Cyber Security News

A sophisticated threat actor known as Curly COMrades has deployed an innovative attack methodology that leverages legitimate Windows virtualization features to establish covert, long-term access to victim networks. The campaign, which began in early July 2025, represents a significant evolution in adversary tactics as threat actors increasingly seek methods to bypass endpoint detection and response […]

The post Curly COMrades Hacker Group Using New Tools to Create Hidden Remote Access on Compromised Windows 10 appeared first on Cyber Security News.

Any individual heavily depends on data as their most critical asset: from memorable photos to important work documents, everything must be safeguarded properly. Why? Simply because you can never predict what might happen to your data: you could lose your laptop with thousands of stored projects or accidentally delete entire folders containing your child’s photos.  The good news is […]

The post Guide to Choosing the Best Free Backup Software for Secure, Reliable Cloud Backup appeared first on Cyber Security News.

The notorious FIN7 threat group, also known by the nickname Savage Ladybug, continues to pose a significant risk to enterprise environments through an increasingly refined Windows SSH backdoor campaign. The group has been actively deploying this sophisticated backdoor mechanism to establish persistent remote access and facilitate data exfiltration operations. First documented in 2022, the malware […]

The post FIN7 Hackers Using Windows SSH Backdoor to Establish Stealthy Remote Access and Persistence appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a dangerous OS command injection vulnerability affecting Control Web Panel (CWP), formerly known as CentOS Web Panel. The vulnerability, tracked as CVE-2025-48703, enables unauthenticated remote attackers to execute arbitrary commands on vulnerable systems with minimal prerequisites. CVE-2025-48703 represents a significant security risk […]

The post CISA Warns of Control Web Panel OS Command Injection Vulnerability Exploited in Attacks appeared first on Cyber Security News.

DragonForce, a ransomware-as-a-service operation active since 2023, has dramatically evolved into what researchers now describe as a structured cybercriminal cartel, leveraging the publicly leaked Conti v3 source code to establish a formidable threat infrastructure. The group initially relied on the LockBit 3.0 builder for developing encryptors before transitioning to a customized Conti v3 codebase, giving […]

The post DragonForce Cartel Emerges From the Leaked Source Code of Conti v3 Ransomware appeared first on Cyber Security News.

A critical security flaw in the WordPress Post SMTP plugin has left more than 400,000 websites vulnerable to account takeover attacks. The vulnerability, identified as CVE-2025-11833, enables unauthenticated attackers to access email logs containing sensitive password reset information, potentially compromising administrator accounts and entire websites. The flaw stems from a missing authorization check in the […]

The post WordPress Post SMTP Plugin Vulnerability Exposes 400,000 Websites to Account Takeover Attacks appeared first on Cyber Security News.

Security teams drown in alerts but starve for insight. Blocklists catch the obvious. SIEM correlation gives clues. But only context reveals what an alert really means, and what you should do about it.  Every SOC sees thousands of signals: odd domains, masquerading binaries, strange persistence artifacts. On their own, these indicators mean almost nothing. A suspicious […]

The post Beat Threats with Context: 5 Actionable Tactics for SOC Analysts  appeared first on Cyber Security News.

XLoader remains one of the most challenging malware families confronting cybersecurity researchers. This sophisticated information-stealing loader emerged in 2020 as a rebrand of FormBook and has evolved into an increasingly complex threat. The malware’s code decrypts only at runtime and sits protected behind multiple encryption layers, each locked with different keys hidden throughout the binary. […]

The post XLoader Malware Analyzed Using ChatGPT’s, Breaks RC4 Encryption Layers in Hours appeared first on Cyber Security News.

The Tycoon 2FA phishing kit has emerged as one of the most sophisticated Phishing-as-a-Service platforms since its debut in August 2023, specifically engineered to circumvent two-factor authentication and multi-factor authentication protections on Microsoft 365 and Gmail accounts. This advanced threat employs an Adversary-in-the-Middle approach, utilizing reverse proxy servers to host convincing phishing pages that perfectly […]

The post Attack Techniques of Tycoon 2FA Phishing Kit Targeting Microsoft 365 and Gmail Accounts Detailed appeared first on Cyber Security News.

A sophisticated evolution of the RondoDox botnet has emerged with a staggering 650% increase in exploitation capabilities, marking a significant escalation in the threat landscape for both enterprise and IoT infrastructure. First documented by FortiGuard Labs in September 2024, the original RondoDox variant focused narrowly on DVR systems with just two exploit vectors. The newly […]

The post RondoDox Botnet Updated Their Arsenal with 650% More Exploits Targeting Enterprises appeared first on Cyber Security News.

A sophisticated remote access trojan named SleepyDuck has infiltrated the Open VSX IDE extension marketplace, targeting developers using code editors like Cursor and Windsurf. The malware disguised itself as a legitimate Solidity extension under the identifier juan-bianco.solidity-vlang, exploiting name squatting techniques to deceive unsuspecting users. Initially published on October 31st as version 0.0.7, the extension […]

The post New ‘SleepyDuck’ Malware in Open VSX Marketplace Allow Attackers to Control Windows Systems Remotely appeared first on Cyber Security News.

A critical remote code execution (RCE) vulnerability tracked as CVE-2025-11953 in the @react-native-community/cli NPM package. With nearly 2 million weekly downloads, this package powers the command-line interface for React Native, a JavaScript framework beloved by developers building cross-platform mobile apps. The vulnerability, scored at CVSS 9.8 for its network accessibility, low complexity, and potential for […]

The post Critical RCE Vulnerability in Popular React Native NPM Package Exposes Developers to Attacks appeared first on Cyber Security News.

Delaware, United States, November 4th, 2025, CyberNewsWire Brinker, the narrative intelligence company dedicated to combating disinformation and influence campaigns, announced today that Bob Flores, former Chief Technology Officer of the U.S. Central Intelligence Agency, has joined its advisory board. His appointment strengthens Brinker’s mission to transform the fight against disinformation, moving from detection to real-time, […]

The post Bob Flores, Former CTO of the CIA, Joins Brinker appeared first on Cyber Security News.

Critical vulnerabilities in Microsoft Teams, a platform central to workplace communication for over 320 million users worldwide, enable attackers to impersonate executives and tamper with messages undetected. These vulnerabilities, now patched by Microsoft, allowed both external guests and insiders to spoof identities in chats, notifications, and calls, potentially leading to fraud, malware distribution, and misinformation. […]

The post Hackers Can Exploit Microsoft Teams Vulnerabilities to Manipulate Messages and Alter Notifications appeared first on Cyber Security News.

Hackers have successfully stolen more than $100 million by exploiting a critical vulnerability in the Balancer protocol. Balancer, a leading DeFi platform known for its automated market-making pools, confirmed that only its V2 Composable Stable Pools were affected by the exploit. The remainder of its pools, including Balancer V3 and other older pools, remain untouched […]

The post Hackers Stolen Over $100 Million by Exploiting Balancer DeFi Protocol appeared first on Cyber Security News.

Baltimore, USA, November 4th, 2025, CyberNewsWire The new 2025 Insider Risk Report, produced by Cybersecurity Insiders in collaboration with Cogility, highlights that nearly all security leaders (93%) say insider threats are as difficult or harder to detect than external cyberattacks. Yet only 23% express strong confidence in stopping them before serious damage occurs. The report […]

The post 2025 Insider Risk Report Finds Most Organizations Struggle to Detect and Predict Insider Risks appeared first on Cyber Security News.

Microsoft is implementing a significant security enhancement to its Authenticator app, introducing automatic detection of jailbroken and rooted devices for Microsoft Entra credentials. Beginning in February 2026, the company will automatically delete all Microsoft Entra credentials stored on jailbroken iOS devices and rooted Android devices to prevent unauthorized access and strengthen the organization’s security posture. […]

The post Microsoft Entra Credentials in the Authenticator App on Jail-Broken Devices to be Wiped Out appeared first on Cyber Security News.

A sophisticated new backdoor named SesameOp has emerged with a novel approach to command-and-control communications that fundamentally challenges traditional security assumptions. Discovered in July 2025 by Microsoft’s Incident Response and Detection and Response Team, this malware represents a significant shift in how threat actors exploit legitimate cloud services for covert operations. Rather than relying on […]

The post SesameOp Leveraging OpenAI Assistants API for Stealthy Communication with C2 Servers appeared first on Cyber Security News.

Zscaler, a leading cloud security company, has announced the acquisition of SPLX, an innovative AI security firm, to enhance its Zero Trust Exchange platform with advanced artificial intelligence protection capabilities. The acquisition aims to help organizations secure their AI investments throughout the entire development and deployment lifecycle. The integration of SPLX’s technology into Zscaler’s platform […]

The post Zscaler Acquires Enterprise AI Security Firm SPLX to Boost Zero Trust Exchange appeared first on Cyber Security News.

Cybercriminals have shifted their focus to a highly profitable target: the trucking and logistics industry. Over the past several months, a coordinated threat cluster has been actively compromising freight companies through deliberate attack chains designed to facilitate multi-million-dollar cargo theft operations. The emergence of this campaign represents a disturbing intersection of physical crime and digital […]

The post Threat Actors Leverage RMM Tools to Hack Trucking Companies and Steal Cargo Freight appeared first on Cyber Security News.