Cyber Security News

Security researchers at Volexity have uncovered multiple Russian threat actors conducting sophisticated social engineering and spear-phishing campaigns targeting Microsoft 365 accounts through Device Code Authentication exploitation. The attacks, observed since mid-January 2025, involve three distinct groups: “CozyLarch (APT29),” “UTA0304,” and “UTA0307.” The threat actors impersonate officials from organizations like the US Department of State, Ukrainian […]

The post Multiple Russian Actors Attacking Orgs To Hack Microsoft 365 Accounts via Device Code Authentication appeared first on Cyber Security News.

The Indian Post Office portal was found vulnerable to an Insecure Direct Object Reference (IDOR) attack, exposing sensitive Know Your Customer (KYC) data of thousands of users.  This breach highlights the critical need for robust security measures in government-operated digital platforms, especially those handling sensitive personal information like Aadhaar and PAN details. What Happened? According […]

The post Indian Post Office Portal Exposed Thousands of KYC Records With Username & Mobile Number appeared first on Cyber Security News.

Google has unveiled a groundbreaking security feature in Android 16 Beta 2 aimed at combating phone scams by blocking users from altering sensitive settings during active phone calls.  This feature, currently live in the beta version, prevents enabling permissions like sideloading apps and granting accessibility access, both of which are commonly exploited by scammers. Phone […]

The post New Android Security Feature that Blocks Changing Sensitive Setting During Calls appeared first on Cyber Security News.

In a sophisticated cyberattack campaign, a threat actor identified as Storm-2372 has been leveraging Microsoft Teams meeting invites to execute “device code phishing” attacks.  This campaign, observed since August 2024, targets governments, NGOs, IT services, defense, telecommunications, health, education, and energy sectors across Europe, North America, Africa, and the Middle East.  Microsoft’s Threat Intelligence Center […]

The post Hackers Abusing Microsoft Teams Meeting Invites to Trick Victims for Gaining Access appeared first on Cyber Security News.

In a significant update, Google has announced that its AI-powered security feature is now available to every Chrome user globally. This development marks a pivotal step in enhancing online safety through advanced machine learning techniques. The new security enhancement leverages artificial intelligence to provide several key protective measures: However, the feature does not activate automatically. […]

The post Google Chrome AI-Powered Security Now Available for All Users – Enable Now! appeared first on Cyber Security News.

Linus Torvalds has released Linux Kernel 6.14-rc3, the latest release candidate for the upcoming Linux 6.14 stable version. Paolo Bonzini, the maintainer of the Kernel-based Virtual Machine (KVM), has also submitted a series of fixes for the Linux Kernel 6.14-rc3, which have now been merged by Linus Torvalds. These updates address critical issues across multiple […]

The post Linux Kernel 6.14 rc3 Released – What’s New! appeared first on Cyber Security News.

Welcome to this week’s Cybersecurity Newsletter, where we bring you the latest updates and key insights from the ever-changing world of cybersecurity. In today’s fast-paced digital environment, staying informed is crucial. Our goal is to provide you with relevant information to help you navigate the challenges of this dynamic field effectively. This edition highlights emerging […]

The post Cybersecurity Weekly Recap: Latest on Attacks, Vulnerabilities, & Data Breaches appeared first on Cyber Security News.

A critical authentication bypass vulnerability in SonicWall firewalls, tracked as CVE-2024-53704, is now being actively exploited in the wild, cybersecurity firms warn. The surge in attacks follows the public release of proof-of-concept (PoC) exploit code on February 10, 2025, by researchers at Bishop Fox, amplifying risks for organizations with unpatched devices. CVE-2024-53704, rated 9.3 on […]

The post SonicWall Firewall Authentication Bypass Vulnerability Exploited in Wild Following PoC Release appeared first on Cyber Security News.

Researchers have identified a new backdoor malware, written in Go programming language, that leverages Telegram as its command-and-control (C2) channel. While the malware appears to still be under development, it is already fully functional and capable of executing various malicious activities. This innovative use of cloud-based applications like Telegram for C2 communication poses significant challenges […]

The post New Go-Based Malware Exploits Telegram and Use It as C2 Channel appeared first on Cyber Security News.

A recently discovered Python script has been flagged as a potential cybersecurity threat due to its use of a clever anti-analysis trick.  This script, which has a low detection rate on VirusTotal (4/59), uses the tkinter library to create a fake “Blue Screen of Death” (BSOD) graphical interface.  The SHA256 hash of the script, which […]

The post Beware of Fake BSOD Delivered by Malicious Python Script appeared first on Cyber Security News.

A website launched by Elon Musk’s Department of Government Efficiency (DOGE) has been found to have a significant security vulnerability, allowing unauthorized users to directly modify its content. The vulnerability discovered by two web development experts arises from the website’s use of an unsecured external database. This allowed anyone aware of the vulnerability to post […]

The post Elon Musk’s DOGE Website Database Vulnerability Let Anyone Make Entries Directly appeared first on Cyber Security News.

The notorious Lazarus Group, a North Korean Advanced Persistent Threat (APT) group, has been linked to a sophisticated campaign targeting software developers. This campaign involves the use of infostealer malware, designed to steal sensitive information from developers’ systems. The attack leverages social engineering tactics, including fake job interviews and compromised NPM packages, to deceive developers […]

The post Lazarus Group Infostealer Malwares Attacking Developers In New Campaign appeared first on Cyber Security News.

Job seekers have become the target of a sophisticated ransomware campaign in a recent cybersecurity threat, and this campaign dubbed as “XELERA.” This campaign uses fake job offers from the Food Corporation of India (FCI) to lure victims into opening malicious Word documents. These documents, once opened, initiate a complex infection chain that ultimately leads […]

The post XELERA Ransomware Attacking Job Seekers With Weaponized Word Documents appeared first on Cyber Security News.

A highly sophisticated cyber espionage group known as EarthKapre, also referred to as RedCurl, has been identified targeting private-sector organizations, particularly those in the Law Firms & Legal Services industry. The eSentire Threat Response Unit (TRU) uncovered the group’s recent activities in January 2025, revealing a complex attack chain designed for corporate espionage. Technical Analysis: […]

The post EarthKapre APT Drops Weaponized PDF to Compromise Windows Systems appeared first on Cyber Security News.

The notorious Lazarus Group in a recent escalation of cyber threats linked to North Korea, has unveiled a sophisticated new tactic to target developers worldwide. This campaign, dubbed “Operation Marstech Mayhem,” involves the deployment of an advanced malware implant known as “Marstech1.” The operation marks a significant evolution in the group’s supply chain attacks, leveraging […]

The post Lazarus Group Using New Malware Tactic To Attack Developers Globally appeared first on Cyber Security News.

North Korean IT workers have been infiltrating international companies by securing remote positions under false identities. This tactic not only violates international sanctions but also poses significant cybersecurity risks, including data theft and the installation of backdoors on compromised systems. The Insikt Group has unveiled these activities, highlighting the use of sophisticated malware and front […]

The post North Korean IT Workers Infiltrate International Companies To Plant Backdoors on Systems appeared first on Cyber Security News.

Cyber threats have evolved significantly in recent years, with malicious actors employing sophisticated tactics to compromise user systems. One such threat is the SocGholish malware, which has been actively distributed through fake browser updates since 2017. This malware campaign exploits user trust by disguising itself as legitimate software updates, often targeting unsuspecting visitors of compromised […]

The post Beware of Malicious Browser Updates That Installs SocGholish Malware appeared first on Cyber Security News.

A sophisticated phishing campaign, identified by Microsoft Threat Intelligence, has been exploiting a technique known as “device code phishing” to capture authentication tokens. This attack, attributed to a group called Storm-2372, has been active since August 2024 and targets a wide range of industries and governments globally. The campaign uses a phishing technique that tricks […]

The post New Device Code Phishing Attack Exploit Device Code Authentication To Capture Authentication Tokens appeared first on Cyber Security News.

Researchers observed a sophisticated cyber-espionage campaign led by the Chinese state-sponsored group known as “Salt Typhoon,” also referred to as “RedMike.”  Between December 2024 and January 2025, the group exploited over 1,000 unpatched Cisco network devices globally, targeting telecommunications providers and universities.  The campaign highlights the ongoing vulnerability of critical infrastructure and the strategic intelligence […]

The post RedMike Hackers Exploited 1000+ Cisco Devices to Gain Admin Access  appeared first on Cyber Security News.

A high-severity security vulnerability, identified as CVE-2024-21966, has been discovered in the AMD Ryzen™ Master Utility, a software tool designed to optimize the performance of AMD Ryzen™ processors.  The vulnerability, classified as DLL hijacking, could allow attackers to execute arbitrary code and escalate privileges on affected systems.  With a CVSS score of 7.3, this vulnerability […]

The post AMD Ryzen DLL Hijacking Vulnerability Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.