Cyber Security News

A proof-of-concept (PoC) exploit dubbed “mongobleed” for CVE-2025-14847, a critical unauthenticated memory leak vulnerability in MongoDB’s zlib decompression handling. Dubbed by its creator Joe Desimone as a way to bleed sensitive server memory, the flaw lets attackers remotely extract uninitialized data without credentials, potentially exposing internal logs, system stats, and more. The vulnerability stems from […]

The post Mongobleed PoC Exploit Tool Released for MongoDB Flaw that Exposes Sensitive Data appeared first on Cyber Security News.

Multiple critical vulnerabilities in TeamViewer DEX Client’s Content Distribution Service (NomadBranch.exe), formerly part of 1E Client. Affecting Windows versions before 25.11 and select older branches, the flaws stem from improper input validation (CWE-20), potentially enabling attackers on the local network to execute code, crash the service, or leak sensitive data. The most severe issue, CVE-2025-44016 […]

The post TeamViewer DEX Vulnerabilities Let Attackers Trigger DoS Attack and Expose Sensitive Data appeared first on Cyber Security News.

An information disclosure vulnerability in M-Files Server enables authenticated attackers to capture and reuse session tokens from active users. Potentially gaining unauthorized access to sensitive document management systems. The flaw, tracked as CVE-2025-13008, affects multiple versions across different release branches and carries a high-severity CVSS 4.0 base score of 8.6. The vulnerability exists within M-Files […]

The post M-Files Vulnerability Let Attacker Capture Session Tokens of Other Active Users appeared first on Cyber Security News.

Many Trust Wallet users saw their wallets drained of over $7 million after a security breach in the Chrome browser extension version 2.68.0, released on December 24, 2025. Blockchain investigator ZachXBT first flagged the incident on X, noting a surge in unauthorized outflows from affected addresses shortly after users interacted with the extension.​ Reports emerged […]

The post TrustWallet Chrome Extension Hacked – Users Reporting Millions in Losses appeared first on Cyber Security News.

Parrot OS 7.0, codenamed Echo, launches as a complete system rewrite based on Debian 13, bringing KDE Plasma 6, Wayland by default, and fresh penetration testing tools, including a dedicated AI category. This release emphasizes lightweight theming and community-driven spins, marking a pivotal update for ethical hackers and security professionals.​ The Echo theme draws from […]

The post Parrot 7.0 Released with New Penetration Testing and AI Tools appeared first on Cyber Security News.

A critical vulnerability in LangChain’s core library (CVE-2025-68664) allows attackers to exfiltrate sensitive environment variables and potentially execute code through deserialization flaws. Discovered by a Cyata researcher and patched just before Christmas 2025, the issue affects one of the most popular AI frameworks with hundreds of millions of downloads.​ LangChain-core’s dumps() and dumpd() functions failed […]

The post Critical Langchain Vulnerability Let attackers Exfiltrate Sensitive Secrets from AI systems appeared first on Cyber Security News.

For years, one of the most persistent frustrations for Google users has been the inability to alter their primary email address without creating an entirely new account. Whether you are stuck with an unprofessional handle created in high school or simply want a rebrand, Google has historically treated the @gmail.com username as a permanent fixture. However, a […]

The post Google Now Allows Users to Change Their @gmail.com Email Address appeared first on Cyber Security News.

As artificial intelligence becomes deeply embedded in enterprise operations and cybercriminal arsenals alike, the Cybersecurity Predictions 2026 landscape reveals an unprecedented convergence of autonomous threats, identity-centric attacks, and accelerated digital transformation risks. Industry experts across leading security firms, government agencies, and research institutions have identified over 100 critical predictions that define the year ahead, a year where […]

The post 100+ Cybersecurity Predictions 2026 for Industry Experts as the AI Adapted in the Wild appeared first on Cyber Security News.

A new critical vulnerability affecting the Net-SNMP software suite has been disclosed, posing a significant risk to network infrastructure worldwide. Tracked as CVE-2025-68615, this security flaw allows remote attackers to trigger a buffer overflow, leading to a service crash or potentially a more severe system compromise. The vulnerability resides specifically in the snmptrapd daemon, which receives and processes […]

The post Net-SNMP Vulnerability Enables Buffer Overflow and the Daemon to Crash appeared first on Cyber Security News.

Cybercriminals are actively abusing a long-patched Fortinet FortiGate flaw from July 2020, slipping past two-factor authentication (2FA) on firewalls and potentially granting unauthorized access to VPNs and admin consoles. Fortinet’s PSIRT team detailed the in-the-wild attacks in a recent blog post, urging admins to audit configurations immediately to avoid compromise. Dubbed FG-IR-19-283 (CVE-2020-12812), the issue […]

The post Hackers Exploiting Three-Year-Old FortiGate Vulnerability to Bypass 2FA on Firewalls appeared first on Cyber Security News.

Microsoft has announced hardware-accelerated BitLocker, a significant security enhancement designed to eliminate performance bottlenecks caused by encryption on modern high-speed NVMe drives. The new technology addresses growing concerns about CPU overhead as storage devices become faster, particularly for users running intensive workloads such as gaming and video editing. Performance Challenge with Modern NVMe Drives As […]

The post Microsoft Unveils Hardware-Accelerated BitLocker to Enhance Performance and Security appeared first on Cyber Security News.

The Evasive Panda APT group, also known as Bronze Highland, Daggerfly, and StormBamboo, has been running targeted campaigns since November 2022, using advanced techniques to deliver the MgBot malware. The group employs adversary-in-the-middle attacks combined with DNS poisoning to compromise specific victims across multiple industries. Recent findings show that these operations continued until November 2024, […]

The post Evasive Panda APT Using AitM Attack and DNS Poisoning to Deliver Malware appeared first on Cyber Security News.

Security researchers at Seqrite Labs have identified a campaign called Operation IconCat, targeting Israeli organizations with weaponized documents designed to look like legitimate security tools. The attacks began in November 2025 and have compromised multiple companies across information technology, staffing services, and software development sectors. The core of this attack relies on a psychological trick: […]

The post Threat Actors Using Weaponized AV-themed Word and PDF Documents to Attack Israeli Organizations appeared first on Cyber Security News.

A malicious actor known as AlphaGhoul has begun promoting a tool called NtKiller, designed to silently shut down antivirus software and endpoint detection tools. The tool was posted on an underground forum where criminals gather to buy and sell hacking services. According to the advertisement, NtKiller can help attackers avoid detection while running their malware […]

The post Threat Actors Advertised NtKiller Malware on Dark Web Claiming Terminate Antivirus and EDR Bypass appeared first on Cyber Security News.

A critical security vulnerability, tracked as CVE-2025-14847, that could allow attackers to extract uninitialized heap memory from database servers without authentication. The flaw resides in MongoDB’s zlib compression implementation and affects multiple versions of the database platform.​ The vulnerability enables client-side exploitation of the MongoDB Server’s zlib implementation. Potentially exposing sensitive data stored in uninitialized heap […]

The post Critical MongoDB Vulnerability Exposes Sensitive Data via Zlib Compression appeared first on Cyber Security News.

The year 2025 represents a pivotal moment in cybersecurity, showcasing a remarkable evolution in zero-click exploitation techniques that significantly challenges our understanding of digital security. Unlike traditional attacks that require user interaction, such on clicking a malicious link or downloading an infected file, zero-click exploits operate in the shadows, silently compromising devices without any victim […]

The post One Year Of Zero-Click Exploits: What 2025 Taught Us About Modern Malware appeared first on Cyber Security News.

A new malware campaign has surfaced that uses GitHub repositories to spread the WebRAT malware by disguising it as proof-of-concept exploits and gaming utilities. The malware targets users searching for game cheats, pirated software, and application patches, particularly for popular titles like Rust, Counter-Strike, and Roblox. Attackers distribute WebRAT through multiple channels, including GitHub repositories, […]

The post WebRAT Malware via GitHub Repositories Claim as Proof-of-concept Exploits to Attack Users appeared first on Cyber Security News.

Romania’s National Administration “Apele Române” (Romanian Waters) disclosed a severe ransomware attack on December 20, 2025. That compromised approximately 1,000 IT systems across the agency and 10 of its 11 regional water basin administrations. The incident affected critical infrastructure responsible for managing the country’s water resources and hydrotechnical operations. However, operational technologies remained secure throughout […]

The post Ransomware Attack on Romanian Waters Authority – 1,000+ IT Systems Compromised appeared first on Cyber Security News.

Law enforcement agencies across 19 African nations have achieved a landmark victory against cybercrime. Arresting 574 suspects and dismantling six ransomware variants during Operation Sentinel, a month-long coordinated crackdown that concluded on November 27. The operation, which ran from October 27 to November 27, targeted three escalating threats: business email compromise (BEC), digital extortion, and […]

The post Interpol Taken Down 6 Ransomware Variants and Arrested 500+ Suspects appeared first on Cyber Security News.

A massive credential-theft campaign dubbed PCPcat compromised 59,128 Next.js servers in under 48 hours. The operation exploits critical vulnerabilities CVE-2025-29927 and CVE-2025-66478, achieving a 64.6% success rate across 91,505 scanned targets. PCPCat scanners, distributed via react.py malware, probe public Next.js deployments for remote code execution flaws. Attackers use prototype pollution in JSON payloads to inject […]

The post Operation PCPcat Hacked 59,000+ Next.js/React Servers Within 48 Hours appeared first on Cyber Security News.