Cyber Security News

A large-scale phishing campaign was conducted by threat actors who abused Google Classroom to distribute over 115,000 malicious emails to more than 13,500 organizations globally. The campaign uncovered by Check Point unfolded in five distinct waves between August 6 and August 12, 2025, and weaponized the trusted educational platform to bypass conventional security filters. The […]

The post Hackers Leverage Google Classroom for 115,000+ Phishing Emails Targeting 13,500+ Organizations appeared first on Cyber Security News.

A newly observed malware campaign has emerged targeting a broad range of network appliances, including routers from DrayTek, TP-Link, Raisecom, and Cisco. Throughout July 2025, threat researchers observed a stealthy loader spread by exploiting unauthenticated command injection flaws in embedded web services. Initial compromise is achieved through straightforward HTTP requests, which silently deliver a downloader […]

The post New Stealthy Malware Exploiting Cisco, TP-Link and Other Routers to Gain Remote Control appeared first on Cyber Security News.

A comprehensive security analysis of vtenext CRM version 25.02 has revealed multiple critical vulnerabilities that allow unauthenticated attackers to bypass authentication mechanisms through three distinct attack vectors, ultimately leading to remote code execution on target systems.  The Italian CRM solution, utilized by numerous small and medium enterprises across Italy, faces significant security exposure despite attempted […]

The post Multiple vtenext Vulnerabilities Let Attackers Bypass Authentication and Execute Remote Codes appeared first on Cyber Security News.

Microsoft is rolling out a significant new administrative control feature in mid-September 2025 that will enable IT administrators to manage organization-wide sharing permissions for user-built Copilot agents.  The feature addresses growing enterprise concerns about governance and security in AI agent deployment across organizations. Key Takeaways1. Microsoft is introducing a tenant-level feature for managing Copilot agent […]

The post New Microsoft 365 Admin Feature Let Admins Control Link Creation Policies appeared first on Cyber Security News.

Incident response Tools or incident management software are essential security solutions to protect businesses and enterprises from cyber attacks. Our reliance on the internet is growing, and so make a threat to businesses, despite increased investments and expertise in cyber security. More data breaches and cyberattacks exist on organizations, governments, and individuals than ever before. […]

The post Top 15 Best Security Incident Response Tools In 2025 appeared first on Cyber Security News.

This past week was packed with high-severity disclosures and active exploitation reports across the global threat landscape. At the forefront, Apple rushed out emergency patches for yet another zero-day vulnerability affecting iOS, iPadOS, and macOS devices. The flaw, reportedly being exploited in the wild, highlights the continued trend of nation-state and surveillance actors leveraging critical […]

The post Weekly Cybersecurity News Recap : Apple 0-day, Chrome, Copilot Vulnerabilities and Cyber Attacks appeared first on Cyber Security News.

Phishing has always been about deceiving people. But in this campaign, the attackers weren’t only targeting users; they also attempted to manipulate AI-based defenses. This is an evolution of the Gmail phishing chain documented by Anurag last week. That campaign relied on urgency and redirects, but this one introduces hidden AI prompts designed to confuse […]

The post New Gmail Phishing Attack Uses AI Prompt Injection to Evade Detection appeared first on Cyber Security News.

A significant data exposure has revealed hundreds of thousands of private user conversations with Elon Musk’s AI chatbot, Grok, in public search engine results. The incident, stemming from the platform’s “share” feature, has made sensitive user data freely accessible online, seemingly without the knowledge or explicit consent of the users involved. The exposure was discovered […]

The post Hundreds of Thousands of Users’ Grok Chats Exposed in Google Search Results appeared first on Cyber Security News.

Microsoft is investigating a significant service incident within Exchange Online, identified as EX1137017, which is preventing some users from sending or receiving emails through the Outlook mobile application. The issue, which remains ongoing, specifically impacts customers utilizing Hybrid Modern Authentication (HMA), a common configuration for organizations that integrate on-premises Exchange servers with Exchange Online. The […]

The post Microsoft 365 Exchange Online Outage Blocks Email on Outlook Mobile App appeared first on Cyber Security News.

A network monitoring tool is software or hardware that helps businesses monitor their computer networks and learn more about their security, health, and performance. These tools record and examine network traffic, monitor network hardware, and give users immediate access to information on bandwidth usage, latency, packet loss, and other crucial network parameters. Network monitoring tools […]

The post 20 Best Network Monitoring Tools in 2025 appeared first on Cyber Security News.

Microsoft has officially confirmed that its August 2025 security update is causing significant performance problems for users of NDI (Network Device Interface) technology. Content creators, broadcasters, and IT professionals who installed the update are reporting severe lag, stuttering, and choppy audio/video when streaming between PCs, effectively disrupting production workflows that rely on the popular IP […]

The post Microsoft Confirms August 2025 Update Causes Severe Lag in Windows 11 24H2, and Windows 10 appeared first on Cyber Security News.

Microsoft has announced significant restrictions on email sending capabilities for organizations using default onmicrosoft.com domains, implementing a throttling system that limits external email delivery to 100 recipients per organization every 24 hours.  The policy change, announced through the Exchange Team Blog, aims to prevent spam abuse while encouraging organizations to migrate to custom domains for […]

The post Microsoft to Limit Onmicrosoft Domain Usage for Sending Emails appeared first on Cyber Security News.

A method to silently exfiltrate Windows secrets and credentials, evading detection from most Endpoint Detection and Response (EDR) solutions. This technique allows attackers who have gained an initial foothold on a Windows machine to harvest credentials for lateral movement across a network without triggering common security alerts. How Windows Manages Secrets The Local Security Authority […]

The post Hackers Can Exfiltrate Windows Secrets and Credentials Silently by Evading EDR Detection appeared first on Cyber Security News.

A sophisticated China-nexus threat actor designated MURKY PANDA has emerged as a significant cybersecurity concern, conducting extensive cyberespionage operations against government, technology, academic, legal, and professional services entities across North America since late 2024. This advanced persistent threat group demonstrates exceptional capabilities in cloud environment exploitation and trusted-relationship compromises, marking a concerning evolution in state-sponsored […]

The post Chinese MURKY PANDA Attacking Government and Professional Services Entities appeared first on Cyber Security News.

Cybercriminals are increasingly leveraging Virtual Private Server (VPS) infrastructure to orchestrate sophisticated attacks against Software-as-a-Service (SaaS) platforms, exploiting the anonymity and clean reputation of these hosting services to bypass traditional security controls. A coordinated campaign identified in early 2025 demonstrated how threat actors systematically abuse VPS providers like Hyonix, Host Universal, Mevspace, and Hivelocity to […]

The post Hackers Abuse VPS Servers To Compromise Software-as-a-service (SaaS) Accounts appeared first on Cyber Security News.

CISA has issued an urgent warning regarding a critical zero-day vulnerability affecting Apple’s iOS, iPadOS, and macOS operating systems that threat actors are actively exploiting.  The vulnerability, tracked as CVE-2025-43300, has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, signaling that immediate action is required from organizations and individual users to protect their systems […]

The post CISA Warns of Apple iOS, iPadOS, and macOS 0-day Vulnerability Exploited in Attacks appeared first on Cyber Security News.

A sophisticated traffic direction system known as Help TDS has been weaponizing compromised websites since 2017, transforming legitimate sites into gateways for elaborate tech support scams. The operation specializes in deploying PHP code templates that redirect unsuspecting visitors to fraudulent Microsoft Windows security alert pages designed to deceive users into believing their systems are compromised. […]

The post Help TDS Weaponize Legitimate Sites’ PHP Code Templates With Fake Microsoft Windows Security Alert Pages appeared first on Cyber Security News.

A sophisticated HTTP request smuggling attack that exploits inconsistent parsing behaviors between front-end proxy servers and back-end application servers.  This newly discovered technique leverages malformed chunked transfer encoding extensions to bypass established security controls and inject unauthorized secondary requests into web applications. Key Takeaways1. Exploits malformed HTTP chunked encoding to create front-end/back-end parsing discrepancies.2. Bypasses […]

The post New HTTP Smuggling Attack Technique Let Hackers Inject Malicious Requests appeared first on Cyber Security News.

A sophisticated cryptojacking campaign has emerged, exploiting misconfigured Redis servers across multiple continents to deploy cryptocurrency miners while systematically dismantling security defenses. The threat actor behind this operation, designated TA-NATALSTATUS, has been active since 2020 but has significantly escalated their activities throughout 2025, targeting exposed Redis instances with alarming success rates across major economies. The […]

The post New Cryptojacking Attack Exploits Redis Servers to Install Miners and Disable Defenses appeared first on Cyber Security News.

The Lumma information stealer has evolved from its 2022 origins into one of the most sophisticated malware-as-a-service (MaaS) ecosystems in the cybercriminal landscape. Operating through a vast network of affiliates, Lumma has established itself as the dominant infostealer platform, accounting for approximately 92% of stolen credential listings on major underground marketplaces by late 2024. The […]

The post Lumma Affiliates Using Advanced Evasion Tools Designed to Ensure Stealth and Continuity appeared first on Cyber Security News.