Cyber Security News

Multiple vulnerabilities have been discovered in CryptoPro Secure Disk (CPSD) for BitLocker, a widely used encryption solution. These flaws could allow an attacker with physical access to a device to gain persistent root access and steal sensitive credentials. The issues identified by security researchers at SEC Consult Vulnerability Lab highlight significant risks for organizations that […]

The post Multiple Vulnerabilities in CPSD CryptoPro Secure Disk for BitLocker Allow Root Access and Credential Theft appeared first on Cyber Security News.

A coordinated attack campaign is actively targeting software developers through malicious repositories disguised as legitimate Next.js projects and technical assessment materials. The attackers rely on job-themed lures, presenting fake recruitment challenges that convince developers to clone and run poisoned code on their own machines. Once a developer executes the project, it silently connects to attacker-controlled […]

The post Microsoft Warns of Hackers Attacking Developers with Malicious Next.js Repositories appeared first on Cyber Security News.

An optional non-security update, KB5077241, has been released for Windows 11 versions 25H2 and 24H2, improving overall functionality, performance, and reliability without addressing security vulnerabilities. The release, which brings the OS builds to 26200.7922 and 26100.7922, includes enhancements to user interface elements and updates to underlying AI components. The most notable visual changes in this […]

The post Microsoft Released Updates for Windows 11, Version 25H2 and 24H2 Systems appeared first on Cyber Security News.

A critical vulnerability in Apache ActiveMQ has been actively exploited by threat actors, leading to a full LockBit ransomware deployment across an enterprise network. Attackers leveraged CVE-2023-46604, a remote code execution flaw in the ActiveMQ messaging broker, to break into an exposed Windows server and ultimately encrypt systems via Remote Desktop Protocol — spanning roughly […]

The post Threat Actors Exploit Apache ActiveMQ Server Vulnerability to Gain RDP Access and Deploy LockBit Ransomware appeared first on Cyber Security News.

A critical AI-driven vulnerability in GitHub Codespaces, dubbed RoguePilot, that enabled attackers to silently hijack a repository by embedding malicious instructions inside a GitHub Issue. The flaw, uncovered by researchers at the Orca Research Pod, exploits the seamless integration between GitHub Issues and the in-Codespaces Copilot AI agent, requiring no direct interaction from the attacker […]

The post GitHub Copilot Exploited to Perform Full Repository Takeover via Passive Prompt Injection appeared first on Cyber Security News.

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on February 24, 2026, designated Russian national Sergey Sergeyevich Zelenyuk and his St. Petersburg-based company Matrix LLC operating publicly as Operation Zero, along with five associated individuals and entities, for acquiring and distributing cyber tools directly harmful to U.S. national security. This marks […]

The post US Sanctions Network of Exploit Brokers That Stole US Government Cyber Tools appeared first on Cyber Security News.

In 2025, threat actors turned widely used artificial intelligence tools into weapons for launching fast, precise network intrusions. CrowdStrike’s 2026 Global Threat Report found an 89% year-over-year increase in attacks by AI-enabled adversaries, as criminals used automation and machine-generated scripts to cut the time between initial entry and full domain access to under 30 minutes. […]

The post Threat Actors Weaponized AI Tools to Gain Full Domain Access within 30 Minutes appeared first on Cyber Security News.

The financial sector remains a prime target for cybercriminals, safeguarding not only vast sums of money but also sensitive personal data, payment systems, and economic trust. Recent reports highlight escalating threats, with 65% of financial organizations hit by ransomware in 2024, the highest rate across industries, while average recovery costs excluding ransoms reached $2.73 million. […]

The post 65% of Financial Organizations Targeted by Ransomware as Cybercriminals Escalate Attacks appeared first on Cyber Security News.

A supply chain attack targeting ASP.NET developers has surfaced, involving four malicious NuGet packages built to steal login credentials and plant persistent backdoors inside web applications. The packages — NCryptYo, DOMOAuth2_, IRAOAuth2.0, and SimpleWriter_ — were published between August 12 and 21, 2024, by a threat actor operating under the username “hamzazaheer,” and together they […]

The post Malicious NuGet Packages Attacking ASP.NET Developers to Steal Login Credentials appeared first on Cyber Security News.

The UK’s Information Commissioner’s Office (ICO) has issued a £14.47 million ($19.52 million) fine against Reddit, Inc. after an investigation concluded the social media platform unlawfully processed the personal information of children under the age of 13, failing to implement effective age verification controls and leaving young users exposed to potentially harmful content. Reddit, which […]

The post Reddit Fined £14.47 Million by UK Regulator for Children’s Privacy Failures appeared first on Cyber Security News.

A critical Remote Code Execution (RCE) vulnerability has been identified in a Ruby background job processing system. The flaw stems from unsafe JSON deserialization, which allows untrusted input to be transformed into executable objects. This issue highlights the hidden dangers of deserialization in Ruby environments, where a single line of code can lead to deterministic […]

The post New Deserialization Vulnerability in Ruby Workers Could Enable Full System Compromise appeared first on Cyber Security News.

Atomic macOS Stealer (AMOS), a well-known data-theft malware, has taken a sharp turn in how it reaches victims. Instead of hiding inside cracked software downloads as it once did, threat actors now embed it within malicious OpenClaw skills — small add-on packages that extend AI agent capabilities on platforms like OpenClaw. AMOS operates as a […]

The post Malicious OpenClaw Skills Used to Trick Users into Manual Password Entry for AMOS Infection appeared first on Cyber Security News.

Wilmington, North America, February 24th, 2026, CyberNewswire In a recent DMARCbis fireside chat, email authentication leaders discussed upcoming DMARC changes and how teams can plan for 2026.  Sendmarc has released a new fireside chat featuring Todd Herr, Principal Solutions Architect at GreenArrow Email and co-editor of DMARCbis, on the upcoming update to DMARC (Domain-based Message […]

The post Sendmarc Releases DMARCbis Fireside Chat Featuring Co-Editor Todd Herr appeared first on Cyber Security News.

A malicious NPM package named buildrunner-dev has been caught hiding .NET malware inside innocent-looking PNG images, using steganography to slip past antivirus tools and deliver a Remote Access Trojan onto Windows systems. Discovered in February 2026, this campaign signals a notable shift in supply chain attack methods, where the actual malicious code remains completely invisible inside what […]

The post Hackers Leverage Steganographic Images to Bypass Anti-Malware Scans and Deploy Malware Payloads appeared first on Cyber Security News.

A group of attackers has built a fake version of the Huorong Security antivirus website to trick users into downloading ValleyRAT, a Remote Access Trojan (RAT) built on the Winos4.0 framework. The campaign is linked to the Silver Fox APT group, a Chinese-speaking threat actor known for distributing trojanized versions of popular Chinese software. Huorong […]

The post Fake Huorong Download Site Used to Deploy ValleyRAT Backdoor in Targeted Malware Campaign appeared first on Cyber Security News.

A Russian-linked cybercrime group named Diesel Vortex has been quietly running a large phishing operation against freight and trucking companies across the United States and Europe. The campaign ran from September 2025 through February 2026 and resulted in more than 1,649 stolen login credentials from users of major logistics platforms, including DAT Truckstop, Penske Logistics, […]

The post Diesel Vortex Russian Cybercrime Group Targets Global Logistics Sector and Steals 1,600+ Credentials appeared first on Cyber Security News.

A sophisticated new malware campaign has emerged, leveraging fake CAPTCHA lures to deceive users and deploy a stealthy information stealer. Identified in early 2026, this activity shares significant behavioral patterns with the ClickFix campaign that previously targeted restaurant reservation systems in July 2025. The operators have refined their social engineering tactics to bypass traditional security […]

The post ClickFix Infostealer Campaign Uses Fake CAPTCHA Lures to Compromise Victims appeared first on Cyber Security News.

Broadcom issued security advisory VMSA-2026-0001 on February 24, 2026, disclosing three vulnerabilities in VMware Aria Operations that pose risks, including remote code execution. Organizations using affected products should prioritize patching to mitigate potential exploits. VMware Aria Operations, a key component in products like VMware Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure, faces command […]

The post Multiple VMware Aria Vulnerabilities Allow Remote Code Execution Attacks appeared first on Cyber Security News.

The CEO of Tesla and xAI recently stated that the artificial intelligence company Anthropic has stolen large amounts of data to train its models. Musk claims this data theft occurred on a massive scale, resulting in the company paying billions of dollars in settlements. The community notes appear to criticize Anthropic’s practices, prompting Musk to […]

The post Elon Musk Accuses Anthropic of Stealing Data in a Massive Scale appeared first on Cyber Security News.

The notorious cybercriminal group has claimed responsibility for a massive data breach targeting the Dutch telecommunications company Odido and its brand BEN. The group ShinyHunters claims to have stolen 21 million records from 8 million customers, suggesting the incident is far more severe than previously disclosed. The data exposed in this alleged breach is highly […]

The post ShinyHunters Allegedly Claim Breach of 21 Million Records from Odido appeared first on Cyber Security News.