Cyber Security News

SolarWinds has released an urgent security advisory for a critical vulnerability in its Web Help Desk software that could allow an unauthenticated attacker to achieve remote code execution (RCE). The flaw, tracked as CVE-2025-26399, carries a critical severity rating of 9.8 out of 10, highlighting the severe risk it poses to affected systems. The vulnerability […]

The post SolarWinds Web Help Desk Vulnerability Enables Unauthenticated RCE appeared first on Cyber Security News.

Threat actors were manipulating the Instance Metadata Service (IMDS), a core component designed to securely furnish compute instances with temporary credentials to infiltrate and navigate cloud infrastructures.  By compelling unsuspecting applications to query IMDS endpoints, attackers harvest short-lived tokens, enabling credential theft, lateral movement, and privilege escalation within victim environments. Exploit IMDS Service  Wiz reports […]

The post Hackers Exploits IMDS Service to Gain Initial Access to a Cloud Environment appeared first on Cyber Security News.

Recent High-profile supply‐chain attacks have exposed critical weaknesses in package registry security, prompting GitHub to roll out a suite of defenses designed to harden the npm ecosystem.  “GitHub Enhances npm’s security with strict authentication, granular tokens, and trusted publishing” marks the latest milestone in defending open source against account takeovers and malicious post-install payloads. Account […]

The post GitHub Enhances NPM’s Security with Strict Authentication, Granular Tokens, and  Trusted Publishing appeared first on Cyber Security News.

Digital Charging Solutions GmbH (DCS), a leading provider of white-label charging services for automotive OEMs and fleet operators, has confirmed a data breach affecting a limited number of its customers.  DCS disclosed that unauthorized access to personal data occurred in the course of its customer-support processes. The incident was detected through irregularities in log data and […]

The post EV Charging Provider Confirm Data Breach – Customers Personal Data Exposed appeared first on Cyber Security News.

A sophisticated cyber campaign, dubbed “Operation Rewrite,” is actively hijacking Microsoft Internet Information Services (IIS) web servers to serve malicious content through a technique known as search engine optimization (SEO) poisoning. Palo Alto Networks uncovered the operation in March 2025, attributing it with high confidence to a Chinese-speaking threat actor who uses a malicious IIS […]

The post Hackers Hijacking IIS Servers Using Malicious BadIIS Module to Serve Malicious Content appeared first on Cyber Security News.

In recent weeks, security researchers have uncovered an elaborate phishing campaign that leverages legitimate GitHub notification mechanisms to deliver malicious content. Victims receive seemingly authentic repository alerts, complete with real-looking commit messages and collaborator updates. Upon closer inspection, the notification headers reveal altered sender addresses and obfuscated links. The campaign’s sophistication has allowed it to […]

The post Hackers Abusing GitHub Notifications to Deliver Phishing Emails appeared first on Cyber Security News.

A seemingly innocent patch update for the popular 2D platformer game BlockBlasters has transformed into a sophisticated malware campaign, exposing hundreds of Steam users to data theft and system compromise. The malicious patch, deployed on August 30, 2025, demonstrates how threat actors are increasingly exploiting the gaming ecosystem to distribute information-stealing malware while users remain […]

The post BlockBlasters Steam Game Downloads Malware to Computer Disguised as Patch appeared first on Cyber Security News.

In recent weeks, security researchers have observed a surge in attacks exploiting Oracle Database Scheduler’s External Jobs feature to gain a foothold in corporate environments. This technique abuses the scheduler’s ability to execute arbitrary commands on Windows-based database servers, allowing adversaries to bypass perimeter defenses. Initial intrusion vectors involve probing publicly exposed Oracle listener ports […]

The post Threat Actors Leverage Oracle Database Scheduler to Gain Access to Corporate Environments appeared first on Cyber Security News.

A sophisticated Iran-nexus espionage group known as Subtle Snail has emerged as a significant threat to European telecommunications, aerospace, and defense organizations through an elaborate recruitment-themed social engineering campaign. The group, also identified as UNC1549 and linked to the broader Unyielding Wasp network, has successfully compromised 34 distinct devices across 11 organizations since June 2022 […]

The post Subtle Snail Mimic as HR Representatives to Engage Employees and Steal Login Credentials appeared first on Cyber Security News.

A sophisticated new ransomware group has emerged from the shadows, targeting multinational organizations across diverse sectors with precision and systematic approach. Kawa4096, first detected in June 2025, has rapidly established itself as a formidable threat to enterprises spanning finance, education, and service industries, particularly focusing on victims in Japan and the United States. The group’s […]

The post Kawa4096 Ransomware Attacking Multinational Organizations to Exfiltrate Sensitive Data appeared first on Cyber Security News.

Three of the cybersecurity industry’s most prominent vendors, Microsoft, SentinelOne, and Palo Alto Networks, have announced they will not participate in the 2026 MITRE ATT&CK Evaluations. The coordinated withdrawal marks a significant shift in how leading security companies approach independent product validation, with all three citing a strategic reallocation of resources toward internal innovation and customer-focused initiatives. […]

The post Microsoft, SentinelOne, and Palo Alto Networks Withdraw from 2026 MITRE ATT&CK Evaluations appeared first on Cyber Security News.

The cybersecurity landscape faces a growing threat from sophisticated Phishing-as-a-Service (PhaaS) platforms that are democratizing cybercrime by lowering technical barriers for fraudsters worldwide. Among these emerging threats, the Lucid PhaaS platform has established itself as a formidable force in the underground economy, enabling massive-scale phishing operations across multiple continents and industry sectors. Security researchers have […]

The post Lucid PhaaS With 17,500 Phishing Domains Mimics 316 Brands From 74 Countries appeared first on Cyber Security News.

A recent optional update for Windows 11 version 24H2 is causing significant video playback issues for users with certain media applications. Microsoft has confirmed that the update, released in late August, can prevent protected content from playing correctly on Blu-Ray, DVD, and some Digital TV software. The issue stems from the non-security preview update KB5064081, […]

The post Windows 11 24H2 Update KB5064081 Breaks Video Content Playback appeared first on Cyber Security News.

In 2025, organizations demand robust, intelligent solutions to manage, secure, and optimize their growing endpoint fleets. With cyber threats escalating and workforces becoming more distributed, the need for autonomous endpoint management tools has never been greater. These platforms automate device onboarding, software distribution, vulnerability patching, compliance, and more all backed by AI to reduce IT […]

The post Top 10 Best Autonomous Endpoint Management Tools in 2025 appeared first on Cyber Security News.

Automotive giant Stellantis, the parent company of major brands including Citroën, FIAT, Jeep, Chrysler, and Peugeot, has confirmed a data breach affecting its customers in North America. The company announced on Sunday that it detected unauthorized access to the platform of a third-party service provider that supports its customer service operations. Stellantis has not disclosed […]

The post Stellantis, the Maker of Citroën, FIAT, Jeep, and Other Cars, Confirms Data Breach appeared first on Cyber Security News.

Attackers increasingly exploit Microsoft Exchange inbox rules to maintain persistence and exfiltrate data within enterprise environments.  A newly released tool, Inboxfuscation, leverages Unicode-based obfuscation to craft malicious inbox rules that slip past conventional security controls.  Developed by Permiso, the Inboxfuscation framework demonstrates how attackers can weaponize Exchange’s rule engine, creating stealthy persistence mechanisms that evade […]

The post New Inboxfuscation Tool That Bypasses Microsoft Exchange Inbox Rules and Evade Detection appeared first on Cyber Security News.

Google Chrome’s V8 JavaScript engine has been compromised by a critical type confusion zero-day vulnerability, designated CVE-2025-10585, marking the sixth actively exploited Chrome zero-day discovered in 2025.  This high-severity flaw, with an estimated CVSS 3.1 score of 8.8, enables remote code execution through sophisticated memory corruption techniques that bypass Chrome’s sandbox protections. The vulnerability exploits […]

The post Chrome Type Confusion 0-Day Vulnerability Code Analysis Released appeared first on Cyber Security News.

Canada’s law enforcement community has achieved a landmark victory in the fight against illicit finance with the dismantling of TradeOgre, a Tor-based cryptocurrency exchange that facilitated the theft and laundering of over 56 million dollars in digital assets. Emerging in early 2023, TradeOgre operated entirely as a hidden service, leveraging the anonymity of the Tor […]

The post Canada Police Dismantles TradeOgre Platform That Stolen 56 Million Dollars in Cryptocurrency appeared first on Cyber Security News.

A sophisticated spoofing campaign has emerged targeting the Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3). Beginning in mid-September 2025, victims attempting to access IC3’s official portal were redirected to fraudulent domains crafted to mirror the legitimate site. The impersonators employed look-alike URLs—such as “ic3-gov.com” and “ic3gov.org”—and reproduced authentic branding, including the FBI seal […]

The post Threat Actors Impersonate FBI IC3 Website to Steal The Visitors’ Personal Information appeared first on Cyber Security News.

Industrial automation systems have become the latest battleground for sophisticated cybercriminals who are deploying cleverly crafted malicious scripts and phishing pages to compromise ICS computers. Over the first half of 2025, attackers have increasingly shifted to web-based attack vectors, exploiting legacy interfaces, weak authentication, and outdated software in operational technology environments. These threat actors deliver […]

The post Threat Actors Attacking ICS Computers With Malicious Scripts and Phishing Pages appeared first on Cyber Security News.