Cyber Security News

The Cybersecurity and Infrastructure Security Agency released five critical Industrial Control Systems advisories on December 2, 2025, addressing significant security threats across industrial environments. These advisories cover vulnerabilities and active exploits affecting systems used in manufacturing, power generation, and medical device operations worldwide. The timing of this release highlights growing concerns about the targeted nature […]

The post CISA Releases Five ICS Advisories Covering Vulnerabilities, and Exploits Surrounding ICS appeared first on Cyber Security News.

A new security assessment tool has been released to help researchers and administrators identify React Server Components (RSC) endpoints potentially exposed to CVE-2025-55182. Developed as a lightweight by Pentester with the alias Fatguru, a non-intrusive Python script, the scanner offers a method for “Surface Detection” that avoids the pitfalls of aggressive proof-of-concept (PoC) exploits, which […]

The post New Scanner Tool for Detecting Exposed ReactJS and Next.js RSC Endpoints (CVE-2025-55182) appeared first on Cyber Security News.

A new security report reveals a troubling reality about the state of online phishing operations. Recent research has uncovered over 42,000 validated URLs and domains actively serving phishing kits, command-and-control infrastructure, and malicious payload delivery systems. The scale and sophistication of these operations represent a significant departure from traditional phishing attempts. Rather than simple misspelled […]

The post New Report Warns of 68% Of Actively Serving Phishing Kits Protected by CloudFlare appeared first on Cyber Security News.

India has implemented a mandatory SIM-binding requirement for messaging applications, including WhatsApp, Telegram, Signal, Snapchat, and others. The Department of Telecommunications issued a directive on November 28 requiring all app-based communication services to ensure that users maintain an active SIM card in their devices to access messaging features. Under the new rules, messaging platforms must […]

The post India’s New SIM-Binding Rule for WhatsApp, Signal, Telegram and Other Messaging Platforms appeared first on Cyber Security News.

A critical security vulnerability has been discovered in Industrial Video & Control’s Longwatch video surveillance system, allowing attackers to execute malicious code with elevated privileges remotely. The flaw, tracked as CVE-2025-13658, affects Longwatch versions 6.309 through 6.334 and has received a severe CVSS v4 score of 9.3. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued […]

The post Longwatch RCE Vulnerability Let Attackers Execute Remote Code With Elevated Privileges appeared first on Cyber Security News.

A new feature in Anthropic’s Claude AI, known as Claude Skills, has been identified as a potential vector for ransomware attacks. This feature, designed to extend the AI’s capabilities through custom code modules, can be manipulated to deploy malware like the MedusaLocker ransomware without the user’s explicit awareness. The seemingly legitimate appearance of these Skills […]

The post Hackers Can Weaponize Claude Skills to Execute MedusaLocker Ransomware Attack appeared first on Cyber Security News.

The decentralized finance sector witnessed a devastating breach targeting Yearn Finance’s yETH pool, resulting in the theft of approximately $9 million on November 30, 2025. The attacker executed a highly sophisticated exploit, minting an astronomical 235 septillion yETH tokens while depositing a mere 16 wei—an amount worth less than a fraction of a cent. This […]

The post Hackers Exploit Critical Yearn Finance’s yETH Pool Vulnerability to Steal $9 Million in Ethereum appeared first on Cyber Security News.

A new 29.7 Tbps distributed denial-of-service (DDoS) blast from the Aisuru botnet has set a new world record for attack volume, underscoring how fragile core internet infrastructure remains under extreme load. The previous record of 22Tbps, quietly broken in Q3 2025 and mitigated by Cloudflare, pushes global defenders into an era where multi-terabit attacks are […]

The post 29.7 Tbps DDoS Attack Via Aisuru Botnet Breaks Internet With New World Record appeared first on Cyber Security News.

A sophisticated phishing campaign has emerged targeting business professionals with Calendly-themed emails, combining social engineering with advanced credential theft techniques. The attack specifically focuses on Google Workspace and Facebook Business accounts, using carefully crafted job opportunity lures to trick users into sharing their login information. The campaign began when a customer received a highly convincing […]

The post Hackers Using Calendly-Themed Phishing Attack to Steal Google Workspace Account appeared first on Cyber Security News.

A serious privilege escalation vulnerability in K7 Ultimate Security, an antivirus product from K7 Computing, was found by abusing named pipes with overly permissive access control lists. This flaw enables low-privileged users to manipulate registry settings and achieve SYSTEM-level access without triggering UAC prompts, prompting multiple patch attempts that researchers bypassed. The issue surfaced during […]

The post K7 Antivirus Vulnerability Allows Attackers Gain SYSTEM-level Privileges appeared first on Cyber Security News.

A significant supply chain security breach has emerged with the discovery of Shai-Hulud 2.0, a sophisticated malware that has compromised over 30,000 GitHub repositories since its emergence on November 24, 2025. This worm-like malware represents a growing threat to the developer ecosystem, specifically targeting the NPM package manager and spreading across multiple platforms including Maven […]

The post Shai-Hulud 2.0 Malware Attack Compromised 30,000 Repositories and Stolen 500 GitHub Usernames and Tokens appeared first on Cyber Security News.

The open-source software supply chain recently encountered a deceptive threat in the form of evm-units, a malicious Rust crate published by the author ablerust. Masquerading as a standard utility for verifying Ethereum Virtual Machine (EVM) versions, the package accumulated thousands of downloads before it was removed. While the library appeared to perform legitimate version checks, […]

The post Malicious Rust Evm-Units Mimic as EVM Version Silently Executes OS-specific Payloads appeared first on Cyber Security News.

On Thanksgiving eve, a sophisticated threat actor known as Storm-0900 launched a high-volume phishing campaign targeting users across the United States. Microsoft Threat Intelligence security analysts detected and blocked this coordinated attack consisting of tens of thousands of emails designed to deceive recipients during the holiday period. The campaign employed two primary social engineering themes […]

The post Storm-0900 Hackers Leveraging Parking Ticket and Medical Test Themes in Massive Phishing Attack appeared first on Cyber Security News.

CISA has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities catalog, signaling active exploitation in the wild. The vulnerabilities affect the Android OS and pose significant risks to millions of mobile devices worldwide. CISA added the vulnerabilities to its KEV catalog on December 2, 2025, requiring federal agencies and critical infrastructure operators […]

The post CISA Warns of Android 0-Day Vulnerability Exploited in Attacks appeared first on Cyber Security News.

MuddyWater, an Iran-aligned cyberespionage group also known as Mango Sandstorm, has launched a new, highly targeted campaign against critical infrastructure in Israel and Egypt. Active from September 2024 through March 2025, the group zeroed in on diverse sectors including engineering, utilities, local government, and technology. This operation marks a distinct evolution in their operational maturity, […]

The post MuddyWater Attacks Critical Infrastructure With Custom Malware and Improved Tactics appeared first on Cyber Security News.

Microsoft has officially confirmed a critical issue affecting enterprise and managed environments running Windows 11 versions 24H2 and 25H2. The bug, first triggered by cumulative updates released in July 2025, causes widespread failures in essential UI components, rendering the desktop unusable for many users. According to an updated support document released on December 2, 2025, […]

The post Microsoft Confirms Windows 11 25H2 UI Features Broken Along With 24H2 Following Update appeared first on Cyber Security News.

A new and dangerous phishing campaign is targeting organizations with a deceptive “Executive Award” theme that combines social engineering with advanced malware delivery. This two-stage attack first tricks users into sharing their login credentials through a fake HTML form, then deploys the Stealerium information stealer to compromise affected systems. The campaign represents a growing trend […]

The post Beware of the New ‘Executive Award’ Campaign That Uses ClickFix to Deliver Stealerium Malware appeared first on Cyber Security News.

A critical security flaw in the popular “King Addons for Elementor” WordPress plugin has left thousands of websites at risk of complete takeover, security researchers have warned. The vulnerability, tracked as CVE-2025-8489, allows unauthenticated attackers to register new accounts with full administrator rights by abusing an insecure registration function in the plugin. King Addons for […]

The post Critical Elementor Plugin Vulnerability Let Attackers Takeover WordPress Site Admin Control appeared first on Cyber Security News.

A critical Stored XSS vulnerability in Angular’s template compiler (CVE-2025-66412) allows attackers to execute arbitrary code by weaponizing SVG animation attributes. Bypassing Angular’s built-in security sanitization mechanisms and affecting applications using versions below 19.2.17, 20.3.15, or 21.0.2. The Angular template compiler includes an incomplete security schema that fails to classify and sanitize URL-holding attributes and […]

The post Angular Platform Vulnerability Allows Malicious Code Execution Via Weaponized SVG Animation Files appeared first on Cyber Security News.

A critical warning regarding a severe authentication vulnerability affecting Iskra’s iHUB and iHUB Lite intelligent metering gateways used in energy infrastructure worldwide. The flaw, tracked as CVE-2025-13510, carries a CVSS v4 severity score of 9.3, indicating an exploit that requires minimal technical complexity for attackers. The vulnerability stems from the absence of an authentication mechanism […]

The post CISA Warns of Iskra iHUB Vulnerability Allowing Remote Device Reconfiguration appeared first on Cyber Security News.