Cyber Security News

A severe vulnerability in Windows Defender’s update process allows attackers with administrator privileges to disable the security service and manipulate its core files. The technique, which leverages a flaw in how Defender selects its execution folder, can be carried out using tools already available on the Windows operating system. The vulnerability was detailed by Zero […]

The post Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack appeared first on Cyber Security News.

In Caracas this week, President Nicolás Maduro unveiled the Huawei Mate X6 gifted by China’s Xi Jinping, declaring the device impervious to U.S. espionage efforts. The announcement coincides with heightened tensions between Washington and Beijing, as the United States enforces stringent controls on Chinese telecom equipment. Beyond its political symbolism, the Mate X6 has become […]

The post Venezuela’s Maduro Says Huawei Mate X6 Gift From China is Unhackable by U.S. Spies appeared first on Cyber Security News.

Security researchers first observed LunaLock in early September 2025, a sophisticated ransomware strain targeting independent illustrators and digital artists. Leveraging compromised credentials and social engineering, the group behind LunaLock has zeroed in on a niche marketplace—Artists & Clients—where freelance creators exchange custom commissions. Initial intrusion involved spear-phishing campaigns disguised as royalty notifications, enticing victims to […]

The post LunaLock Ransomware Attacking Artists to Steal and Encrypt Data appeared first on Cyber Security News.

A massive data breach in early September 2025 attributed to a cyber actor known simply as “Kim” laid bare an unprecedented view into the operational playbook of Kimsuky (APT43). The leak, comprising terminal history files, phishing domains, OCR workflows, compiled stagers, and a full Linux rootkit, revealed a credential-centric campaign that targeted South Korean government […]

The post Exposed ‘Kim’ Dump Exposes Kimsuky Hackers New Tactics, Techniques, and Infrastructure appeared first on Cyber Security News.

A sophisticated cybercriminal campaign has emerged, exploiting Amazon’s Simple Email Service (SES) to orchestrate large-scale phishing operations capable of delivering over 50,000 malicious emails daily. The attack represents a significant evolution in cloud service abuse, transforming AWS’s legitimate bulk email platform into a weapon for credential theft and financial fraud. The campaign begins with compromised […]

The post Hackers Weaponize Amazon Simple Email Service to Send 50,000+ Malicious Emails Per Day appeared first on Cyber Security News.

Qualys has confirmed it was impacted by a widespread supply chain attack that targeted the Salesloft Drift marketing platform, resulting in unauthorized access to a portion of its Salesforce data. The breach originated from a sophisticated cyberattack campaign targeting Salesloft Drift, a third-party Software-as-a-Service (SaaS) application used by Qualys to automate sales workflows and manage […]

The post Qualys Confirms Data Breach – Hackers Accessed Salesforce Data in Supply Chain Attack appeared first on Cyber Security News.

Cybersecurity researchers have demonstrated a sophisticated technique for bypassing Web Application Firewalls (WAFs) using JavaScript injection combined with HTTP parameter pollution, exposing critical vulnerabilities in modern web security infrastructure. The research, conducted during an autonomous penetration test, revealed how attackers can exploit parsing differences between WAF engines and web application frameworks to execute malicious code […]

The post Researchers Bypassed Web Application Firewall With JS Injection with Parameter Pollution appeared first on Cyber Security News.

A significant security flaw has been discovered in pgAdmin, the widely used open-source administration and development platform for PostgreSQL databases. The vulnerability, tracked as CVE-2025-9636, affects all pgAdmin versions up to and including 9.7, potentially allowing remote attackers to gain unauthorized access to user accounts and the sensitive data they manage. The core of the […]

The post PgAdmin Vulnerability Lets Attackers Gain Unauthorised Account Access appeared first on Cyber Security News.

A proof-of-concept (PoC) exploit has been released for a critical remote code execution (RCE) vulnerability in ImageMagick 7’s MagickCore subsystem, specifically affecting the blob I/O (BlobStream) implementation. Security researchers and the ImageMagick team urge all users and organizations to update immediately to prevent exploitation. ImageMagick, a widely used image processing library, was found to contain a heap out-of-bounds write […]

The post PoC Exploit Released for ImageMagick RCE Vulnerability – Update Now appeared first on Cyber Security News.

Ransomware has emerged as one of the most devastating cybercrime threats in the contemporary digital landscape, with criminal organizations operating sophisticated billion-dollar enterprises that target critical infrastructure across multiple nations. Between 2020 and 2022, ransomware groups conducted over 865 documented attacks against organizations in Australia, Canada, New Zealand, and the United Kingdom, employing advanced cryptoviral […]

The post Australian Authorities Uncovered Activities and Careers of Ransomware Criminal Groups appeared first on Cyber Security News.

The notorious Lazarus APT group has evolved its attack methodology by incorporating the increasingly popular ClickFix social engineering technique to distribute malware and steal sensitive intelligence data from targeted organizations. This North Korean-linked threat actor, internally tracked as APT-Q-1 by security researchers, has demonstrated remarkable adaptability by integrating deceptive user interface manipulation with their traditional […]

The post Lazarus APT Hackers Using ClickFix Technique to Steal Sensitive Intelligence Data appeared first on Cyber Security News.

Tenable has confirmed a data breach that exposed the contact details and support case information of some of its customers. The company stated the incident is part of a broader data theft campaign targeting an integration between Salesforce and the Salesloft Drift marketing application, which has affected numerous organizations. In a public statement, Tenable expressed […]

The post Tenable Confirms Data Breach – Hackers Accessed Customers’ Contact Details appeared first on Cyber Security News.

Welcome to your weekly cybersecurity briefing. In a digital landscape where the only constant is change, this past week has been a stark reminder that vigilance is not just a best practice, but a necessity for survival. From corporate giants making strategic moves to protect the cloud to sophisticated threat actors breaching the defenses of […]

The post Weekly Cybersecurity News Recap : Palo Alto Networks, Zscaler, Jaguar Land Rover, and Cyber Attacks appeared first on Cyber Security News.

As more businesses migrate their infrastructure to the cloud, cloud penetration testing has become a critical service. Unlike traditional network tests, cloud pentesting focuses on unique attack vectors such as misconfigured services, insecure APIs, and overly permissive IAM (Identity and Access Management) policies. In 2025, the best companies in this field combine deep knowledge of […]

The post 10 Best Cloud Penetration Testing Companies in 2025 appeared first on Cyber Security News.

AI is no longer just a buzzword; it’s a fundamental part of business operations, from customer service chatbots to complex financial models. However, this adoption has created a new and specialized attack surface. Traditional penetration testing, which focuses on network and application vulnerabilities, is insufficient to secure AI systems. AI penetration testing involves adversarial machine […]

The post Top 10 Best AI Penetration Testing Companies in 2025 appeared first on Cyber Security News.

A critical vulnerability has been discovered in Argo CD that allows API tokens with limited permissions to access sensitive repository credentials. The flaw in the project details API endpoint exposes usernames and passwords, undermining the platform’s security model by granting access to secrets without explicit permissions. The vulnerability stems from an improper authorization check in […]

The post Critical Argo CD API Vulnerability Exposes Repository Credentials appeared first on Cyber Security News.

A sophisticated malware campaign, dubbed “GPUGate,” abuses Google Ads and GitHub’s repository structure to trick users into downloading malicious software. The Arctic Wolf Cybersecurity Operations Center, the attack chain uses a novel technique to evade security analysis by leveraging a computer’s Graphics Processing Unit (GPU). The campaign appears to be the work of a Russian-speaking […]

The post “GPUGate” Malware Abuses Google Ads and GitHub to Deliver Advanced Malware Payload appeared first on Cyber Security News.

Penetration testing and ethical hacking have been dominated by specialized Linux distributions designed to provide security professionals with comprehensive toolsets for vulnerability assessment and network analysis. Among the most prominent options, Kali Linux and Parrot OS have emerged as leading contenders, each offering unique approaches to cybersecurity operations. This comprehensive analysis reveals that while Kali Linux maintains its position […]

The post Kali Linux vs Parrot OS – Which Penetration Testing Platform is Most Suitable for Cybersecurity Professionals? appeared first on Cyber Security News.

A recent investigation has revealed that Microsoft employed China-based engineers to maintain and support SharePoint software, the same collaboration platform that was recently compromised by Chinese state-sponsored hackers. This revelation raises significant concerns about cybersecurity practices and potential insider threats within critical infrastructure systems used by hundreds of government agencies and private companies. The cybersecurity […]

The post New Report Claims Microsoft Used China-Based Engineers For SharePoint Support and Bug Fixing appeared first on Cyber Security News.

Cybercriminals unleashed a massive wave of mobile malware attacks during the second quarter of 2025, with security researchers detecting nearly 143,000 malicious installation packages targeting Android and iOS devices. This surge represents a significant escalation in mobile cyber threats, affecting millions of users worldwide through sophisticated attack vectors designed to steal sensitive data, compromise financial […]

The post 143,000 Malware Files Attacked Android and iOS Device Users in Q2 2025 appeared first on Cyber Security News.