Cyber Security News

Recent investigations have revealed an intricate network of sophisticated hacking tools and methodologies being shared and developed within Russian-speaking cybercrime forums. Security researchers have infiltrated what they describe as “one of the most sophisticated and impactful ecosystems within the global cybercrime landscape.” The discovered materials indicate a highly organized underground community with advanced technical capabilities […]

The post Researchers Uncovered Hacking Tools and Techniques Discussed on Russian-Speaking Hacking Forums appeared first on Cyber Security News.

A sophisticated malware campaign dubbed “HollowQuill” has emerged as a significant threat to academic institutions and government agencies worldwide. The attack leverages weaponized PDF documents disguised as research papers, grant applications, or official government communiques to entice unsuspecting victims into initiating the infection chain. The malware employs advanced social engineering tactics to increase its success […]

The post HollowQuill Malware Attacking Government Agencies Worldwide Via Weaponized PDF Documents appeared first on Cyber Security News.

A sophisticated campaign by the Pakistan-linked SideCopy Advanced Persistent Threat (APT) group has emerged since late December 2024, targeting critical Indian government sectors with enhanced tactics. The group has significantly expanded its scope beyond traditional defense and maritime sectors to now include entities under railway, oil & gas, and external affairs ministries, demonstrating an alarming […]

The post SideCopy APT Hackers Mimic as Government Personnel to Deploy Open-Source XenoRAT Tool appeared first on Cyber Security News.

A moderate-severity vulnerability has been identified in Microsoft Identity Web. Under specific conditions, it could potentially expose sensitive client secrets and certificate information in service logs.  The flaw, tracked as CVE-2025-32016, impacts versions 3.2.0 through 3.8.1 of the library and has prompted an urgent advisory from Microsoft. The vulnerability affects Microsoft.Identity.Web, a widely used NuGet […]

The post Microsoft Identity Web Package Vulnerability Exposes Client Secrets & Certificate Information appeared first on Cyber Security News.

Law enforcement agencies across Europe and North America have arrested five individuals linked to the Smokeloader botnet service as part of Operation Endgame’s second phase.  This follow-up action, conducted in early April 2025, specifically targeted the “customers” of the notorious pay-per-install malware service operated by a threat actor known as ‘Superstar’. Customers deployed malware for […]

The post Authorities Seized Smokeloader Malware Operators & Seized Servers appeared first on Cyber Security News.

IPFire has announced the release of version 2.29 (Core Update 193), introducing significant enhancements to the Linux-based firewall distribution.  This update brings forward-thinking security features, including post-quantum cryptography support for IPsec tunnels and major toolchain upgrades that strengthen the system’s core infrastructure. Post-Quantum Cryptography Implementation The standout feature in IPFire 2.29 is the implementation of […]

The post Linux Firewall IPFire 2.29 Released With Support for Post-Quantum Cryptography & Core Updates appeared first on Cyber Security News.

Cybersecurity researchers have identified a significant spike in exploitation attempts targeting TVT NVMS9000 digital video recorders (DVRs), with activity surging to three times normal levels in early April 2025. This new campaign appears to be linked to the infamous Mirai botnet, which continues to evolve by incorporating new vulnerabilities into its arsenal of attack vectors. […]

The post New Mirai Botnet Exploiting TVT DVRs To Gain Administrative Control appeared first on Cyber Security News.

A sophisticated cyber campaign orchestrated by the Russian state-backed group Storm-2372 has emerged, exploiting device code phishing tactics to circumvent Multi-Factor Authentication (MFA) security measures. This targeted approach represents a significant escalation in threat actors’ capabilities to defeat advanced security systems through social engineering, allowing attackers to gain unauthorized access to high-value targets without triggering […]

The post Russian APT Hackers Using Device Code Phishing Technique to Bypass MFA appeared first on Cyber Security News.

A sophisticated fraud scheme known as SMS pumping is quietly draining millions from businesses worldwide by exploiting SMS verification systems. This cybercrime tactic, similar to a modern-day toll scam, involves artificially inflating SMS traffic through automated means, generating fraudulent revenue while leaving legitimate businesses to absorb unexpected costs. The scheme has become increasingly prevalent as […]

The post Threat Actors Turning Messaging Service into a Cash Making Machine appeared first on Cyber Security News.

A hacker known by the alias “Satanic” has claimed responsibility for a massive data breach involving WooCommerce, one of the most widely used eCommerce platforms on the web. The breach, which reportedly occurred on April 6, 2025, involves the theft of over 4.4 million user records, including detailed personal and business information. Cyber Security News […]

The post Hackers Allegedly Claiming WooCommerce Breach, 4.4 Million Customer Details Stolen appeared first on Cyber Security News.

A new wave of phishing emails is sweeping across Latin America, and once again, Grandoreiro is behind it. This banking trojan is no newcomer; it’s been active for years, evolving steadily into a more sophisticated and evasive threat.   With targeted tactics like geofencing and DNS evasion, Grandoreiro is staying just ahead of standard security solutions.  […]

The post How Banking Trojan Grandoreiro is Evolving Tactics To Attack Victims in LATAM  appeared first on Cyber Security News.

OpenSSH 10.0, a significant update to the widely adopted secure remote login and file transfer toolset, was officially released on April 9, 2025.  This milestone version introduces substantial protocol changes, enhanced security features, and critical improvements to prepare for quantum computing threats. The most notable security enhancement is the implementation of the hybrid post-quantum algorithm […]

The post OpenSSH 10.0 Released With Protocol Changes & Security Upgrades appeared first on Cyber Security News.

Hackers intercepted and monitored the emails of over 103 bank regulators at the Office of the Comptroller of the Currency (OCC) for more than a year, gaining access to highly sensitive financial data. The breach was discovered on February 11, 2025, when Microsoft’s security team alerted the OCC about unusual activities on its network. The […]

The post Hackers Intercepted 100+ Bank Regulators’ Emails for More Than a Year appeared first on Cyber Security News.

Google has unveiled Firebase Studio, a groundbreaking cloud-based platform designed to streamline the creation of full-stack AI applications. This innovative tool integrates the power of Gemini AI with existing Firebase services, offering developers an end-to-end solution to prototype, build, test, and deploy applications with unprecedented speed and efficiency. Key Features of Firebase Studio Firebase Studio […]

The post Google Released AI-powered Firebase Studio to Accelerate Build, Test, & Deployment appeared first on Cyber Security News.

A critical vulnerability in the USB-audio driver, which could lead to out-of-bounds memory reads, has been addressed by a recent patch to the Linux kernel, authored by Takashi Iwai of SUSE. The USB-audio driver in the Linux kernel has an out-of-bounds access vulnerability that possibly enables an attacker with physical access to the system to […]

The post Linux USB Audio Driver Vulnerability Let Attackers Execute Arbitrary Code Via Malicious USB Device appeared first on Cyber Security News.

VMware has released critical security updates to address 47 vulnerabilities across multiple VMware Tanzu Greenplum products, including 29 issues in VMware Tanzu Greenplum Backup and Restore and 18 bugs in various components of VMware Tanzu Greenplum.  The security advisories, published on April 7, 2025, include patches for vulnerabilities with CVSS scores as high as 9.8, […]

The post VMware Patches Multiple 47 Vulnerabilities VMware Tanzu Greenplum Backup & Components appeared first on Cyber Security News.

Microsoft has disclosed a significant security vulnerability in Active Directory Domain Services that could allow attackers to elevate their privileges to the system level, potentially gaining complete control over affected systems.  The vulnerability tracked as CVE-2025-29810, was patched as part of Microsoft’s April 2025 Patch Tuesday security update cycle.  Security researchers classify the flaw as […]

The post Windows Active Directory Domain Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.

A sophisticated ransomware strain known as Hellcat has emerged as a formidable threat in the cybersecurity landscape since its first appearance in mid-2024. The malware has rapidly evolved its capabilities, specifically targeting critical sectors including government agencies, educational institutions, and energy infrastructure. This group doesn’t merely encrypt data; they weaponize psychological tactics and exploit previously […]

The post Hellcat Ransomware Updated It’s Arsenal to Attack Government, Education, and Energy Sectors appeared first on Cyber Security News.

Adobe has released a comprehensive set of security updates addressing multiple vulnerabilities across twelve of its products.  The patches, all released on April 8, 2025, aim to resolve critical, important, and moderate security flaws that could potentially expose users to various cyber threats, including arbitrary code execution, privilege escalation, and application denial-of-service attacks. Significant Vulnerabilities […]

The post Adobe Security Update – Patch for Multiple Vulnerabilities Across Products appeared first on Cyber Security News.

Microsoft has confirmed a global outage affecting the Exchange Admin Center (EAC), leaving administrators unable to access critical management tools. The issue, which has been designated as a critical service incident under ID EX1051697, is causing widespread disruptions across organizations relying on Exchange Online. Administrators attempting to log in to the EAC are encountering an […]

The post Microsoft Exchange Admin Center Down Globally appeared first on Cyber Security News.