Cyber Security News

The cybersecurity landscape is witnessing a rise in sophisticated malware that leverages legitimate tools to mask malicious intent. A prime example is VVS Stealer (also styled VVS $tealer). This Python-based malware family has been actively marketed on Telegram since April 2025. This threat targets Discord users explicitly to exfiltrate sensitive credentials, tokens, and browser data. […]

The post VVS Stealer Uses PyArmor Obfuscation to Evade Static Analysis and Signature Detection appeared first on Cyber Security News.

Over 10,000 Fortinet firewalls worldwide remain vulnerable to CVE-2020-12812, a multi-factor authentication (MFA) bypass flaw disclosed over five and a half years ago. Shadowserver recently added the issue to its daily Vulnerable HTTP Report, highlighting persistent exposure amid active exploitation confirmed by Fortinet in late 2025.​ CVE-2020-12812 stems from improper authentication in FortiOS SSL VPN […]

The post 10,000+ Fortinet Firewalls Still Exposed to 5-year Old MFA Bypass Vulnerability appeared first on Cyber Security News.

In December 2025, the Iranian-linked hacking group Handala claimed to have fully compromised the mobile devices of two prominent Israeli political figures. However, detailed analysis by Kela cyber intelligence researchers revealed a more limited scope—the breaches targeted Telegram accounts specifically, not complete device access. The group claimed to have breached former Prime Minister Naftali Bennett’s […]

The post Handala Hackers Targeted Israeli Officials by Compromising Telegram Accounts appeared first on Cyber Security News.

Hackers have launched a sophisticated phishing campaign exploiting Google Tasks notifications to target over 3,000 organizations worldwide, primarily in the manufacturing sector. The December 2025 attacks signal a dangerous shift in email-based threats, in which attackers abuse legitimate Google infrastructure rather than spoofing domains or forging email headers. The phishing emails originated from a legitimate […]

The post Hackers Abusing Google Tasks Notification for Sophisticated Phishing Attack appeared first on Cyber Security News.

A sophisticated threat group has intensified its campaign against organizations by leveraging the latest vulnerabilities in web applications and Internet of Things (IoT) devices. The RondoDoX botnet, tracked through exposed command-and-control logs spanning nine months from March to December 2025, demonstrates a relentless approach to compromising enterprise infrastructure. The malware operates through a multi-stage infection […]

The post RondoDoX Botnet Weaponizing a Critical React2Shell Vulnerability to Deploy Malware appeared first on Cyber Security News.

A sophisticated phishing campaign is currently circulating within the Cardano community, posing significant risks to users seeking to download the newly announced Eternl Desktop application. The attack leverages a professionally crafted email claiming to promote a legitimate wallet solution designed for secure Cardano token staking and governance participation. The fraudulent announcement references ecosystem-specific incentives, including […]

The post Potential Wallet Phishing Campaign Targets Cardano Users via ‘Eternl Desktop’ Announcement appeared first on Cyber Security News.

Cybersecurity researchers have identified a new variant of the Shai Hulud malware that reveals important insights into how threat actors are evolving their attack strategies. The malware, first observed in recent security analysis, demonstrates significant changes from its original version, suggesting deliberate improvements made by individuals with deep access to the worm’s source code. This […]

The post Threat Actors Testing Modified and Highly Obfuscated Version of Shai Hulud Strain appeared first on Cyber Security News.

Cognizant Technology Solutions is facing multiple class-action lawsuits following a significant data breach at TriZetto Provider Solutions (TPS), its healthcare claims processing subsidiary. The lawsuits, filed in federal courts in New Jersey and Missouri, allege that the company failed to protect sensitive personal information and delayed disclosing the security incident. According to court filings, hackers […]

The post Cognizant Hit With Multiple US Class-Action Lawsuits Following TriZetto Data Breach appeared first on Cyber Security News.

A critical security advisory warned of severe vulnerabilities in WHILL electric wheelchairs that could allow attackers to hijack the devices via Bluetooth remotely. The alert affects two popular models used worldwide: the WHILL Model C2 Electric Wheelchair and Model F Power Chair, both manufactured by Japan-based WHILL Inc. Security researchers from QED Secure Solutions discovered […]

The post CISA Warns of WHILL Model C2 Wheelchairs Vulnerability Let Attackers Take Control of Product appeared first on Cyber Security News.

The cybersecurity community was alarmed in late December 2025 when MongoDB announced a serious vulnerability called “Mongobleed” (CVE-2025-14847). This high-severity flaw allows unauthenticated attackers to steal sensitive data directly from server memory. With a CVSS score of 8.7 and over 87,000 potentially vulnerable MongoDB instances exposed worldwide, this pre-authentication memory disclosure vulnerability has rapidly become […]

The post Lessons From Mongobleed Vulnerability (CVE-2025-14847) That Actively Exploited In The Wild appeared first on Cyber Security News.

After a decade of disappearing from the cybersecurity landscape, the Careto threat group, also known as “The Mask,” has resurfaced with sophisticated new attack methods targeting high-profile organizations. Security researchers have identified fresh evidence of Careto’s activity, revealing how the group evolved its tactics to compromise critical infrastructure and maintain persistent access to sensitive networks. […]

The post Careto Hacker Group is Back After 10 Years of Silence with New Attack Tactics appeared first on Cyber Security News.

A newly disclosed use-after-free vulnerability in Apache NuttX RTOS could allow attackers to cause system crashes and unintended filesystem operations, prompting urgent security warnings for users running network-exposed services. The flaw, tracked as CVE-2025-48769 and rated moderate in severity, affects a wide range of NuttX versions and was publicly disclosed on December 31, 2025. The […]

The post Apache NuttX Vulnerability Let Attackers to Crash Systems appeared first on Cyber Security News.

Endpoint Detection and Response (EDR) solutions stand as critical shields for devices and data against 2026’s escalating cyber threats. CrowdStrike Falcon Insight XDR dominates with AI-driven detection and a lightweight agent. Palo Alto Networks Cortex XDR unifies visibility across endpoints, networks, and cloud. Microsoft Defender for Endpoint shines via deep Microsoft ecosystem integration and AI-powered […]

The post Top 10 Best EDR Solutions (Endpoint Detection & Response) In 2026 appeared first on Cyber Security News.

The cybersecurity landscape in 2025 has been marked by an unprecedented surge in critical vulnerabilities, with over 21,500 CVEs disclosed in the first half of the year alone, representing a 16-18% increase compared to 2024. Among these, a select group of vulnerabilities stands out due to their exceptional severity, active exploitation in the wild, and […]

The post Top 10 High-Risk Vulnerabilities Of 2025 that Exploited in the Wild appeared first on Cyber Security News.

An open-source solution for handling encrypted WhatsApp backups. The wa-crypt-tools suite, hosted on GitHub, decrypts and encrypts .crypt12, .crypt14, and .crypt15 files from WhatsApp and WhatsApp Business, provided users supply the required key file or 64-character key.​ wa-crypt-tools simplifies access to WhatsApp’s end-to-end encrypted backups, which store chat histories, media, and metadata in SQLite databases […]

The post WhatsApp Crypt Tool to Encrypt and Decrypt WhatsApp Backups appeared first on Cyber Security News.

A federal court in the Southern District of Florida has accepted guilty pleas from two cybersecurity professionals who used their expertise to conduct ransomware attacks rather than stop them. Ryan Goldberg, 40, from Georgia, and Kevin Martin, 36, from Texas, pleaded guilty to conspiracy to commit extortion through ransomware operations. Between April and December 2023, […]

The post Two U.S. CyberSecurity Pros Plead Guilty for Working as ALPHV/BlackCat Affiliates appeared first on Cyber Security News.

A new wave of GlassWorm malware has emerged, marking a significant shift in targeting strategy from Windows to macOS systems. This self-propagating worm, distributed through malicious VS Code extensions on the Open VSX marketplace, has already accumulated over 50,000 downloads. The fourth wave introduces several concerning changes including encrypted payloads, hardware wallet trojanization capabilities, and […]

The post Self-Propagating GlassWorm Weaponizing VS Code Extensions to Attack macOS Users appeared first on Cyber Security News.

A dangerous cybercrime tool known as ErrTraffic has appeared in underground forums, making it easier for attackers to trick users into running harmful software on their devices. The tool automates what security experts call ClickFix attacks, where fake error messages push people to manually execute malicious commands. Unlike older methods that tried to secretly download […]

The post New Cybercrime Tool ErrTraffic Let Attackers Automate ClickFix Attacks appeared first on Cyber Security News.

Researchers have uncovered DarkSpectre, a well-funded Chinese threat actor responsible for infecting over 8.8 million users across Chrome, Edge, and Firefox browsers through a series of highly coordinated malware campaigns spanning seven years. The discovery reveals a level of operational sophistication rarely seen in the threat landscape, with the group running multiple distinct campaigns simultaneously, […]

The post DarkSpectre Hackers Infected 8.8 Million Chrome, Edge, and Firefox Users with Malware appeared first on Cyber Security News.

A critical security alert regarding a severe vulnerability in the IBM API Connect platform that could allow remote attackers to bypass authentication mechanisms. Discovered during internal testing, the flaw poses a significant risk to organizations relying on the platform for API management. It grants unauthorized actors access to the application without requiring valid credentials. The […]

The post Critical IBM API Connect Vulnerability Let Attackers Bypass Logins appeared first on Cyber Security News.