Cyber Security News

A sophisticated spear phishing campaign targeting Polish organizations, where threat actors successfully exploited the CVE-2024-42009 vulnerability in Roundcube webmail systems.  The attack enables JavaScript execution upon opening malicious emails, leading to credential theft through an advanced Service Worker-based approach. Security researchers attribute this campaign to UNC1151, a threat group associated with Belarusian government operations and […]

The post Hackers Exploiting Roundcube Vulnerability to Steal User Credentials appeared first on Cyber Security News.

A sophisticated Iranian cyberespionage group has maintained undetected access to government networks across Iraq and the Kurdistan Regional Government for nearly eight years, representing one of the longest-running advanced persistent threat campaigns in the Middle East. The group, designated as BladedFeline by security researchers, has been operating since at least 2017, systematically targeting Kurdish diplomatic […]

The post Iranian APT ‘BladedFeline’ Stays Silent in Organizations Network for 8 Years appeared first on Cyber Security News.

A previously unknown zero-click vulnerability in Apple’s iMessage appears to have been exploited by sophisticated threat actors targeting high-profile individuals across the United States and the European Union. The vulnerability, dubbed “NICKNAME,” affected iOS versions up to 18.1.1 and was silently patched by Apple in iOS 18.3. The discovery, made by cybersecurity firm iVerify, reveals […]

The post Hackers Using New Sophisticated iMessage 0-Click Exploit to Attack iPhone Users appeared first on Cyber Security News.

CISA has issued an urgent warning about a critical zero-day vulnerability in Google Chrome’s V8 JavaScript engine that is being actively exploited by cybercriminals to execute arbitrary code on victims’ systems. On June 5, 2025, CISA added CVE-2025-5419 to its Known Exploited Vulnerabilities (KEV) Catalog, confirming that threat actors are leveraging this high-severity flaw in […]

The post CISA Warns of Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code appeared first on Cyber Security News.

A sophisticated malware campaign targeting WordPress administrators has been discovered, utilizing a deceptive caching plugin to steal login credentials and compromise website security.  Security researchers have identified a malicious plugin disguised as “wp-runtime-cache” that specifically targets users with administrative privileges, exfiltrating sensitive authentication data to external servers controlled by cybercriminals. Fake WordPress Cache Steals Logins […]

The post WordPress Admins Beware! Fake Cache Plugin that Steals Admin Logins appeared first on Cyber Security News.

Multiple Cross-Site Scripting (XSS) vulnerabilities in the VMware NSX network virtualization platform could allow malicious actors to inject and execute harmful code.  The security bulletin published on June 4, 2025, details three distinct vulnerabilities affecting VMware NSX Manager UI, gateway firewall, and router port components, with CVSS base scores ranging from 5.9 to 7.5. CVE-2025-22243: […]

The post VMware NSX XSS Vulnerability Allows Attackers to Inject Malicious Code appeared first on Cyber Security News.

A high-severity vulnerability has been discovered in Cisco’s Nexus Dashboard Fabric Controller (NDFC) that could allow unauthenticated attackers to impersonate managed network devices through compromised SSH connections.  The vulnerability, tracked as CVE-2025-20163, carries a CVSS base score of 8.7 and affects all versions of Cisco NDFC regardless of device configuration.  Security researchers from REQON B.V. […]

The post Cisco Nexus Dashboard Vulnerability Lets Attackers Impersonate as Managed Devices appeared first on Cyber Security News.

The cybersecurity landscape faces a growing threat from sophisticated botnet operations targeting Internet of Things (IoT) devices, with recent developments highlighting the vulnerability of connected cameras and smart devices. While specific details about the Eleven11bot malware remain limited in publicly available research, the broader context reveals an alarming trend of attackers exploiting poorly secured IP […]

The post New Eleven11bot Hacked 86,000 IP Cameras for Massive DDoS Attack appeared first on Cyber Security News.

A significant vulnerability in Cisco’s Integrated Management Controller (IMC) that allows malicious actors to gain elevated privileges and access internal services without proper authorization.  This vulnerability poses substantial risks to enterprise networks relying on Cisco’s server management infrastructure, potentially enabling attackers to compromise critical systems and sensitive data. Cisco IMC Privilege Escalation Flaw The Cisco […]

The post Cisco IMC Vulnerability Attackers to Access Internal Services with Elevated Privileges appeared first on Cyber Security News.

In the high-stakes world of cybercrime, few tools have garnered as much attention as Lumma Infostealer. Emerging as a powerful malware-as-a-service (MaaS) offering, Lumma achieved notoriety for its wide-reaching impact on both individuals and enterprises. Its main function is to harvest sensitive information—ranging from browser credentials to cryptocurrency wallet data—making it a favored weapon not […]

The post Lumma Infostealers Developers Trying Hard To Conduct Business As Usual appeared first on Cyber Security News.

Federal authorities have revealed that the notorious Play ransomware group has successfully breached approximately 900 organizations worldwide as of May 2025, marking a dramatic escalation in cybercriminal activity that has prompted an urgent security advisory from multiple government agencies. The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s […]

The post Play Ransomware Hacked 900 Organizations, CISA Released TTPs & IOCs appeared first on Cyber Security News.

A critical vulnerability affecting its Identity Services Engine (ISE) when deployed on major cloud platforms, warning that proof-of-concept exploit code is now publicly available.  The flaw, tracked as CVE-2025-20286 with a CVSS score of 9.9, enables unauthenticated remote attackers to access sensitive data and execute administrative operations across multiple cloud deployments due to improperly generated […]

The post Cisco ISE Vulnerability Allows Remote to Access Sensitive Data – PoC Exploit Available appeared first on Cyber Security News.

A sophisticated phishing technique that exploits Microsoft Outlook‘s HTML rendering capabilities to hide malicious links from corporate security systems while maintaining their effectiveness against end users.  The attack leverages conditional HTML statements to display different content depending on whether the email is viewed in Outlook or alternative email clients, allowing threat actors to bypass security […]

The post New Phishing Attack that Hides Malicious Link from Outlook Users appeared first on Cyber Security News.

A critical vulnerability in the popular network protocol analyzer Wireshark has been discovered, allowing attackers to trigger denial-of-service (DoS) attacks through packet injection or the use of malformed capture files. The security flaw, identified as CVE-2025-5601, affects millions of users worldwide who rely on Wireshark for network troubleshooting and analysis. The vulnerability, officially designated as […]

The post Wireshark Vulnerability Enables DoS Attack Through Malicious Packet Injection appeared first on Cyber Security News.

Business Email Compromise (BEC) attacks don’t need malware to do damage. All it takes is one convincing message; a fake login prompt, a cleverly disguised link, and an employee’s credentials are gone. From there, attackers can quietly access inboxes, exfiltrate sensitive documents, and impersonate executives for financial fraud.  The worst part is that these attacks […]

The post Business Email Compromise Attacks: How To Detect Them Early  appeared first on Cyber Security News.

A sophisticated new Android banking Trojan named Crocodilus has emerged as a significant global threat, demonstrating advanced device-takeover capabilities that grant cybercriminals unprecedented control over infected smartphones. First discovered in March 2025, this malware has rapidly evolved from localized test campaigns to a worldwide operation targeting financial institutions and cryptocurrency platforms across multiple continents. The […]

The post New Crocodilus Malware Let Attacker Gain Full Control of Your Android Device appeared first on Cyber Security News.

Anat Heilper is redefining what it means to be a technical leader in AI, not by following the path but by architecting it from the ground up. Having served in key boundary-pushing roles such as the Director of AI and Advanced Technologies at Intel and the Chief Software Architect for AI accelerator products at Intel, […]

The post Composing The Future Of AI: How Anat Heilper Orchestrates Breakthroughs In Silicon And Software appeared first on Cyber Security News.

Aembit, the workload identity and access management (IAM) company, today announced its inclusion in Rising in Cyber 2025, an independent list launched by Notable Capital to spotlight the 30 most promising cybersecurity startups shaping the future of security. Unlike traditional rankings, Rising in Cyber 2025 honorees were selected through a multi-stage process grounded in real-world validation. […]

The post Aembit Named to Rising in Cyber 2025 List of Top Cybersecurity Startups appeared first on Cyber Security News.

Multiple severe vulnerabilities in IBM QRadar Suite Software that could allow attackers to access sensitive configuration files and compromise enterprise security infrastructures.  The most severe vulnerability, tracked as CVE-2025-25022, carries a CVSS base score of 9.6 and enables unauthenticated users to obtain highly sensitive information from configuration files.  These vulnerabilities affect IBM Cloud Pak for […]

The post IBM QRadar Vulnerabilities Let Attackers Access Sensitive Configuration Files appeared first on Cyber Security News.

Windows authentication coercion attacks continue to pose substantial risks to enterprise Active Directory environments in 2025, despite Microsoft’s ongoing efforts to implement protective measures.  These sophisticated attacks allow threat actors with minimal privileges to gain administrative access to Windows workstations and servers, potentially compromising entire corporate networks within hours of initial infiltration. Attack Techniques Exploiting […]

The post Windows Authentication Coercion Attacks Pose Significant Threats to Enterprise Networks appeared first on Cyber Security News.