Cyber Security News

A sophisticated new Windows backdoor named NANOREMOTE emerged in October 2025, presenting a significant threat to enterprise environments by leveraging legitimate cloud infrastructure for malicious purposes. This fully-featured malware utilizes the Google Drive API as its primary Command-and-Control (C2) channel, allowing threat actors to blend their malicious traffic seamlessly with normal network activity. By abusing […]

The post NANOREMOTE Malware Leverages Google Drive API for Command-and-Control (C2) to Attack Windows Systems appeared first on Cyber Security News.

A sophisticated phishing tool called BlackForce has emerged as a serious threat to organizations worldwide. First observed in August 2025, this professional-grade kit allows criminals to steal login information and bypass multi-factor authentication using advanced Man-in-the-Browser techniques. The tool is actively being sold on Telegram forums for between 200 to 300 euros, making it accessible […]

The post New BlackForce Phishing Kit Lets Attackers Steal Credentials Using MitB Attacks and Bypass MFA appeared first on Cyber Security News.

A new threat is targeting movie lovers who search for the latest films online. Cybercriminals are now using the popularity of Leonardo DiCaprio’s new film, One Battle After Another, to spread the dangerous Agent Tesla malware. What appears to be a simple movie download actually contains a series of hidden PowerShell scripts that install a […]

The post Beware of Fake Leonardo DiCaprio Movie Torrent File Drops Agent Tesla Malware appeared first on Cyber Security News.

MITRE has unveiled its 2025 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses list, highlighting the root causes behind 39,080 Common Vulnerability and Exposure (CVE™) records this year. These prevalent flaws, which are often simple to detect and exploit, enable attackers to seize system control, pilfer sensitive data, or cripple applications. Developers, security […]

The post MITRE Releases Top 25 Most Dangerous Software Weaknesses of 2025 appeared first on Cyber Security News.

A Hamas‑affiliated threat group known as Ashen Lepus, also tracked as WIRTE, has launched a new espionage campaign against governmental and diplomatic entities across the Middle East. The group uses realistic Arabic‑language diplomatic lures that reference regional politics and security talks to trick officials into opening weaponized documents. Once a target interacts with the lure, […]

The post Ashen Lepus Hacker Group Attacks Eastern Diplomatic Entities With New AshTag Malware appeared first on Cyber Security News.

A critical denial-of-service vulnerability has been discovered in Apache Struts 2, affecting multiple versions of the popular web application framework. The vulnerability, identified as CVE-2025-64775, exploits a file leak in multipart request processing that can cause disk exhaustion and server crashes. Organizations running affected versions should prioritize patching immediately to prevent potential service disruptions. The […]

The post Apache Struts 2 DoS Vulnerability Let Attackers Crash Server appeared first on Cyber Security News.

Two critical privilege escalation flaws were disclosed in the Windows Remote Access Connection Manager on December 9, 2025. The vulnerabilities, tracked as CVE-2025-62472 and CVE-2025-62474, allow authorized attackers with low-level privileges to gain SYSTEM-level access on affected systems. CVE-2025-62472 stems from the use of uninitialized resources in the Remote Access Connection Manager. Enabling privilege escalation […]

The post Windows Remote Access Connection Manager Vulnerabilities Let Attackers Escalate Privileges appeared first on Cyber Security News.

An urgent warning about a critical security flaw in OSGeo GeoServer, a widely used open-source geographic data-sharing server. CISA has added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, indicating that threat actors are actively leveraging this zero-day flaw in attacks targeting both public and private sectors. The newly disclosed vulnerability, tracked as CVE-2025-58360, […]

The post CISA Warns of OSGeo GeoServer 0-Day Vulnerability Exploited in Attacks appeared first on Cyber Security News.

Less than a week after addressing a critical Remote Code Execution (RCE) vulnerability, the React team has disclosed three additional security flaws affecting React Server Components (RSC). Security researchers discovered these new issues while attempting to bypass the mitigations for the previous “React2Shell” exploit. While the original RCE patch remains effective, the newly discovered vulnerabilities […]

The post New Vulnerabilities in React Server Components Allow DoS Attacks and Source Code Leaks appeared first on Cyber Security News.

GitHub is experiencing user-reported outages, with many developers greeted by a prominent error featuring the platform’s unicorn mascot and the message “No server is currently available to service your request.”​ Numerous users across forums and monitoring sites have shared screenshots of the error since early December 11, 2025, particularly in regions like India during peak […]

The post GitHub Down! Developers Frustrated by ‘No Server Available’ Message appeared first on Cyber Security News.

The popular text editor Notepad++ has addressed a severe security weakness in its update mechanism that could allow attackers to hijack network traffic and push malicious executables to users under the guise of legitimate updates. Security researchers recently observed suspicious traffic patterns involving WinGUp, the built-in updater used by Notepad++. According to their findings, update […]

The post Notepad++ Vulnerability Let Attackers Hijack Network Traffic to Install Malware via Updates appeared first on Cyber Security News.

A critical zero-day vulnerability in Gogs, a widely used self-hosted Git service, is currently being exploited in the wild. Designated as CVE-2025-8110, this flaw allows authenticated users to execute a symlink bypass, leading to Remote Code Execution (RCE). As of this writing, no patch is available, and researchers estimate that over 50% of public-facing Gogs […]

The post Gogs 0-Day Vulnerability Exploited in the Wild to Hack 700+ Instances appeared first on Cyber Security News.

Road Town, British Virgin Islands, December 11th, 2025, CyberNewsWire 1inch, the leading DeFi ecosystem, has been selected as the exclusive swap provider at launch for Ledger Multisig, deepening the collaboration between the two projects. By integrating the 1inch Swap API into its security-first multisig architecture, Ledger, the world leader in digital asset security for consumers […]

The post 1inch Named Exclusive Swap Provider at Launch for Ledger Multisig appeared first on Cyber Security News.

A dangerous new malware called DroidLock is targeting Android users, particularly in Spanish-speaking regions, through phishing websites. This threat combines ransomware tactics with remote-control capabilities, posing a severe risk to users of personal and corporate devices. Once installed, DroidLock transforms a smartphone into a hostile endpoint that attackers can manipulate at will, making it a […]

The post New DroidLock Malware Locks Android Devices and Demands a Ransom appeared first on Cyber Security News.

Cary, North Carolina, USA, December 11th, 2025, CyberNewsWire As AI accelerates job transformation, INE supports organizations reallocating Q4 budgets to experiential, performance-driven upskilling. With 90% of organizations facing critical skills gaps (ISC2) and AI reshaping job roles across cybersecurity, cloud, and IT operations, enterprises are rapidly reallocating L&D budgets toward hands-on training that delivers measurable, […]

The post INE Highlights Enterprise Shift Toward Hands-On Training Amid Widening Skills Gaps appeared first on Cyber Security News.

Microsoft plans to enhance the administrative features of its Teams collaboration platform with a significant new security function to monitor external communications. Scheduled for rollout in February 2026, the “External Domains Anomalies Report” is designed to help IT administrators proactively identify and manage potential risks associated with cross-organizational interactions. This development comes as organizations increasingly […]

The post Microsoft Teams to Introduce External Domains Anomalies Report for Enhanced Security appeared first on Cyber Security News.

A new malicious campaign is targeting macOS users via a novel attack that exploits ChatGPT’s official website. The attackers are using a technique called ClickFix to spread the AMOS infostealer by posting fake installation guides on the legitimate chatgpt.com domain. This campaign leverages ChatGPT’s chat-sharing feature, where any user can create a public conversation and […]

The post New ClickFix Attacks as macOS Infostealer Leverages Official ChatGPT Website by Piggybacking appeared first on Cyber Security News.

Fresh leaks from the Iranian state‑backed group Charming Kitten, also tracked as APT35, have exposed key personnel, front companies, and thousands of compromised systems spread across five continents. The internal files show that Iran’s Department 40, within the IRGC Intelligence Organization, runs long‑term intrusion campaigns that combine cyber‑espionage with surveillance and targeting operations. Stolen dashboards […]

The post Charming Kitten Leak Exposes Key Personnel, Front Companies, and Thousands of Compromised Systems appeared first on Cyber Security News.

A new malware campaign has emerged that exploits legitimate AI platforms to deliver malicious code directly to unsuspecting users. Threat actors are using sponsored Google search results to redirect users searching for common macOS troubleshooting tips, such as “how to clear storage on Mac,” to fake ChatGPT and DeepSeek shared chat links. These shared chats […]

The post Hackers Leveraging LLM Shared Chats to Steal Your Passwords and Crypto appeared first on Cyber Security News.

New research into legacy .NET Framework SOAP client code has uncovered “SOAPwn,” a class of vulnerabilities. That can be weaponized for remote code execution (RCE) across multiple enterprise products. Including Barracuda Service Center RMM, Ivanti Endpoint Manager, Umbraco CMS 8, Microsoft PowerShell, and SQL Server Integration Services. Understanding the SOAPwn Vulnerability Class Presented by Piotr […]

The post New “SOAPwn” .NET Vulnerabilities Expose Barracuda, Ivanti and Microsoft Appliances to RCE Attack appeared first on Cyber Security News.