Cyber Security News

A critical vulnerability in Cursor IDE, the rapidly growing AI-powered development environment, enables persistent remote code execution through manipulation of the Model Context Protocol (MCP) system. The vulnerability, tracked as CVE-2025-54136 and dubbed “MCPoison,” exploits a trust validation flaw that allows attackers to execute arbitrary commands on developer machines without triggering security warnings. Cursor IDE […]

The post New MCPoison Attack Leverages Cursor IDE MCP Validation to Execute Arbitrary System Commands appeared first on Cyber Security News.

SSL certificates are used everywhere from websites and APIs to mobile apps, internal tools and CI/CD pipelines. While most teams know they’re important, they often don’t manage them well. Certificates are usually forgotten until something breaks. If they expire, get misused, or aren’t monitored, they turn into easy targets for attackers. A small mistake in […]

The post How Certificate Mismanagement Opens The Door For Phishing And MITM Attacks appeared first on Cyber Security News.

Cybersecurity is about staying one step ahead. The security of business assets hinges on proactive threat detection and rapid response powered by data. Every security system and service from network monitoring and incident response to analytics depends on continuous data feeds to function effectively.   The Foundation: Quality Threat Data  Effective cybersecurity hinges on data quality. […]

The post How To Get Real-Time IOCs From Incidents Across 15K SOCs  appeared first on Cyber Security News.

A critical vulnerability in Streamlit, the popular open-source framework for building data applications, enables attackers to conduct cloud account takeover attacks.  The flaw, discovered in February 2025, exploits weaknesses in Streamlit’s st.file_uploader component to bypass file type restrictions and gain unauthorized access to cloud instances running Streamlit applications. The vulnerability demonstrates how seemingly minor components […]

The post New Streamlit Vulnerability Allows Hackers to Launch Cloud Account Takeover Attacks appeared first on Cyber Security News.

Perplexity AI, an emerging question-answering engine powered by advanced large language models, has recently come under scrutiny for deploying stealth crawling techniques that bypass standard web defenses. Initially launched with transparent intentions, Perplexity’s crawlers would identify themselves via declared user agents such as PerplexityBot/1.0, respecting robots.txt directives and web application firewall (WAF) rules. However, in […]

The post Cloudflare Accuses Perplexity AI For Evading Firewalls and Crawling Websites by Changing User Agent appeared first on Cyber Security News.

A sophisticated phishing campaign attributed to the Pakistan-linked APT36 group has emerged as a serious threat to Indian government infrastructure. First detected in early August 2025, this operation leverages typo-squatted domains designed to mimic official government login portals. When unsuspecting users enter their email IDs and passwords, they are redirected to counterfeit pages that replicate […]

The post APT36 Hackers Attacking Indian Government Entities to Steal Login Credentials appeared first on Cyber Security News.

A sophisticated North Korean cryptocurrency theft campaign has resurfaced with renewed vigor, weaponizing twelve malicious NPM packages to target developers and steal digital assets. The campaign, which represents a significant escalation in supply chain attacks, exploits the trust developers place in open-source package repositories to distribute advanced malware capable of cross-platform data exfiltration. The attack […]

The post North Korean Hackers Weaponizing NPM Packages to Steal Cryptocurrency and Sensitive Data appeared first on Cyber Security News.

Cisco has confirmed it was the target of a cyberattack where a malicious actor successfully stole the basic profile information of an undisclosed number of users registered on Cisco.com. The technology giant revealed that the breach occurred after an employee was deceived by a sophisticated voice phishing, or “vishing,” attack. The incident, which Cisco became […]

The post Cisco Hacked – Attackers Stole Profile Details of Users Registered on Cisco.com appeared first on Cyber Security News.

North Korean state-sponsored cyber-espionage group Kimsuky has unveiled a sophisticated new campaign targeting South Korean entities through malicious Windows shortcut (LNK) files, demonstrating the group’s continued evolution in stealth and precision. The campaign combines tailored social engineering with advanced malware frameworks designed to systematically infiltrate government agencies, defense contractors, and research organizations while evading traditional […]

The post Kimsuky APT Hackers Weaponizing LNK Files to Deploy Reflective Malware Bypassing Windows Defender appeared first on Cyber Security News.

SonicWall has issued an urgent security advisory following a significant increase in cyber incidents targeting its Gen 7 SonicWall firewalls over the past 72 hours. The company is actively investigating a wave of attacks that appear to be focused on devices where the Secure Sockets Layer Virtual Private Network (SSLVPN) feature is enabled. In a […]

The post SonicWall Warns of Escalating Cyberattacks Targeting Gen 7 Firewalls in Last 72 Hours appeared first on Cyber Security News.

A sophisticated attack method where hackers are exploiting a deserialization vulnerability in SharePoint to steal Internet Information Services (IIS) Machine Keys. This enables attackers to bypass security measures, forge trusted data, and ultimately achieve persistent Remote Code Execution (RCE) on compromised servers. According to SANS researcher Bojan Zdrnja, the attack begins with the exploitation of […]

The post Hackers Can Steal IIS Machine Keys by Exploiting SharePoint Deserialization Vulnerability appeared first on Cyber Security News.

North Korean-linked Famous Chollima APT group has emerged as a sophisticated threat actor, orchestrating targeted campaigns against job seekers and organizations through deceptive recruitment processes. Active since December 2022, this advanced persistent threat has developed an intricate multi-stage attack methodology that exploits the trust inherent in professional networking and job-seeking activities. The group’s operations represent […]

The post Famous Chollima APT Hackers Attacking Job Seekers and Organization to Deploy JavaScript Based Malware appeared first on Cyber Security News.

French luxury fashion house Chanel has become the latest victim in a sophisticated cybercrime campaign targeting major corporations through their Salesforce customer relationship management systems. The company confirmed on July 25, 2025, that unauthorized threat actors had breached a database containing personal information of U.S. customers who contacted their client care center. The breach exposed […]

The post Fashion Giant Chanel Hacked in Wave of Salesforce Attacks appeared first on Cyber Security News.

Google released its August 2025 Android Security Bulletin on August 4, revealing a critical vulnerability that poses significant risks to Android device users worldwide.  The most severe flaw, designated CVE-2025-48530, affects the core System component and could enable remote code execution without requiring any user interaction, making it particularly dangerous for millions of Android devices […]

The post Critical Android System Component Vulnerability Allows Remote Code Execution Without User Interaction appeared first on Cyber Security News.

A sophisticated new Android malware campaign has emerged targeting Indian banking customers through convincing impersonations of popular financial applications. The malicious software masquerades as legitimate apps from major Indian financial institutions, including SBI Card, Axis Bank, Indusind Bank, ICICI, and Kotak, deceiving users into downloading fake applications that steal sensitive financial information. The malware operates […]

The post New Android Malware Mimics as SBI Card, Axis Bank Apps to Steal Users Financial Data appeared first on Cyber Security News.

A critical vulnerability chain in NVIDIA’s Triton Inference Server that allows unauthenticated attackers to achieve complete remote code execution (RCE) and gain full control over AI servers.  The vulnerability chain, identified as CVE-2025-23319, CVE-2025-23320, and CVE-2025-23334, exploits the server’s Python backend through a sophisticated three-step attack process involving shared memory manipulation. Key Takeaways1. CVE-2025-23319 chain […]

The post NVIDIA Triton Vulnerability Chain Let Attackers Take Over AI Server Control appeared first on Cyber Security News.

The sudden emergence of the Royal ransomware in early 2023 marked a significant escalation in cyber threats targeting service providers across Europe. Exploiting unpatched VPN and remote-desktop gateways, attackers initiated brute-force and credential-stuffing campaigns to breach perimeter defenses. Once inside, the malware deployed a custom encryption engine that leveraged AES-256 for file encryption and RSA-4096 […]

The post Ransomware Attack on Phone Repair and Insurance Company Cause Millions in Damage appeared first on Cyber Security News.

Two high-severity vulnerabilities in Anthropic’s Claude Code could allow attackers to escape restrictions and execute unauthorized commands. Most remarkably, Claude itself unwittingly assisted in developing the exploits used against its own security mechanisms. The vulnerabilities uncovered by Elad Beber from Cymulate, CVE-2025-54794 and CVE-2025-54795, demonstrate how AI systems’ analytical capabilities can be turned against their […]

The post Claude Vulnerabilities Let Attackers Execute Unauthorized Commands With its Own Help appeared first on Cyber Security News.

The cybersecurity landscape has witnessed an unprecedented evolution as threat actors increasingly weaponize artificial intelligence to amplify their attack capabilities and target the very AI systems organizations depend upon. According to the CrowdStrike 2025 Threat Hunting Report, adversaries are no longer merely using AI as an auxiliary tool but have integrated generative AI technologies into […]

The post Threat Actors Using AI to Scale Operations, Accelerate Attacks and Attack Autonomous AI Agents appeared first on Cyber Security News.

A sophisticated new cybercriminal campaign has emerged, leveraging a Python-based information stealer known as PXA Stealer to orchestrate one of the most extensive data theft operations observed in recent months. The malware, which first surfaced in late 2024, has evolved into a highly evasive multi-stage operation that has successfully compromised over 4,000 unique victims across […]

The post New Python-Based PXA Stealer Via Telegram Stolen 200,000 Unique Passwords and Hundreds of Credit Cards appeared first on Cyber Security News.