Cyber Security News

Cybersecurity researchers have uncovered a sophisticated new threat campaign that leverages a seemingly legitimate PDF editor application to transform infected devices into residential proxies. The malicious software, distributed under the guise of productivity tools, represents an evolving approach by threat actors who are increasingly exploiting trusted software categories to establish persistent network access and monetize […]

The post Threat Actors Weaponize PDF Editor With New Torjan to Turn Device Into Proxy appeared first on Cyber Security News.

The Kali Linux team has announced a significant enhancement of its Vagrant image build process, streamlining development and simplifying deployment for users. In a move to unify its infrastructure, the team has transitioned from HashiCorp’s Packer to DebOS for generating its pre-configured Vagrant virtual machines. The release also includes a handy cheat sheet to get […]

The post Kali Vagrant Rebuilt Released – Pre-configured DebOS VMs via Command Line appeared first on Cyber Security News.

A novel and highly tricky phishing campaign is actively stealing Microsoft 365 credentials by exploiting Microsoft’s own Active Directory Federation Services (ADFS) to redirect users from legitimate office.com links to malicious login pages. The technique, identified by researchers at the cybersecurity firm Push Security, marks a significant evolution in phishing attacks, effectively bypassing both user […]

The post Hackers Weaponize Active Directory Federation Services and office.com to Steal Microsoft 365 logins appeared first on Cyber Security News.

Every type of organization—whether it’s a multinational giant with thousands of employees or a single tech enthusiast running a homelab—needs a web application firewall (WAF).  The reason is straightforward: web applications face constant threats from cyber attacks that can exploit vulnerabilities to steal data, disrupt services, or damage reputation.  The costs associated with server resources, […]

The post SafeLine: A Free Zero Trust Web Application Firewall for 2026 appeared first on Cyber Security News.

Link11, a Germany-based global IT security provider, has released insights into the evolving cybersecurity threat landscape and announced the capabilities of its Web Application and API Protection (WAAP) platform, designed to provide multi-layered defenses against modern digital threats. The rapid pace of digital transformation has expanded the opportunities for organizations across industries. However, every new […]

The post Link11 Highlights Growing Cybersecurity Risks and Introduces Integrated WAAP Protection Platform appeared first on Cyber Security News.

Attackers have leveled up. Powered by AI and professional-grade toolkits, today’s social engineering scams are nearly impossible to tell apart from the real thing, and automated defenses rarely catch them. That’s the real challenge for security leaders: these threats only reveal themselves once a user clicks, solves a CAPTCHA, or follows a “verification” step.  However, […]

The post How Businesses Stop Complex Social Engineering Attacks Early – An SOC Team Guide appeared first on Cyber Security News.

Git 2.51.0 has been officially released after an accelerated 8-week development cycle, introducing significant performance improvements and security enhancements that lay the groundwork for the upcoming Git 3.0 major release.  The latest version delivers substantial speed improvements for core Git operations, implements SHA-256 as the default hash function, and introduces the reftable format as the […]

The post Git 2.51 Released With Performance Optimizations and SHA-256 as Default hash Function appeared first on Cyber Security News.

Okta has announced the launch of the Auth0 Customer Detection Catalog, a comprehensive open-source repository designed to enhance proactive threat detection capabilities for Auth0 customers.  This strategic release represents a significant advancement in identity and access management security, providing security teams with sophisticated detection rules to identify and respond to emerging threats across their authentication […]

The post Okta Security Releases Auth0 Event Logs for Proactive Threat Detection appeared first on Cyber Security News.

A sophisticated new Phishing-as-a-Service (PhaaS) framework dubbed “Salty 2FA” has emerged as a significant threat to Microsoft 365 users across the US and European industries. This previously undocumented platform employs advanced obfuscation techniques and multi-stage execution chains specifically designed to bypass two-factor authentication mechanisms while stealing corporate credentials. The framework targets organizations spanning finance, telecommunications, […]

The post New Salty 2FA PhaaS Attacking Microsoft 365 Users to Steal Login Credentials appeared first on Cyber Security News.

A critical security flaw in Lenovo’s AI chatbot “Lena” has been discovered that allows attackers to execute malicious scripts on corporate machines through simple prompt manipulation.  The vulnerability, identified by cybersecurity researchers, exploits Cross-Site Scripting (XSS) weaknesses in the chatbot’s implementation, potentially exposing customer support systems and enabling unauthorized access to sensitive corporate data.  Key […]

The post Lenovo AI Chatbot Vulnerability Let Attackers Run Remote Scripts on Corporate Machines appeared first on Cyber Security News.

Microsoft’s comprehensive suite of online services, including the central Office.com portal, is currently experiencing a significant and widespread outage, leaving millions of users unable to access essential productivity applications. The company has confirmed the issue and is actively investigating the root cause to restore service as quickly as possible. The disruption, which began escalating earlier […]

The post Microsoft Office.com Suffers Major Outage, Investigation Underway – Updated appeared first on Cyber Security News.

An alleged threat actor has listed a Windows Zero-Day Remote Code Execution (RCE) exploit for sale, claiming it targets fully updated Windows 10, Windows 11, and Windows Server 2022 systems.  The posting reported by ThreatMon advertises weaponized exploit code purportedly capable of granting SYSTEM-level privileges with no prior authentication or user interaction, bypassing intrinsic Windows […]

The post Threat Actors Allegedly Listed Windows Zero-Day RCE Exploit For Sale on Dark Web appeared first on Cyber Security News.

A sophisticated campaign uncovered where adversaries are exploiting CVE-2023-46604, a critical remote code execution vulnerability in Apache ActiveMQ, to compromise cloud-based Linux systems. In this case, attackers are patching the very vulnerability they exploited to maintain exclusive access and evade detection, demonstrating advanced operational security practices typically reserved for nation-state actors. Key Takeaways1. Attackers exploit […]

The post Hackers Exploiting Apache ActiveMQ Vulnerability to Gain Access to Cloud Linux Systems appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated campaign by the Paper Werewolf threat actor group, also known as GOFFEE, targeting Russian organizations through the exploitation of critical vulnerabilities in WinRAR archiving software. The campaign, active since July 2025, demonstrates the group’s advanced capabilities in leveraging both known and previously undiscovered security flaws to establish persistent access […]

The post Paper Werewolf Exploiting WinRAR Zero‑Day Vulnerability to Deliver Malware appeared first on Cyber Security News.

A critical remote code execution (RCE) vulnerability in CodeRabbit’s production infrastructure that provided unauthorized access to over one million code repositories, including private ones.  The vulnerability, discovered in December 2024 and responsibly disclosed in January 2025, exploited the platform’s static analysis tool integration to leak sensitive API credentials and gain write access to GitHub repositories […]

The post CodeRabbit’s Production Servers RCE Vulnerability Enables Write Access on 1M Repositories appeared first on Cyber Security News.

A Chrome VPN extension with over 100,000 installations and verified badge status has been discovered operating as sophisticated spyware, continuously capturing user screenshots and exfiltrating sensitive data without consent. The extension, known as FreeVPN.One, masqueraded as a legitimate privacy tool while secretly implementing comprehensive surveillance capabilities that directly contradict its stated privacy promises. The malicious […]

The post Legitimate Chrome VPN With 100,000+ Installs Silently Captures Screenshots and Exfiltrate Sensitive Data appeared first on Cyber Security News.

Google has released an emergency security update for Chrome to address a critical vulnerability that could allow attackers to crash the browser or execute arbitrary code on affected systems.  The high-severity flaw, designated as CVE-2025-9132, affects Chrome’s V8 JavaScript engine and was discovered by Google’s automated vulnerability detection system, Big Sleep, on August 4, 2025. […]

The post Chrome High-Severity Vulnerability Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.

A sophisticated new Remote Access Trojan named GodRAT has emerged as a significant threat to financial institutions, leveraging deceptive screen saver files and steganographic techniques to infiltrate organizational networks. First detected in September 2024, this malware campaign has demonstrated remarkable persistence, with the most recent attacks observed as recently as August 12, 2025, indicating an […]

The post New GodRAT Weaponizing Screen Saver and Program Files to Attack Organizations appeared first on Cyber Security News.

A cybersecurity researcher has disclosed zero-day clickjacking vulnerabilities affecting eleven major password managers, potentially exposing tens of millions of users to credential theft through a single malicious click. The research, conducted by security expert Marek Tóth, reveals that attackers can exploit these vulnerabilities to steal credit card details, personal information, login credentials, and even two-factor […]

The post 0-Day Clickjacking Vulnerabilities Found in Major Password Managers like 1Password, LastPass and Others appeared first on Cyber Security News.

Microsoft is in the process of deploying a fix for a service degradation issue affecting Microsoft Teams users globally, which presents a “couldn’t connect to this app” error upon launching the desktop and web applications. The problem, tracked under Microsoft reference TM1131505, stems from a recent update intended to enhance the platform’s user interface. Users […]

The post Microsoft Teams “couldn’t connect” Error Following Recent Sidebar Update – Fix Released appeared first on Cyber Security News.