams and Exchange Online Services Disruption Impacting Users appeared first on Cyber Security News.

Security researchers have uncovered an active cyberattack campaign targeting Langflow servers through CVE-2025-3248, a critical remote code execution vulnerability that allows threat actors to deploy the sophisticated Flodrix botnet malware. The attacks demonstrate how cybercriminals are rapidly weaponizing newly disclosed vulnerabilities to compromise cloud infrastructure and expand their botnet operations. CVE-2025-3248, rated with a CVSS […]

The post Hackers Actively Exploiting Langflow RCE Vulnerability to Deploy Flodrix Botnet appeared first on Cyber Security News.

The Washington Post is conducting a comprehensive investigation into a sophisticated cyberattack that compromised the email accounts of multiple journalists, with security experts and federal authorities examining evidence that suggests the involvement of a foreign government. The intrusion, discovered late Thursday, specifically targeted reporters covering national security and economic policy issues, including those with expertise […]

The post Washington Post Journalists’ Microsoft Accounts Hacked in Targeted Cyberattack appeared first on Cyber Security News.

A former GCHQ intern has been sentenced to seven-and-a-half years in prison after copying top secret data files onto his mobile phone and taking them to his home computer, creating what prosecutors described as a significant risk to national security. Hasaan Arshad, 25, a computer science student from Rochdale, Greater Manchester, pleaded guilty at the […]

The post Former GCHQ Intern Jailed for Seven Years After Copying Top Secret Files to Mobile Phone appeared first on Cyber Security News.

International law enforcement agencies have successfully dismantled one of the world’s largest darknet marketplaces, “Archetyp Market,” in a coordinated operation that resulted in multiple arrests across Europe and the seizure of millions in criminal assets.  The operation, led by German authorities in collaboration with Spanish and Dutch police forces, represents a significant blow to the […]

The post Darknet Market Archetyp Takedown by Authorities in Joint Action ‘Operation Deep Sentinel’ appeared first on Cyber Security News.

Enterprise users of classic Microsoft Outlook are experiencing application crashes when attempting to create or open new emails, according to a technical advisory released by Microsoft today. The issue, which primarily affects virtual desktop infrastructure (VDI) environments, has been escalated for investigation by Microsoft’s technical support team. The problem is specifically affecting users of the […]

The post Microsoft Outlook Users Face Crashes When Creating New Emails, Temp Fix Issued appeared first on Cyber Security News.

Car-sharing giant Zoomcar Holdings, Inc. has disclosed a significant cybersecurity incident that compromised sensitive personal information of approximately 8.4 million users.  The breach, discovered on June 9, 2025, represents one of the largest data exposures in the mobility sector, highlighting ongoing vulnerabilities in cloud infrastructure security.  According to an SEC Form 8-K filing, threat actors […]

The post Zoomcar Hacked – 8.4 Million Users’ Sensitive Details Exposed appeared first on Cyber Security News.

Microsoft has announced a significant enhancement to its data protection capabilities with the introduction of a new Data Loss Prevention (DLP) feature that will prevent Microsoft 365 Copilot from processing emails containing sensitivity labels.  This development represents a crucial step in safeguarding sensitive organizational data within AI-powered productivity tools. Enhanced DLP for Microsoft 365 Copilot […]

The post Microsoft Purview DLP to Restrict Microsoft 365 Copilot in Processing Emails With Sensitive Labels appeared first on Cyber Security News.