Cyber Security News

Grafana Labs has disclosed a critical security vulnerability affecting Grafana Enterprise that could allow attackers to escalate privileges and impersonate users. The flaw, tracked as CVE-2025-41115, has received the maximum CVSS score of 10.0, making it one of the most severe vulnerabilities discovered in recent times. The vulnerability exists in Grafana’s SCIM (System for Cross-domain Identity […]

The post Critical Grafana Vulnerability Let Attackers Escalate Privilege appeared first on Cyber Security News.

A critical security vulnerability has been discovered in ASUSTOR backup and synchronization software, allowing attackers to execute malicious code with elevated system privileges. The flaw, tracked as CVE-2025-13051, affects two widely used ASUSTOR applications and poses a significant risk to users running outdated versions. The DLL Hijacking Vulnerability The vulnerability stems from a DLL hijacking […]

The post Critical ASUSTOR Vulnerability Let Attackers Execute Malicious Code with Elevated Privileges appeared first on Cyber Security News.

Microsoft has introduced a practical new feature in Windows 11 designed specifically for public-facing monitors and signage. This new mode ensures that the dreaded Blue Screen of Death (BSOD) and other disruptive error dialogs are hidden from view on non-interactive displays. Whether the machine is powering a digital restaurant menu, an airport flight schedule, or […]

The post Windows 11 to Hide BSOD Crash Errors on Public Displays appeared first on Cyber Security News.

SonicWall has disclosed a critical stack-based buffer overflow vulnerability in its SonicOS SSLVPN service. That allows remote unauthenticated attackers to crash firewalls through denial-of-service attacks. The vulnerability was internally discovered and reported by SonicWall’s security team. The flaw, tracked as CVE-2025-40601, carries a CVSS score of 7.5 and affects multiple generations of SonicWall firewall products. Field […]

The post SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely appeared first on Cyber Security News.

OpenAI has launched GPT-5.1-Codex-Max, a specialized coding model designed to handle complex development tasks autonomously. The new system represents a significant leap in agentic AI capabilities, enabling machines to work on coding projects with minimal human intervention. GPT-5.1-Codex-Max operates differently from general-purpose AI models. Built specifically for software engineering, the model features compaction technology that enables it to […]

The post OpenAI Releases GPT-5.1-Codex-Max that Performs Coding Tasks Independently appeared first on Cyber Security News.

The U.S. Department of the Treasury, Australia, and the United Kingdom have announced coordinated sanctions against Media Land. This Russia-based bulletproof hosting company provides infrastructure to ransomware and other cybercriminals. The U.S. Federal Bureau of Investigation also coordinated the action targeting the company’s leadership team and related entities. Bulletproof hosting providers offer specialized servers designed […]

The post Authorities Sanctioned Russia-based Bulletproof Hosting Provider for Supporting Ransomware Operations appeared first on Cyber Security News.

Salesforce has issued a critical security alert identifying “unusual activity” involving Gainsight-published applications connected to customer environments. The CRM giant’s investigation indicates that this activity may have enabled unauthorized access to Salesforce data through the applications’ external connections. In an immediate response to contain the threat, Salesforce has revoked all active access and refresh tokens […]

The post Salesforce Confirms that Customers’ Data Was Accessed Following the Gainsight Breach appeared first on Cyber Security News.

The notorious Clop ransomware gang has listed Oracle on its dark web leak site, alleging a successful breach of the tech giant’s internal systems. This development is part of a massive extortion campaign exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS), designated as CVE-2025-61882. The group, tracked as Graceful Spider, claims to have […]

The post Oracle Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack appeared first on Cyber Security News.

A critical remote code execution flaw in Microsoft’s Windows Graphics Component allows attackers to seize control of systems using specially crafted JPEG images. With a CVSS score of 9.8, this vulnerability poses a severe threat to Windows users worldwide, as it requires no user interaction for exploitation. Discovered in May 2025 and patched by Microsoft […]

The post Critical Windows Graphics Vulnerability Lets Hackers Seize Control with a Single Image appeared first on Cyber Security News.

Tsundere represents a significant shift in botnet tactics, leveraging the power of legitimate Node.js packages and blockchain technology to distribute malware across multiple operating systems. First identified around mid-2025 by Kaspersky GReAT researchers, this botnet demonstrates the evolving sophistication of supply chain attacks. The threat originates from activity first observed in October 2024, where attackers […]

The post Tsundere Botnet Abusing Popular Node.js and Cryptocurrency Packages to Attack Windows, Linux, and macOS Users appeared first on Cyber Security News.

A new banking malware called Sturnus has emerged as a significant threat to mobile users across Europe. Security researchers have discovered that this sophisticated Android trojan can capture encrypted messages from popular messaging apps like WhatsApp, Telegram, and Signal by accessing content directly from the device screen after decryption. The malware’s ability to monitor these […]

The post Sturnus Banking Malware Steals Communications from Signal and WhatsApp, Gaining Full Control of The Device appeared first on Cyber Security News.

The U.S. Attorney’s Office, Southern District of New York, has announced the sentencing of Keonne Rodriguez and William Lonergan Hill, co-founders of Samourai Wallet, a cryptocurrency mixing application designed specifically to hide illegal financial transactions. Rodriguez, who served as the Chief Executive Officer, received a five-year prison sentence on November 6, 2025, while Hill, the […]

The post Samourai Wallet Cryptocurrency Mixing Founders Jailed for Laundering Over $237 Million appeared first on Cyber Security News.

A new wave of ransomware attacks is targeting cloud storage environments, specifically focusing on Amazon Simple Storage Service (S3) buckets that contain critical business data. Unlike traditional ransomware that encrypts files using malicious software, these attacks exploit weak access controls and configuration mistakes in cloud environments to lock organizations out of their own data. As […]

The post New Ransomware Variants Targeting Amazon S3 Services Leveraging Misconfigurations and Access Controls appeared first on Cyber Security News.

A new global hacking campaign tracked as TamperedChef has emerged, exploiting everyday software names to trick users into installing malicious applications that deliver remote access tools. The campaign uses fake installers disguised as common programs like manual readers, PDF editors, and games, all equipped with valid code-signing certificates to appear legitimate. These applications are distributed […]

The post TamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access appeared first on Cyber Security News.

A sophisticated cyberattack targeting Oracle E-Business Suite (EBS) customers has exposed critical vulnerabilities in enterprise resource planning systems, compromising an estimated 100 organizations worldwide between July and October 2025. The campaign, attributed to the notorious Clop ransomware group and linked to the financially motivated threat actor FIN11, exploited a zero-day vulnerability, CVE-2025-61882, to achieve unauthenticated […]

The post Lessons from Oracle E-Business Suite Hack That Allegedly Compromises Nearly 30 Organizations Worldwide appeared first on Cyber Security News.

Trustwave SpiderLabs researchers have identified a sophisticated banking trojan called Eternidade Stealer that spreads through WhatsApp hijacking and social engineering tactics. The malware, written in Delphi, represents a significant evolution in Brazil’s cybercriminal landscape, combining advanced contact harvesting with credential theft targeting financial institutions. The threat emerges from a multi-stage infection chain that begins with […]

The post New Malware Via WhatsApp Exfiltrate Contacts to Attack Server and Deploys Malware appeared first on Cyber Security News.

Cybercriminals are rapidly embracing generative AI to transform the way they operate scams, making fraud operations faster, more convincing, and dramatically easier to scale. According to recent research, what once required months of work and specialized technical skills can now be accomplished in just a few hours by anyone with basic computer knowledge. The shift […]

The post GenAI Makes it Easier for Cybercriminals to Successfully Lure Victims into Scams appeared first on Cyber Security News.

A threat actor known as Zeroplayer has reportedly listed a zero-day remote code execution (RCE) vulnerability, combined with a sandbox escape, targeting Microsoft Office and Windows systems for sale on underground hacking forums. Priced at $30,000, the exploit purportedly works on most Office file formats, including the latest versions, and affects fully patched Windows installations. […]

The post Threat Actors Allegedly Selling Microsoft Office 0-Day RCE Vulnerability on Hacking Forums appeared first on Cyber Security News.

Hackers have unleashed over 2.3 million malicious sessions against Palo Alto Networks’ GlobalProtect VPN portals since November 14, 2025, according to threat intelligence firm GreyNoise. This surge, which intensified dramatically within 24 hours to reach a 40-fold increase, represents the highest activity level in the past 90 days and underscores growing risks to remote access […]

The post Hackers Attacking Palo Alto Networks’ GlobalProtect VPN Portals with 2.3 Million Attacks appeared first on Cyber Security News.

Your SOC generates thousands of alerts daily. Many of them are low-priority, repetitive, or false positives. On paper, this looks like a technical problem. In reality, it’s a business problem.  Every Alert Costs  When analysts are buried under thousands of notifications, they spend more time triaging noise than responding to real incidents. The result: slower reaction times, missed threats, staff burnout, and ballooning operational costs.  Every wasted minute translates into a weaker security posture, potential financial loss, and reduced return on your security investments. Alert overload doesn’t just impact your SOC.  It slows down […]

The post How to Solve Alert Overload in Your SOC  appeared first on Cyber Security News.