Cyber Security News

Remcos, a commercial remote access tool distributed by Breaking-Security and marketed as administrative software, has become a serious threat in the cybersecurity landscape. Developed in the mid-2010s, this malware enables attackers to execute remote commands, steal files, capture screens, log keystrokes, and collect user credentials through command-and-control servers using HTTP or HTTPS channels. Despite being […]

The post Remcos RAT C2 Activity Mapped Along with The Ports Used for Communications appeared first on Cyber Security News.

The Lazarus APT Group has unveiled a new Remote Access Trojan called ScoringMathTea, representing a significant advancement in their cyberattack capabilities. This C++ based malware was identified as part of Operation DreamJob, a campaign aligned with the North Korean government. The threat actors have been targeting companies that provide Unmanned Aerial Vehicle technology to Ukraine, […]

The post Lazarus APT Group New ScoringMathTea RAT Enables Remote Command Execution Among Other Capabilities appeared first on Cyber Security News.

A critical command injection vulnerability has been discovered in the W3 Total Cache plugin, one of WordPress’s most popular caching solutions used by approximately 1 million websites. The vulnerability, tracked as CVE-2025-9501 with a CVSS severity score of 9.0 (Critical), allows unauthenticated attackers to execute arbitrary PHP commands directly on vulnerable servers. W3 Total Cache Vulnerability The flaw exists in […]

The post W3 Total Cache Command Injection Vulnerability Exposes 1 Million WordPress Sites to RCE Attacks appeared first on Cyber Security News.

A serious security flaw was discovered in the AI-Bolit component of Imunify products. This vulnerability allows attackers to run arbitrary code and even become root on a server. Imunify released a fix on October 23, 2025, and most servers have already received the automatic update. Currently, there are no reports of hackers exploiting this security […]

The post Imunify AI-Bolit Vulnerability Let Execute Arbitrary Code and Escalate Privileges to Root appeared first on Cyber Security News.

The notorious Everest ransomware group has claimed responsibility for a major cyber breach against Under Armour, the global sportswear giant, alleging the theft of 343 GB of internal data that could impact millions of customers and employees worldwide. The announcement, posted on the group’s dark web leak site on November 16, 2025, includes a sample […]

The post Everest Ransomware Group Allegedly Exposes 343 GB of Sensitive Data in Major Under Armour Breach appeared first on Cyber Security News.

Since mid-2024, a sophisticated Iranian-backed threat group known as UNC1549 has been conducting targeted campaigns against aerospace, aviation, and defense organizations across the globe. The hackers employ an advanced dual approach, combining carefully crafted phishing campaigns with the exploitation of trusted connections between primary targets and their third-party suppliers. This strategy proves particularly effective against […]

The post UNC1549 Hackers with Custom Tools Attacking Aerospace and Defense Systems to Steal Logins appeared first on Cyber Security News.

Google has announced the public preview of its Alert Triage and Investigation agent, a significant advancement in artificial intelligence-driven security operations. The intelligent agent is now embedded directly within Google Security Operations, helping security teams process alerts faster and more effectively. The new agent represents a significant step toward Google’s vision of an “Agentic SOC,” a […]

The post Google Reveals Public Preview of Alert Triage and Investigation Agent for Security Operations appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about a severe vulnerability in Lynx+ Gateway devices that could expose sensitive information in clear text during transmission. The flaw allows attackers to catch network traffic and obtain plaintext credentials and other confidential data. The vulnerability, tracked as CVE-2025-62765, stems from the product’s […]

The post CISA Warns of Critical Lynx+ Gateway Vulnerability Exposes Data in Cleartext appeared first on Cyber Security News.

Lynx ransomware has emerged as a significant threat to enterprise environments, with recent intrusions demonstrating sophisticated attack strategies that prioritize data exfiltration and infrastructure destruction. The malware campaign combines compromised credentials with careful planning to ensure maximum impact on target networks. Security researchers continue to monitor this evolving threat as attackers refine their techniques and […]

The post Threat Actors Leveraging Compromised RDP Logins to Deploy Lynx Ransomware After Deleting Server Backups appeared first on Cyber Security News.

IBM has released critical security updates addressing two severe vulnerabilities in its AIX operating system that could allow remote attackers to execute arbitrary commands on affected systems. Both vulnerabilities stem from improper process controls in essential IBM AIX services. Critical Flaws in IBM AIX Services The first vulnerability, CVE-2025-36251, affects the Nimsh service and its […]

The post IBM AIX Vulnerabilities Let Remote Attacker Execute Arbitrary Commands appeared first on Cyber Security News.

Google has rushed out a critical update for its Chrome browser to address a zero-day vulnerability actively exploited in the wild, urging users to update immediately to mitigate the risk posed by sophisticated attackers. The patch, rolled out in Chrome Stable version 142.0.7444.175 for Windows and Linux, and 142.0.7444.176 for Mac, fixes two high-severity type […]

The post Chrome Type Confusion Zero-Day Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.

Pig-butchering scams have grown into one of the most damaging global cybercrime threats, causing billions of dollars in losses every year. These long-term investment fraud schemes work by building trust through emotional grooming and fake trading platforms before draining victims of their life savings. The scams now operate at an industrial scale, and criminal groups […]

The post Pig-Butchering Scams Operators Scaled Their Operations with The Support of AI-Assistants appeared first on Cyber Security News.

Menlo Park, California, USA, November 17th, 2025, CyberNewsWire AccuKnox, a global leader in Zero Trust Cloud-Native Application Protection Platforms (CNAPP), today announced its distributor partnership with Frentree, a leading cybersecurity solutions provider in South Korea. The collaboration aims to strengthen cloud, container, and AI workload security for enterprises across the region by combining Frentree’s strong […]

The post Frentree Partners with AccuKnox to Expand Zero Trust CNAPP Security in South Korea appeared first on Cyber Security News.

A new open-source security tool, TaskHound, helps penetration testers and security professionals identify high-risk Windows scheduled tasks that could expose systems to attacks. The tool automatically discovers tasks running with privileged accounts and stored credentials, making it a valuable addition to security assessments. What Makes TaskHound Different? TaskHound stands out by automating the discovery of dangerous […]

The post TaskHound Tool – Detects Windows Scheduled Tasks Running with Elevated Privileges and Stored Credentials appeared first on Cyber Security News.

A new phishing campaign has emerged that weaponizes Microsoft Entra guest user invitations to deceive recipients into making phone calls to attackers posing as Microsoft support. The attack leverages a critical security gap in how Microsoft Entra communicates with external users, turning a legitimate collaboration feature into a delivery mechanism for sophisticated social engineering attacks. […]

The post Hackers Leverages Microsoft Entra Tenant Invitations to Launch TOAD Attacks appeared first on Cyber Security News.

CISA has issued an urgent alert about a critical vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF), actively exploited by threat actors to seize administrative control of affected systems. Tracked as CVE-2025-64446, the flaw stems from a relative path traversal issue (CWE-23) that enables unauthenticated attackers to execute arbitrary administrative commands through specially crafted HTTP […]

The post CISA Warns of Fortinet FortiWeb WAF Vulnerability Exploited in the Wild to Gain Admin Access appeared first on Cyber Security News.

In November 2025, a new malware campaign emerged that combines social engineering tricks with advanced stealing tools. The attack starts when criminals trick users into running commands through the Windows Run window, a technique known as ClickFix. Once users follow these instructions, their computers become infected with Amatera Stealer, an advanced piece of malware designed […]

The post EVALUSION Campaign Using ClickFix Technique to deploy Amatera Stealer and NetSupport RAT appeared first on Cyber Security News.

As artificial intelligence infrastructure rapidly expands, critical security flaws threaten the backbone of enterprise AI deployments. Security researchers at Oligo Security have uncovered a series of dangerous Remote Code Execution (RCE) vulnerabilities affecting major AI frameworks from Meta, NVIDIA, Microsoft, and PyTorch projects, including vLLM and SGLang. The vulnerabilities, collectively termed “ShadowMQ,” stem from the […]

The post Critical RCE Vulnerabilities in AI Inference Engines Exposes Meta, Nvidia and Microsoft Frameworks appeared first on Cyber Security News.

A dangerous espionage campaign is targeting senior government and defense officials worldwide. Iranian hackers are using fake conference invitations and meeting requests to trick victims. The attackers spend weeks building trust before striking. They reach out through WhatsApp to make their messages look legitimate. This campaign, known as SpearSpecter, combines patience with powerful malware to […]

The post Iranian SpearSpecter Attacking High-Value Officials Using Personalized Social Engineering Tactics appeared first on Cyber Security News.

A sandbox escape vulnerability affecting iPhones and iPads running iOS 16.2 beta 1 or earlier versions. The proof-of-concept (POC) exploits weaknesses in the itunesstored and bookassetd daemons, enabling attackers to modify sensitive files on the device’s Data partition areas typically protected from unauthorized access. Researcher Kim shared the details in a blog post on October […]

The post New MobileGestalt Exploit for iOS 26.0.1 Enables Unauthorized Writes to Protected Data appeared first on Cyber Security News.