Cyber Security News

A newly documented malware campaign demonstrates how attackers are leveraging Windows LNK shortcuts to deliver the MastaStealer infostealer. The attack begins with spear-phishing emails containing ZIP archives with a single LNK file that executes a multi-stage infection process. When victims click the malicious shortcut, it launches Microsoft Edge while opening the AnyDesk website in the […]

The post MastaStealer Weaponizes Windows LNK Files, Executes PowerShell Command, and Evades Defender appeared first on Cyber Security News.

Microsoft has launched a new security feature in Teams Premium called “Prevent screen capture,” designed to block screenshots and recordings during sensitive meetings, with general availability rolling out worldwide through late November 2025.​ This enhancement addresses growing concerns over data leaks in virtual collaborations, particularly in industries like finance, healthcare, and legal sectors, where confidential […]

The post Microsoft Teams New Premium Feature Blocks Screenshots and Recordings During Meeting appeared first on Cyber Security News.

The notorious Cl0p ransomware group has claimed responsibility for breaching the UK’s National Health Service (NHS), spotlighting vulnerabilities in Oracle’s E-Business Suite (EBS). The announcement, posted on Cl0p’s dark web leak site on November 11, 2026, accuses the NHS of prioritizing profits over patient security, stating, “The company doesn’t care about its customers; it ignored […]

The post NHS Investigating Oracle EBS Hack Following Cl0p Ransomware Group Claim appeared first on Cyber Security News.

GitLab has released urgent security patches addressing multiple vulnerabilities affecting both the Community Edition and the Enterprise Edition. The company released versions 18.5.2, 18.4.4, and 18.3.6 to fix critical security issues that could allow attackers to compromise sensitive information and bypass access controls. The most concerning vulnerability involves prompt injection attacks in GitLab Duo’s review feature. Attackers […]

The post Multiple GitLab Vulnerabilities Let Attackers Inject Malicious Prompts to Steal Sensitive Data appeared first on Cyber Security News.

Elastic Security has disclosed critical vulnerabilities affecting Kibana that could enable attackers to execute Server-Side Request Forgery (SSRF) and Cross-Site Scripting (XSS) attacks against vulnerable deployments. The vulnerabilities stem from inadequate origin validation in the Observability AI Assistant component. The primary vulnerability, tracked as CVE-2025-37734 under Elastic Security Advisory ESA-2025-24, involves an origin validation error in Kibana. […]

The post Multiple Kibana Vulnerabilities Enables SSRF and XSS Attacks appeared first on Cyber Security News.

Microsoft has rolled out enhanced remediation capabilities in Defender for Office 365 (O365), enabling security teams to initiate automated investigations and other actions directly from the Advanced Hunting interface. This feature, launched on November 10, 2025, empowers admins and analysts to respond to email threats more swiftly without requiring policy modifications.​ The new actions Submit […]

The post Microsoft Defender for O365 New Feature Allows Security Teams to Trigger Automated Investigations appeared first on Cyber Security News.

New York, New York, November 13th, 2025, CyberNewsWire BreachLock, a global leader in offensive security, just announced a powerful new integration with Vanta, the leading AI-powered trust management platform, enabling organizations to push security validation evidence directly into compliance workflows with a single click.  This integration bridges the gap between continuous security testing and compliance […]

The post BreachLock and Vanta Bridge the Gap Between Continuous Security Testing and Compliance with New Integration appeared first on Cyber Security News.

Palo Alto Networks has disclosed a critical denial-of-service vulnerability in its PAN-OS firewall software that allows unauthenticated attackers to remotely reboot firewalls by sending specially crafted packets. Tracked as CVE-2025-4619, the vulnerability poses significant risks to organizations relying on Palo Alto firewalls for network security. The flaw, identified as CWE-754 (Improper Check for Unusual or […]

The post Palo Alto PAN-OS Firewall Vulnerability Let Attackers Reboot Firewall by Sending Malicious Packet appeared first on Cyber Security News.

Reports of a possible law enforcement operation against Rhadamanthys Stealer infrastructure have created waves in the cybersecurity community. The information stealer, which has been active in the threat landscape for several months, appears to have suffered a major disruption to its command and control servers. Users of the malware-as-a-service platform have reported difficulties accessing their […]

The post Rhadamanthys Stealer Servers Possibly Seized – Admin Urges to Reinstall Servers appeared first on Cyber Security News.

The English-speaking cybercriminal ecosystem, commonly known as “The COM,” has transformed from a niche community of social media account traders into a sophisticated, organized operation fueling some of the world’s most damaging cyberattacks. What started as simple forums for trading rare social media handles has evolved into a professional, service-driven criminal marketplace targeting multinational corporations, […]

The post English-Speaking Cybercriminal Ecosystem ‘The COM’ Drives a Wide Spectrum of Cyberattacks appeared first on Cyber Security News.

Law enforcement agencies disrupted a vast network of cybercrime tools between November 10 and 14, 2025, coordinated from Europol’s headquarters in The Hague, Netherlands. Dubbed the latest phase of Operation Endgame, the effort targeted three notorious malware families: the infostealer Rhadamanthys, the Remote Access Trojan (RAT) VenomRAT, and the Elysium botnet. These stealers and botnets […]

The post Operation Endgame – 1,000+ Servers Used by Rhadamanthys, VenomRAT, and Elysium Dismantled appeared first on Cyber Security News.

A new ClickFix campaign is tricking users with a fake Windows update that runs in their browser. Called “Fake OS Update,” this scam takes advantage of people’s trust in the familiar blue screen of death (BSOD) from Microsoft. It delivers malware and shows how social engineering can be more effective than technical tricks. Cybersecurity researcher […]

The post New ClickFix Attack Tricks Users with ‘Fake OS Update’ to Execute Malicious Commands appeared first on Cyber Security News.

Dell Technologies has disclosed a critical security vulnerability in its Data Lakehouse platform that could allow remote attackers to escalate privileges and compromise system integrity. The flaw, tracked as CVE-2025-46608, affects all versions before 1.6.0.0 and has been assigned a CVSS score of 9.1, placing it in the critical severity category. The security flaw stems from an improper […]

The post Critical Dell Data Lakehouse Vulnerability Let Remote Attacker Escalate Privileges appeared first on Cyber Security News.

Businesses today are dealing with faster, stealthier email threats that look routine yet unleash aggressively malicious scripts the moment a user engages. This is especially true when the lure arrives as an attachment that resembles a harmless image file.  The perception gap is exactly what attackers exploit with SVG phishing, whereby what appears to be […]

The post How Attackers Turn SVG Files Into Phishing Lures appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has released a warning about a serious vulnerability affecting WatchGuard Firebox security appliances. This flaw, tracked as CVE-2025-9242, potentially allows remote attackers to take control of affected systems. The security issue involves an out-of-bounds write in the device’s operating system, specifically the OS iked process. This means a […]

The post CISA Warns WatchGuard Firebox Out-of-Bounds Write Vulnerability Exploited Attacks appeared first on Cyber Security News.

A vulnerability in OpenAI’s advanced video generation model, Sora 2, that enables the extraction of its hidden system prompt through audio transcripts, raising concerns about the security of multimodal AI systems. This vulnerability, detailed in a blog post by AI security firm Mindgard, demonstrates how creative prompting across text, images, video, and audio can bypass […]

The post OpenAI Sora 2 Vulnerability Exposes System Prompts via Audio Transcripts appeared first on Cyber Security News.

Microsoft has released security updates to fix a serious vulnerability in SQL Server that allows attackers to gain higher system privileges. The flaw, tracked as CVE-2025-59499, was disclosed on November 11, 2025, and affects multiple versions including SQL Server 2016, 2017, 2019, and 2022. This vulnerability stems from improper handling of special characters in SQL […]

The post Microsoft SQL Server Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding federal agencies. Failing to properly patch Cisco Adaptive Security Appliances (ASA) and Firepower Threat Defense (FTD) devices against actively exploited vulnerabilities. Under Emergency Directive 25-03, CISA has identified two severe CVEs posing unacceptable risks to federal information systems: CVE-2025-20333, which enables remote […]

The post CISA Warns of Federal Agencies Not Fully Patching Actively Exploited Cisco ASA or Firepower Devices appeared first on Cyber Security News.

A new phishing campaign is targeting iPhone owners who have lost their devices, exploiting their hope of recovery to steal Apple ID credentials. The National Cyber Security Centre (NCSC) has received multiple reports of cases where victims received text messages claiming their lost or stolen iPhones had been found abroad, sometimes months after the devices […]

The post New Phishing Attack Targeting iPhone Owners Who’ve Lost Their Devices appeared first on Cyber Security News.

A Chinese national has been sentenced to over 11 years in prison following one of the most significant cryptocurrency fraud investigations in history. Zhimin Qian, 47, received an 11-year and eight-month sentence for possessing and transferring criminal property under the Proceeds of Crime Act 2002. The case marks the culmination of a seven-year investigation by […]

The post Chinese National Jailed for Laundering Over £5 Billion by Defrauding Over 128,000 Victims appeared first on Cyber Security News.