Cyber Security News

Cisco has disclosed multiple critical security vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow unauthenticated remote attackers to execute arbitrary commands with root privileges on affected systems. The vulnerabilities, assigned CVE identifiers CVE-2025-20281, CVE-2025-20282, and CVE-2025-20337, all carry the maximum CVSS score of 10.0, indicating the most […]

The post Critical Cisco ISE Vulnerability Allows Remote Attacker to Execute Commands as Root User appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated malware campaign targeting WordPress websites through an ingenious ZIP archive-based attack mechanism. The malware, first reported in July 2025, represents a significant evolution in web-based threats, utilizing advanced obfuscation techniques and stealthy persistence methods to redirect unsuspecting visitors to malicious domains while simultaneously conducting search engine optimization poisoning operations. […]

The post Threat Actors Weaponize WordPress Websites to Redirect Visitors to Malicious Websites appeared first on Cyber Security News.

Chinese state-sponsored hackers known as Salt Typhoon successfully infiltrated and maintained persistent access to a U.S. state’s Army National Guard network for nearly ten months, from March 2024 through December 2024, according to a Department of Homeland Security memo obtained by NBC News. The sophisticated cyberespionage campaign represents a significant escalation in Beijing’s ongoing cyber […]

The post Chinese ‘Salt Typhoon’ Hackers Hijacked US National Guard Network for Nearly a Year appeared first on Cyber Security News.

A sophisticated cyberattack campaign emerged in July 2025, weaponizing Microsoft Teams calls to deploy the latest iteration of Matanbuchus ransomware. The attack begins with adversaries impersonating IT helpdesk personnel through external Teams calls, leveraging social engineering tactics to convince employees to execute malicious scripts. During these fraudulent support sessions, attackers activate Quick Assist and instruct […]

The post Microsoft Teams Call Weaponized to Deploy and Execute Matanbuchus Ransomware appeared first on Cyber Security News.

A sophisticated cybercrime group dubbed “Dark Partners” has emerged as a significant threat to cryptocurrency users worldwide, orchestrating large-scale theft campaigns through an extensive network of fake websites impersonating AI tools, VPN services, and popular software brands. Active since at least May 2025, this financially motivated group has deployed a complex infrastructure spanning over 250 […]

The post Dark Partners Hackers Group Wiping Crypto Wallets With Fake Ai Tools and VPN Services appeared first on Cyber Security News.

How do you lead a security team when threats evolve faster than your tools? It’s a challenge many CISOs face daily. Detection gaps, constant alert noise, and slow incident response make it harder to protect the organization and support the team.  The real issue often comes down to visibility. Without seeing how a threat actually […]

The post Top 3 CISO Challenges And How To Solve Them  appeared first on Cyber Security News.

Dozens of Fortinet FortiWeb instances have been compromised with webshells in a widespread hacking campaign, according to the threat monitoring organization The Shadowserver Foundation. The attacks are linked to a critical vulnerability, tracked as CVE-2025-25257, for which public proof-of-concept (PoC) exploits were released just days ago. Key Takeaways1. A critical flaw in Fortinet FortiWeb is […]

The post Fortinet FortiWeb Instances Hacked With Webshells Following Public PoC Exploits appeared first on Cyber Security News.

A sophisticated MacOS malware campaign dubbed NimDoor has emerged, targeting Web3 and cryptocurrency organizations through weaponized Zoom SDK updates. The malware, attributed to North Korea-linked threat actors likely associated with Stardust Chollima, represents a significant evolution in offensive capabilities against MacOS systems, having been active since at least April 2025. The attack orchestration begins with […]

The post MacOS Malware NimDoor Weaponizing Zoom SDK Update to Steal Keychain Credentials appeared first on Cyber Security News.

Hong Kong’s financial sector is contending with a fresh surge of SquidLoader samples that glide past conventional defenses with almost no antivirus flags. First spotted in early July 2025, the loader arrives through carefully worded spear-phishing emails written in Simplified Chinese and bearing password-protected RAR attachments masquerading as legitimate bond-registration paperwork. Once the user extracts […]

The post SquidLoader Using Sophisticated Malware With Near-Zero Detection to Swim Under Radar appeared first on Cyber Security News.

A critical design flaw in Microsoft’s latest Windows Server 2025 enables attackers to bypass authentication and generate passwords for all managed service accounts across enterprise networks. The vulnerability, dubbed “Golden dMSA,” exploits a fundamental weakness in the newly introduced delegated Managed Service Accounts (dMSAs) that reduces complex cryptographic protections to a trivial brute-force attack requiring […]

The post Windows Server 2025 Golden dMSA Attack Enables Authentication Bypass and Password Generation appeared first on Cyber Security News.

Google’s revolutionary AI-powered security tool, Big Sleep, has achieved a groundbreaking milestone by discovering and preventing the exploitation of a critical SQLite 0-day vulnerability, marking the first time an artificial intelligence agent has directly thwarted active cyber threats in the wild.  The discovery of CVE-2025-6965, a severe security flaw that was known only to threat […]

The post Google’s AI Tool Big Sleep Uncovered Critical SQLite 0-Day Vulnerability and Blocks Active Exploitation appeared first on Cyber Security News.

The curl development team has announced the release of curl 8.15.0 on July 16, 2025, marking the 269th release of the popular command-line tool and libcurl library.  This update brings 233 documented bugfixes and represents 334 commits from the development community, showcasing continued active maintenance of the critical networking tool used by millions of developers […]

The post curl 8.15.0 Released With 233 Bugfixes and 334 Commits – Update Now appeared first on Cyber Security News.

AI assistant systems were successfully exploited by using a crafted Gmail message to trigger code execution through Claude Desktop while bypassing built-in security protections.  The attack exploits the Model Context Protocol (MCP) ecosystem, where individual components remain secure in isolation but create dangerous attack surfaces when combined.  Key Takeaways1. Attack succeeded by chaining secure components […]

The post Gmail Message Used to Trigger Code Execution in Claude and Bypass Protections appeared first on Cyber Security News.

Oracle released its July 2025 Critical Patch Update on July 15, addressing 309 security vulnerabilities across its extensive product portfolio.  This quarterly security update represents one of the most comprehensive patches in recent history, targeting critical flaws in database systems, middleware, cloud applications, and enterprise software that could potentially expose organizations to severe cyberattacks. The […]

The post Oracle Critical Security Update – 309 Vulnerabilities with 145 Remotely Exploitable Patched appeared first on Cyber Security News.

A critical security vulnerability has been discovered in Vim, the popular open-source command line text editor used by millions of developers worldwide.  The vulnerability, designated as CVE-2025-53906, affects the zip.vim plugin and enables attackers to overwrite arbitrary files through specially crafted zip archives.  Key Takeaways1. CVE-2025-53906, Vim's zip.vim plugin is vulnerable to path traversal attacks […]

The post Vim Command Line Text Editor Vulnerability Let Attackers Overwrite Sensitive Files appeared first on Cyber Security News.

Iranian cyber operatives have intensified their assault on American critical infrastructure, with Intelligence Group 13 emerging as a primary threat actor targeting water treatment facilities, electrical grids, and industrial control systems across the United States. The group, operating under the umbrella of the Islamic Revolutionary Guard Corps (IRGC) Shahid Kaveh Cyber Group, has demonstrated sophisticated […]

The post Iranian Threat Actors Attacking U.S. Critical Infrastructure Including Water Systems appeared first on Cyber Security News.

Multiple severe vulnerabilities have been addressed affecting VMware ESXi, Workstation, Fusion, and Tools that could allow attackers to execute malicious code on host systems.  The vulnerabilities, identified as CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, and CVE-2025-41239, carry CVSS scores ranging from 6.2 to 9.3, with three classified as critical severity.  Security researchers discovered these flaws through the Pwn2Own […]

The post VMware ESXi and Workstation Vulnerabilities Let Attackers Execute Malicious Code on Host appeared first on Cyber Security News.

A sophisticated new credential stealer disguised as a legitimate forensic toolkit has emerged on GitHub, targeting sensitive user data including VPN configurations, browser credentials, and cryptocurrency wallet information. The Octalyn Stealer, first identified in July 2025, presents itself as an educational research tool while functioning as a fully operational malware designed for large-scale data theft […]

The post Octalyn Stealer Steals VPN Configurations, Passwords and Cookies in Structured Folders appeared first on Cyber Security News.

North Korean threat actors have escalated their software supply chain attacks with the deployment of 67 malicious npm packages that collectively garnered over 17,000 downloads before detection. This latest campaign represents a significant expansion of the ongoing “Contagious Interview” operation, introducing a previously unreported malware loader dubbed XORIndex alongside the existing HexEval Loader infrastructure. The […]

The post North Korean Hackers Weaponized 67 Malicious npm Packages to Deliver XORIndex Malware appeared first on Cyber Security News.

A massive network of fraudulent news websites has been uncovered, with cybersecurity researchers identifying over 17,000 Baiting News Sites (BNS) across 50 countries orchestrating sophisticated investment fraud schemes. These malicious platforms masquerade as legitimate news outlets, publishing fabricated stories featuring well-known public figures and respected financial institutions to build trust and lure unsuspecting victims into […]

The post BaitTrap – 17,000+ Fake News Websites Caught Promoting Investment Frauds appeared first on Cyber Security News.