Cyber Security News

A critical vulnerability in OpenAI’s newly launched ChatGPT Atlas browser enables attackers to inject malicious instructions into ChatGPT’s memory and execute remote code on user systems. This flaw, uncovered by LayerX, exploits Cross-Site Request Forgery (CSRF) to hijack authenticated sessions, potentially infecting devices with malware or granting unauthorized access. The discovery highlights escalating risks in […]

The post OpenAI Atlas Browser Vulnerability Allows Malicious Code Injection into ChatGPT appeared first on Cyber Security News.

Microsoft is actively probing a glitch in its Teams platform that’s disrupting text-to-speech features, leaving users frustrated during critical auto-attendant calls. The company confirmed the problem via its official Microsoft 365 Status account on X (formerly Twitter) on October 27, 2025, urging administrators to check incident TM1180557 in the admin center for updates. This outage […]

The post Microsoft Investigation Teams text-to-speech Functionality Issue Impacting Users – Update appeared first on Cyber Security News.

Qilin ransomware has emerged as one of the most devastating threats in the second half of 2025, operating at an alarming pace with over 40 victim disclosures per month on its public leak site. Originally tracked under the name Agenda before rebranding to Qilin around July 2022, this ransomware-as-a-service platform has evolved into a global […]

The post Qilin Ransomware Leveraging Mspaint and Notepad to Find Files with Sensitive Information appeared first on Cyber Security News.

Famous Chollima, a threat group affiliated with North Korea’s Reconnaissance General Bureau, has significantly expanded its operational capabilities by integrating two potent malware strains: BeaverTail and OtterCookie. This convergence marks a critical evolution in the group’s attack methodology, targeting cryptocurrency and blockchain sectors with renewed sophistication. The merging of these toolsets reflects a deliberate shift […]

The post North Korean Chollima Actors Added BeaverTail and OtterCookie to Its Arsenal appeared first on Cyber Security News.

Threat actors have launched a significant mass exploitation campaign targeting critical vulnerabilities in two popular WordPress plugins, GutenKit and Hunk Companion, affecting hundreds of thousands of websites globally. These vulnerabilities, discovered in September and October 2024, have resurfaced as an active threat in October 2025, demonstrating the persistent danger of unpatched installations. The attack vectors […]

The post Hackers Actively Exploiting WordPress Arbitrary Installation Vulnerabilities in The Wild appeared first on Cyber Security News.

The notorious Mem3nt0 mori hacker group has been actively exploiting a zero-day vulnerability in Google Chrome, compromising high-profile targets across Russia and Belarus. Dubbed CVE-2025-2783, this flaw allowed attackers to bypass Chrome’s robust sandbox protections with minimal user interaction, leading to the deployment of sophisticated spyware. Discovered by Kaspersky researchers in March 2025, Google swiftly […]

The post Chrome 0-Day Vulnerability Actively Exploited in Attacks by Notorious Hacker Group appeared first on Cyber Security News.

HashiCorp has disclosed two critical vulnerabilities in its Vault software that could allow attackers to bypass authentication controls and launch denial-of-service (DoS) attacks. Published on October 23, 2025, these flaws affect both Vault Community Edition and Vault Enterprise, prompting urgent recommendations for upgrades. The issues, tracked as CVE-2025-12044 and CVE-2025-11621, stem from misconfigurations in resource […]

The post HashiCorp Vault Vulnerabilities Let Attack Bypass Authentication And Trigger DoS Attack appeared first on Cyber Security News.

Cybercriminals continue to evolve their tactics for compromising systems, with recent campaigns demonstrating a significant shift from traditional fake update methods to more sophisticated social engineering approaches. Throughout 2025, threat actors have increasingly adopted the ClickFix technique as their primary delivery mechanism for deploying NetSupport Manager, a legitimate remote administration tool that has become attractive […]

The post Hackers Leveraging ClickFix Technique to Deploy NetSupport RAT Loaders appeared first on Cyber Security News.

The notorious cybercrime forum BreachForums has resurfaced online, this time on a clearnet domain accessible without specialized tools like Tor. The platform, long a hub for data leaks, hacking tools, and illicit trades, went dark earlier this year following a series of law enforcement takedowns and internal disruptions. Now, just months later, it’s operational again, […]

The post Infamous Cybercriminal Forum BreachForums Is Back Again With a New Clear Net Domain appeared first on Cyber Security News.

Dell Technologies has disclosed three critical vulnerabilities in its Storage Manager software that could allow attackers to bypass authentication, disclose sensitive information, and gain unauthorized access to systems. Announced on October 24, 2025, these flaws affect versions of Dell Storage Manager up to 20.1.21 and pose significant risks to organizations relying on the tool for […]

The post Critical Dell Storage Manager Vulnerabilities Let Attackers Compromise System appeared first on Cyber Security News.

Hackers are actively exploiting a critical flaw in Microsoft’s Windows Server Update Services (WSUS), with security researchers reporting widespread attempts in the wild. The vulnerability, tracked as CVE-2025-59287, allows remote code execution on unpatched WSUS servers, potentially granting attackers full control over enterprise networks. As of October 27, 2025, firms monitoring global scan data have […]

The post Hackers Exploiting Microsoft WSUS Vulnerability In The Wild – 2800 Instances Exposed Online appeared first on Cyber Security News.

Law enforcement agencies from the United States and France have seized the onion leak website operated by the notorious Scattered LAPSUS$ Hunters collective, displaying a prominent seizure notice featuring logos from the FBI, Department of Justice, and international partners. This coordinated action, executed around October 9, 2025, targeted the BreachForums infrastructure, which the group had […]

The post Scattered LAPSUS$ Hunters Onion Leak Website Taken Down By Law-enforcement Agencies appeared first on Cyber Security News.

A new tool called EDR-Redir has emerged, allowing attackers to redirect or isolate the executable folders of popular Endpoint Detection and Response (EDR) solutions. Demonstrated by cybersecurity researcher TwoSevenOneT, the technique leverages Windows’ Bind Filter driver (bindflt.sys) and Cloud Filter driver (cldflt.sys) to undermine EDR protections without requiring kernel-level access. This user-mode exploit, rooted in […]

The post New EDR-Redir Tool Breaks EDR Exploiting Bind Filter and Cloud Filter Driver appeared first on Cyber Security News.

A sophisticated phishing technique called CoPhish exploits Microsoft Copilot Studio to trick users into granting attackers unauthorized access to their Microsoft Entra ID accounts. Dubbed by Datadog Security Labs, this method uses customizable AI agents hosted on legitimate Microsoft domains to wrap traditional OAuth consent attacks, making them appear trustworthy and bypassing user suspicions. The […]

The post New CoPhish Attack Exploits Copilot Studio to Exfiltrate OAuth Tokens appeared first on Cyber Security News.

Welcome to this week’s edition of the Cybersecurity Newsletter, where we dissect the latest threats, vulnerabilities, and disruptions shaping the digital landscape. As organizations navigate an increasingly complex threat environment, staying ahead of emerging risks has never been more critical. This week, we’re zeroing in on major incidents that underscore the fragility of cloud infrastructure, […]

The post Cybersecurity Newsletter Weekly – AWS Outage, WSUS Exploitation, Chrome Flaws, and RDP Attacks appeared first on Cyber Security News.

A high-severity vulnerability in BIND 9 resolvers has been disclosed, potentially allowing attackers to poison caches and redirect internet traffic to malicious sites. Tracked as CVE-2025-40778, the flaw affects over 706,000 exposed instances worldwide, as identified by internet scanning firm Censys. Assigned a CVSS score of 8.6, this issue stems from BIND’s overly permissive handling […]

The post 706,000+ BIND 9 Resolver Instances Vulnerable to Cache Poisoning Exposed Online – PoC Released appeared first on Cyber Security News.

The notorious LockBit ransomware operation has resurfaced with a vengeance after months of dormancy following Operation Cronos takedown efforts in early 2024. Despite law enforcement disruptions and infrastructure seizures, the group’s administrator, LockBitSupp, has successfully rebuilt the operation and launched LockBit 5.0, internally codenamed “ChuongDong.” This latest variant represents a significant evolution in the group’s […]

The post LockBit 5.0 Actively Attacking Windows, Linux, and ESXi Environments appeared first on Cyber Security News.

A sophisticated backdoor named Android.Backdoor.Baohuo.1.origin has been discovered in maliciously modified versions of Telegram X messenger, granting attackers complete control over victims’ accounts while operating undetected. The malware infiltrates devices through deceptive in-app advertisements and third-party app stores, masquerading as legitimate dating and communication platforms. With more than 58,000 infected devices spread across approximately 3,000 […]

The post Hackers Weaponizing Telegram Messenger with Dangerous Android Malware to Gain Full System Control appeared first on Cyber Security News.

Southeast Asia’s online gambling ecosystem has become a breeding ground for sophisticated cyber threats, with criminal networks leveraging seemingly legitimate platforms to distribute malicious software to millions of unsuspecting users. A recently uncovered operation demonstrates how threat actors exploit the region’s thriving illegal gambling market by deploying a weaponized browser disguised as a privacy tool. […]

The post Vault Viper Exploits Online Gambling Websites Using Custom Browser to Install Malicious Program appeared first on Cyber Security News.

Cybercriminals have adopted a sophisticated social engineering strategy that exploits the trust inherent in job hunting, according to a recent security advisory. A financially motivated threat cluster operating from Vietnam has been targeting digital advertising and marketing professionals through fake job postings on legitimate employment platforms and custom-built recruitment websites. The campaign, which leverages remote […]

The post Google Warns of Threat Actors Using Fake Job Posting to Deliver Malware and Steal Credentials appeared first on Cyber Security News.