Cyber Security News

North Korean threat actors have escalated their software supply chain attacks with the deployment of 67 malicious npm packages that collectively garnered over 17,000 downloads before detection. This latest campaign represents a significant expansion of the ongoing “Contagious Interview” operation, introducing a previously unreported malware loader dubbed XORIndex alongside the existing HexEval Loader infrastructure. The […]

The post North Korean Hackers Weaponized 67 Malicious npm Packages to Deliver XORIndex Malware appeared first on Cyber Security News.

A massive network of fraudulent news websites has been uncovered, with cybersecurity researchers identifying over 17,000 Baiting News Sites (BNS) across 50 countries orchestrating sophisticated investment fraud schemes. These malicious platforms masquerade as legitimate news outlets, publishing fabricated stories featuring well-known public figures and respected financial institutions to build trust and lure unsuspecting victims into […]

The post BaitTrap – 17,000+ Fake News Websites Caught Promoting Investment Frauds appeared first on Cyber Security News.

The cybersecurity landscape has witnessed an alarming evolution in hacktivist operations, with threat actors increasingly shifting their focus from traditional DDoS attacks and website defacements to sophisticated industrial control system (ICS) infiltrations. This tactical transformation represents a significant escalation in the hacktivist threat ecosystem, as groups now target critical infrastructure components that directly impact national […]

The post Hacktivist Groups Attacks on Critical ICS Systems to Steal Sensitive Data appeared first on Cyber Security News.

Google has released an emergency security update for Chrome, addressing a critical zero-day vulnerability that attackers are actively exploiting in real-world attacks. The tech giant confirmed that CVE-2025-6558 is being leveraged by threat actors, prompting an immediate patch deployment across all supported platforms. Google Chrome has been updated to version 138.0.7204.157/.158 for Windows and Mac […]

The post Google Chrome 0-day Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.

The cybersecurity landscape has experienced a dramatic shift as ransomware operators increasingly target Linux and VMware environments, abandoning their traditional focus on Windows systems. Recent threat intelligence indicates that criminal groups are developing sophisticated, Linux-native ransomware specifically engineered to exploit the unique vulnerabilities of enterprise virtualization platforms and cloud infrastructures. This strategic pivot represents a […]

The post Ransomware Gangs Actively Expanding to Attack VMware and Linux Systems appeared first on Cyber Security News.

North Korean threat actors have escalated their sophisticated cyber operations against cryptocurrency startups, deploying an evolved malware campaign that leverages fraudulent Zoom meeting invitations to infiltrate target organizations. The campaign, which has been active for over a year, specifically targets individuals and businesses operating within the Web3, cryptocurrency, and blockchain sectors through carefully orchestrated social […]

The post North Korean Hackers Using Fake Zoom Invites to Attack Crypto Startups appeared first on Cyber Security News.

A newly disclosed flaw in Apache Tomcat’s Coyote engine—tracked as CVE-2025-53506—has surfaced in the latest round of HTTP/2 security advisories. First noted in the National Vulnerability Database five days ago, the weakness stems from Coyote’s failure to enforce a hard cap on concurrent streams when an HTTP/2 client never acknowledges the server’s initial SETTINGS frame. […]

The post Apache Tomcat Coyote Vulnerability Let Attackers Trigger DoS Attack appeared first on Cyber Security News.

The National Cyber Security Centre (NCSC) has issued a critical advisory urging organizations to prioritize upgrading to Windows 11 before the October 14, 2025 end-of-life deadline for Windows 10. This recommendation comes amid growing concerns about the cybersecurity implications of maintaining legacy operating systems, particularly as cyber criminals increasingly target outdated infrastructure for exploitation. The […]

The post NCSC Urges Organizations to Upgrade Microsoft Windows 11 to Defend Cyberattacks appeared first on Cyber Security News.

Cybersecurity researchers have identified a sophisticated international fraud campaign that leverages impersonated news websites from major outlets including CNN, BBC, CNBC, News24, and ABC News to orchestrate large-scale investment scams. The operation demonstrates advanced social engineering tactics combined with technical deception methods to target victims across multiple countries. The campaign operates through a multi-stage attack […]

The post Threat Actors Mimic CNN, BBC, and CNBC Websites to Promote Investment Scams appeared first on Cyber Security News.

Sophisticated Android malware variant exploits ZIP-level manipulation and dynamic code loading to evade detection while conducting ad fraud operations targeting mobile users globally. Zimperium’s zLabs security research team has identified a new and highly sophisticated variant of the Konfety Android malware that employs advanced evasion techniques to bypass security analysis tools and conduct fraudulent advertising […]

The post Konfety Android Malware on Google Play Uses ZIP Manipulation to Imitate Legitimate Apps appeared first on Cyber Security News.

Security Operations Centers (SOCs) face a fundamental challenge: distinguishing genuine threats from false positives while maintaining rapid response times. The key to meeting this challenge lies in enriching threat data with actionable context that enables faster, more informed decision-making.  Core SOC Performance Metrics  SOC teams juggle multiple competing priorities while working under constant time pressure. […]

The post How SOC Teams Reduce MTTD And MTTR With Threat Context Enrichment  appeared first on Cyber Security News.

The cybersecurity landscape has witnessed a paradigm shift in 2025, with Distributed Denial of Service (DDoS) attacks reaching unprecedented levels of scale and sophistication. The second quarter of 2025 has marked a historic milestone with the largest DDoS attack ever recorded, demonstrating the evolving nature of digital threats and the critical importance of robust cybersecurity […]

The post Hackers Breaking Internet with 7.3 Tbps and 4.8 Billion Packets Per Second DDoS Attack appeared first on Cyber Security News.

A sophisticated new ransomware-as-a-service operation has emerged with advanced AI-powered negotiation capabilities and mobile management features, targeting organizations across healthcare, automotive, and industrial sectors. GLOBAL GROUP, operated by threat actor “$$$”, has claimed 17 victims across multiple countries since its June 2025 launch, demonstrating rapid operational scaling through automated systems and strategic partnerships with Initial […]

The post GLOBAL GROUP RaaS Operators Enable AI-powered Negotiation Functionality appeared first on Cyber Security News.

GitGuardian, the leader in automated secrets detection and remediation, today announced the launch of its Model Context Protocol (MCP) Server, a powerful new infrastructure designed to bring AI-assisted secrets security directly into developer environments. As intelligent agents begin to reshape the software development landscape, GitGuardian’s MCP server marks a pivotal shift in aligning security practices with […]

The post GitGuardian Launches MCP Server to Bring Secrets Security into Developer Workflows appeared first on Cyber Security News.

Security researchers have confirmed active exploitation of a critical vulnerability in Wing FTP Server, just one day after technical details were publicly disclosed. The flaw, tracked as CVE-2025-47812, has received the maximum CVSS score of 10.0 and enables unauthenticated remote code execution with root or SYSTEM privileges. The vulnerability was first disclosed by security researcher […]

The post Wing FTP Server Vulnerability Actively Exploited – 2000+ Servers Exposed Online appeared first on Cyber Security News.

A sophisticated malware campaign targeting Generation Z gamers has emerged, leveraging weaponized versions of popular games to infiltrate gaming communities and steal sensitive information. The campaign, which has recorded over 19 million malware distribution attempts in a single year, demonstrates how cybercriminals are increasingly exploiting the digital native generation’s passion for gaming to execute large-scale […]

The post Threat Actors Attacking Gen Z Gamers With Weaponized Versions of Popular Games appeared first on Cyber Security News.

Critical security vulnerabilities have been discovered in Gigabyte UEFI firmware that could allow attackers to execute arbitrary code in System Management Mode (SMM), one of the most privileged execution environments in modern processors.  The vulnerabilities, disclosed by the Software Engineering Institute’s CERT Coordination Center on July 11, 2025, affect multiple Gigabyte systems and could enable […]

The post Gigabyte UEFI Firmware Vulnerability Let Attackers Execute Arbitrary Code in the SMM Environment appeared first on Cyber Security News.

Microsoft has provided comprehensive guidance for resolving the common Windows error “The process cannot access the file because it is being used by another process.”  This technical issue, which frequently frustrates users attempting to delete, move, or modify files, can now be systematically diagnosed and resolved using several built-in Windows utilities and free Microsoft tools. […]

The post Microsoft Details on Fixing Error “Identify Which Process Is Blocking a File in Windows” With Built-in Tools appeared first on Cyber Security News.

Cybersecurity researchers have developed innovative forensic methods to track sophisticated attackers who exploit Remote Desktop Protocol (RDP) for lateral movement within enterprise networks.  This breakthrough technique transforms what attackers believe to be stealthy operations into detailed digital footprints, providing incident responders with unprecedented visibility into malicious activities across compromised systems. Key Takeaways1.  Investigators identify RDP […]

The post New Forensic Technique Uncovers Hidden Trails Left by Hackers Exploiting Remote Desktop Protocol appeared first on Cyber Security News.

A sophisticated malware campaign leveraging the KongTuke threat cluster has emerged, targeting Windows users through a novel FileFix technique that deploys an advanced PHP-based variant of the Interlock remote access trojan (RAT). This represents a significant evolution from previous JavaScript-based implementations, demonstrating increased operational sophistication and resilience. Since May 2025, cybersecurity researchers have observed widespread […]

The post KongTuke Attacking Windows Users With New Interlock RAT Variant Using FileFix Technique appeared first on Cyber Security News.