Cyber Security News

Security researchers have successfully extracted firmware from a budget smartwatch by bringing back a 20-year-old attack method originally used to steal data from network devices. The technique, known as “Blinkenlights,” was adapted to work with modern TFT screens instead of traditional LED indicators. Quarkslab analysts purchased a cheap smartwatch for approximately €12 from a local […]

The post Researchers Revive 2000s ‘Blinkenlights’ Technique to Dump Smartwatch Firmware via Screen Pixels appeared first on Cyber Security News.

A sophisticated phishing campaign has emerged that successfully bypasses multi-factor authentication, protecting Microsoft 365 and Okta users, representing a serious threat to organizations relying on these platforms for identity management. The campaign, discovered in early December 2025, demonstrates advanced knowledge of authentication flows. This campaign targets companies across multiple industries through carefully crafted phishing emails […]

The post New AiTM Attack Campaign That Bypasses MFA Targeting Microsoft 365 and Okta Users appeared first on Cyber Security News.

The cybersecurity landscape of 2025 has been marked by an unprecedented surge in vulnerability exploitation, with threat actors leveraging critical flaws across enterprise software, cloud infrastructure, and industrial systems. This comprehensive analysis examines the twenty most dangerous exploited vulnerabilities of the year, highlighting their technical details, exploitation methods, and the urgent need for organizations to […]

The post Top 20 Most Exploited Vulnerabilities of 2025: A Comprehensive Analysis appeared first on Cyber Security News.

CyberVolk, a pro-Russia hacktivist group, has reemerged with a new ransomware platform called VolkLocker following a period of dormancy in 2025. The group, first documented in late 2024 for conducting attacks aligned with Russian government interests, initially went silent due to Telegram enforcement actions. However, the group returned in August with a sophisticated Ransomware-as-a-Service offering […]

The post CyberVolk Hackers Group With New VolkLocker Payloads Attacks both Linux and Windows Systems appeared first on Cyber Security News.

A sophisticated new phishing attack technique called “ConsentFix” that combines OAuth consent phishing with ClickFix-style prompts to compromise Microsoft accounts without requiring passwords or multi-factor authentication. The attack leverages the Azure CLI app to gain unauthorized access to victim accounts. The ConsentFix attack operates entirely within the browser context, making it difficult for traditional security […]

The post New ConsentFix Attack Let Attackers Hijack Microsoft Accounts by Leveraging Azure CLI appeared first on Cyber Security News.

A sophisticated new Windows backdoor named NANOREMOTE emerged in October 2025, presenting a significant threat to enterprise environments by leveraging legitimate cloud infrastructure for malicious purposes. This fully-featured malware utilizes the Google Drive API as its primary Command-and-Control (C2) channel, allowing threat actors to blend their malicious traffic seamlessly with normal network activity. By abusing […]

The post NANOREMOTE Malware Leverages Google Drive API for Command-and-Control (C2) to Attack Windows Systems appeared first on Cyber Security News.

A sophisticated phishing tool called BlackForce has emerged as a serious threat to organizations worldwide. First observed in August 2025, this professional-grade kit allows criminals to steal login information and bypass multi-factor authentication using advanced Man-in-the-Browser techniques. The tool is actively being sold on Telegram forums for between 200 to 300 euros, making it accessible […]

The post New BlackForce Phishing Kit Lets Attackers Steal Credentials Using MitB Attacks and Bypass MFA appeared first on Cyber Security News.

A new threat is targeting movie lovers who search for the latest films online. Cybercriminals are now using the popularity of Leonardo DiCaprio’s new film, One Battle After Another, to spread the dangerous Agent Tesla malware. What appears to be a simple movie download actually contains a series of hidden PowerShell scripts that install a […]

The post Beware of Fake Leonardo DiCaprio Movie Torrent File Drops Agent Tesla Malware appeared first on Cyber Security News.

MITRE has unveiled its 2025 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses list, highlighting the root causes behind 39,080 Common Vulnerability and Exposure (CVE™) records this year. These prevalent flaws, which are often simple to detect and exploit, enable attackers to seize system control, pilfer sensitive data, or cripple applications. Developers, security […]

The post MITRE Releases Top 25 Most Dangerous Software Weaknesses of 2025 appeared first on Cyber Security News.

A Hamas‑affiliated threat group known as Ashen Lepus, also tracked as WIRTE, has launched a new espionage campaign against governmental and diplomatic entities across the Middle East. The group uses realistic Arabic‑language diplomatic lures that reference regional politics and security talks to trick officials into opening weaponized documents. Once a target interacts with the lure, […]

The post Ashen Lepus Hacker Group Attacks Eastern Diplomatic Entities With New AshTag Malware appeared first on Cyber Security News.

A critical denial-of-service vulnerability has been discovered in Apache Struts 2, affecting multiple versions of the popular web application framework. The vulnerability, identified as CVE-2025-64775, exploits a file leak in multipart request processing that can cause disk exhaustion and server crashes. Organizations running affected versions should prioritize patching immediately to prevent potential service disruptions. The […]

The post Apache Struts 2 DoS Vulnerability Let Attackers Crash Server appeared first on Cyber Security News.

Two critical privilege escalation flaws were disclosed in the Windows Remote Access Connection Manager on December 9, 2025. The vulnerabilities, tracked as CVE-2025-62472 and CVE-2025-62474, allow authorized attackers with low-level privileges to gain SYSTEM-level access on affected systems. CVE-2025-62472 stems from the use of uninitialized resources in the Remote Access Connection Manager. Enabling privilege escalation […]

The post Windows Remote Access Connection Manager Vulnerabilities Let Attackers Escalate Privileges appeared first on Cyber Security News.

An urgent warning about a critical security flaw in OSGeo GeoServer, a widely used open-source geographic data-sharing server. CISA has added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, indicating that threat actors are actively leveraging this zero-day flaw in attacks targeting both public and private sectors. The newly disclosed vulnerability, tracked as CVE-2025-58360, […]

The post CISA Warns of OSGeo GeoServer 0-Day Vulnerability Exploited in Attacks appeared first on Cyber Security News.

Less than a week after addressing a critical Remote Code Execution (RCE) vulnerability, the React team has disclosed three additional security flaws affecting React Server Components (RSC). Security researchers discovered these new issues while attempting to bypass the mitigations for the previous “React2Shell” exploit. While the original RCE patch remains effective, the newly discovered vulnerabilities […]

The post New Vulnerabilities in React Server Components Allow DoS Attacks and Source Code Leaks appeared first on Cyber Security News.

GitHub is experiencing user-reported outages, with many developers greeted by a prominent error featuring the platform’s unicorn mascot and the message “No server is currently available to service your request.”​ Numerous users across forums and monitoring sites have shared screenshots of the error since early December 11, 2025, particularly in regions like India during peak […]

The post GitHub Down! Developers Frustrated by ‘No Server Available’ Message appeared first on Cyber Security News.

The popular text editor Notepad++ has addressed a severe security weakness in its update mechanism that could allow attackers to hijack network traffic and push malicious executables to users under the guise of legitimate updates. Security researchers recently observed suspicious traffic patterns involving WinGUp, the built-in updater used by Notepad++. According to their findings, update […]

The post Notepad++ Vulnerability Let Attackers Hijack Network Traffic to Install Malware via Updates appeared first on Cyber Security News.

A critical zero-day vulnerability in Gogs, a widely used self-hosted Git service, is currently being exploited in the wild. Designated as CVE-2025-8110, this flaw allows authenticated users to execute a symlink bypass, leading to Remote Code Execution (RCE). As of this writing, no patch is available, and researchers estimate that over 50% of public-facing Gogs […]

The post Gogs 0-Day Vulnerability Exploited in the Wild to Hack 700+ Instances appeared first on Cyber Security News.

Road Town, British Virgin Islands, December 11th, 2025, CyberNewsWire 1inch, the leading DeFi ecosystem, has been selected as the exclusive swap provider at launch for Ledger Multisig, deepening the collaboration between the two projects. By integrating the 1inch Swap API into its security-first multisig architecture, Ledger, the world leader in digital asset security for consumers […]

The post 1inch Named Exclusive Swap Provider at Launch for Ledger Multisig appeared first on Cyber Security News.

A dangerous new malware called DroidLock is targeting Android users, particularly in Spanish-speaking regions, through phishing websites. This threat combines ransomware tactics with remote-control capabilities, posing a severe risk to users of personal and corporate devices. Once installed, DroidLock transforms a smartphone into a hostile endpoint that attackers can manipulate at will, making it a […]

The post New DroidLock Malware Locks Android Devices and Demands a Ransom appeared first on Cyber Security News.

Cary, North Carolina, USA, December 11th, 2025, CyberNewsWire As AI accelerates job transformation, INE supports organizations reallocating Q4 budgets to experiential, performance-driven upskilling. With 90% of organizations facing critical skills gaps (ISC2) and AI reshaping job roles across cybersecurity, cloud, and IT operations, enterprises are rapidly reallocating L&D budgets toward hands-on training that delivers measurable, […]

The post INE Highlights Enterprise Shift Toward Hands-On Training Amid Widening Skills Gaps appeared first on Cyber Security News.