Aggregator

Windows 365 Cloud PCs now come with new default settings aimed at preventing / minimizing data exfiltration and malicious exploits, Microsoft has announced. Windows 365 Cloud PCs are Azure (i.e., Windows 365 service)-hosted virtual Windows PCs the company offers as a service. They are accessible from any modern device with internet access, and provide users with their own “always-on” Cloud PC with saved state and settings. They are often provisioned by enterprises who offer remote … More →

The post Microsoft boosts default security of Windows 365 Cloud PCs appeared first on Help Net Security.

A new Android botnet malware named AntiDot has emerged as a formidable threat, granting cybercriminals unprecedented control over infected devices. Operated and sold by LARVA-398 as a Malware-as-a-Service (MaaS) on underground forums like XSS, AntiDot is marketed as a “3-in-1” tool, bundling a loader, packer, and botnet infrastructure into a single devastating package. This malware’s […]

The post AntiDot 3-in-1 Android Botnet Malware Grants Attackers Full Control Over Victim Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A severe security vulnerability has been discovered in the widely-used Insomnia API Client that allows attackers to execute arbitrary code through malicious template injection. The vulnerability, tracked as CVE-2025-1087 and assigned a critical CVSS score of 9.3, affects the popular API testing tool developed by Kong and remains exploitable in the latest version 11.2.0 despite […]

The post Insomnia API Client Vulnerability Arbitrary Code Execution via Template Injection appeared first on Cyber Security News.

You must login to view this content

You must login to view this content

You must login to view this content

You must login to view this content

Cybercriminals have discovered a sophisticated new method to distribute malicious remote access tools by exploiting Vercel, a legitimate frontend hosting platform, to host convincing phishing pages that deliver weaponized versions of LogMeIn software. This emerging threat demonstrates how attackers increasingly abuse trusted infrastructure to bypass security measures and gain unauthorized access to victims’ systems. The […]

The post Threat Actors Leverage Hosting Platform Vercel to Deliver Remote Access Malware appeared first on Cyber Security News.

Oxford City Council has confirmed it was the target of a sophisticated cyberattack that resulted in the exposure of personal data belonging to employees, including those involved in council-administered elections over the past two decades. The council detected an unauthorised presence within its network last week, prompting immediate action from its automated security systems. These […]

The post Oxford City Council Hit by Cyberattack Exposing Employee Personal Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A newly disclosed set of vulnerabilities in Versa Networks’ SD-WAN orchestration platform, Versa Director, with the flaws enabling authenticated attackers to upload malicious files and execute arbitrary commands on affected systems. The vulnerabilities, tracked as CVE-2025-23171 and CVE-2025-23172, stem from insecure file upload and webhook functionalities, both carrying a CVSS score of 7.2, indicating high […]

The post Versa Director Flaws Let Attackers Execute Arbitrary Commands appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.