Cyber Security News

Hackers are actively exploiting a critical flaw in Microsoft’s Windows Server Update Services (WSUS), with security researchers reporting widespread attempts in the wild. The vulnerability, tracked as CVE-2025-59287, allows remote code execution on unpatched WSUS servers, potentially granting attackers full control over enterprise networks. As of October 27, 2025, firms monitoring global scan data have […]

The post Hackers Exploiting Microsoft WSUS Vulnerability In The Wild – 2800 Instances Exposed Online appeared first on Cyber Security News.

Law enforcement agencies from the United States and France have seized the onion leak website operated by the notorious Scattered LAPSUS$ Hunters collective, displaying a prominent seizure notice featuring logos from the FBI, Department of Justice, and international partners. This coordinated action, executed around October 9, 2025, targeted the BreachForums infrastructure, which the group had […]

The post Scattered LAPSUS$ Hunters Onion Leak Website Taken Down By Law-enforcement Agencies appeared first on Cyber Security News.

A new tool called EDR-Redir has emerged, allowing attackers to redirect or isolate the executable folders of popular Endpoint Detection and Response (EDR) solutions. Demonstrated by cybersecurity researcher TwoSevenOneT, the technique leverages Windows’ Bind Filter driver (bindflt.sys) and Cloud Filter driver (cldflt.sys) to undermine EDR protections without requiring kernel-level access. This user-mode exploit, rooted in […]

The post New EDR-Redir Tool Breaks EDR Exploiting Bind Filter and Cloud Filter Driver appeared first on Cyber Security News.

A sophisticated phishing technique called CoPhish exploits Microsoft Copilot Studio to trick users into granting attackers unauthorized access to their Microsoft Entra ID accounts. Dubbed by Datadog Security Labs, this method uses customizable AI agents hosted on legitimate Microsoft domains to wrap traditional OAuth consent attacks, making them appear trustworthy and bypassing user suspicions. The […]

The post New CoPhish Attack Exploits Copilot Studio to Exfiltrate OAuth Tokens appeared first on Cyber Security News.

Welcome to this week’s edition of the Cybersecurity Newsletter, where we dissect the latest threats, vulnerabilities, and disruptions shaping the digital landscape. As organizations navigate an increasingly complex threat environment, staying ahead of emerging risks has never been more critical. This week, we’re zeroing in on major incidents that underscore the fragility of cloud infrastructure, […]

The post Cybersecurity Newsletter Weekly – AWS Outage, WSUS Exploitation, Chrome Flaws, and RDP Attacks appeared first on Cyber Security News.

A high-severity vulnerability in BIND 9 resolvers has been disclosed, potentially allowing attackers to poison caches and redirect internet traffic to malicious sites. Tracked as CVE-2025-40778, the flaw affects over 706,000 exposed instances worldwide, as identified by internet scanning firm Censys. Assigned a CVSS score of 8.6, this issue stems from BIND’s overly permissive handling […]

The post 706,000+ BIND 9 Resolver Instances Vulnerable to Cache Poisoning Exposed Online – PoC Released appeared first on Cyber Security News.

The notorious LockBit ransomware operation has resurfaced with a vengeance after months of dormancy following Operation Cronos takedown efforts in early 2024. Despite law enforcement disruptions and infrastructure seizures, the group’s administrator, LockBitSupp, has successfully rebuilt the operation and launched LockBit 5.0, internally codenamed “ChuongDong.” This latest variant represents a significant evolution in the group’s […]

The post LockBit 5.0 Actively Attacking Windows, Linux, and ESXi Environments appeared first on Cyber Security News.

A sophisticated backdoor named Android.Backdoor.Baohuo.1.origin has been discovered in maliciously modified versions of Telegram X messenger, granting attackers complete control over victims’ accounts while operating undetected. The malware infiltrates devices through deceptive in-app advertisements and third-party app stores, masquerading as legitimate dating and communication platforms. With more than 58,000 infected devices spread across approximately 3,000 […]

The post Hackers Weaponizing Telegram Messenger with Dangerous Android Malware to Gain Full System Control appeared first on Cyber Security News.

Southeast Asia’s online gambling ecosystem has become a breeding ground for sophisticated cyber threats, with criminal networks leveraging seemingly legitimate platforms to distribute malicious software to millions of unsuspecting users. A recently uncovered operation demonstrates how threat actors exploit the region’s thriving illegal gambling market by deploying a weaponized browser disguised as a privacy tool. […]

The post Vault Viper Exploits Online Gambling Websites Using Custom Browser to Install Malicious Program appeared first on Cyber Security News.

Cybercriminals have adopted a sophisticated social engineering strategy that exploits the trust inherent in job hunting, according to a recent security advisory. A financially motivated threat cluster operating from Vietnam has been targeting digital advertising and marketing professionals through fake job postings on legitimate employment platforms and custom-built recruitment websites. The campaign, which leverages remote […]

The post Google Warns of Threat Actors Using Fake Job Posting to Deliver Malware and Steal Credentials appeared first on Cyber Security News.

A sophisticated cyberattack campaign targeting Microsoft Internet Information Services (IIS) servers has emerged, exploiting decades-old security vulnerabilities to deploy malicious modules that enable remote command execution and search engine optimization fraud. The operation, which came to light in late August and early September 2025, leverages publicly exposed ASP.NET machine keys to compromise servers worldwide, affecting […]

The post Hackers Hijacking IIS Servers in The Wild Using Exposed ASP .NET Machine Keys to Inject Malicious Modules appeared first on Cyber Security News.

North Korean state-sponsored hackers from the Lazarus APT group launched a cyberespionage campaign targeting European companies involved in unmanned aerial vehicle development. Starting in late March 2025, attackers compromised three defense organizations across Central and Southeastern Europe, deploying advanced malware to steal proprietary UAV technology. The campaign, tracked as Operation DreamJob, employed social engineering using […]

The post North Korean Hackers Attacking Unmanned Aerial Vehicle Industry to Steal Confidential Data appeared first on Cyber Security News.

Cyber attackers are using new ways to breach systems, making threats hard to detect. Traditional tools like firewalls alone can’t keep up.  That’s where cyber deception steps in!  Using traps and decoys that lure and mislead attackers, deception technology allows security teams to capture attackers even before intrusion, speed up the response, and reduce damage.  Why Deception Technology Matters  […]

The post 5 Deception Solutions that are Changing the Cybersecurity Game  appeared first on Cyber Security News.

A sophisticated phishing campaign leveraging randomly generated Universal Unique Identifiers (UUIDs) has emerged, successfully bypassing Secure Email Gateways (SEGs) and evading perimeter defenses. The attack employs an advanced JavaScript-based phishing script combining random domain selection, dynamic UUID generation, and server-driven page replacement to steal credentials. Unlike conventional phishing operations relying on static redirects, this campaign […]

The post New Phishing Attack Bypasses Using UUIDs Unique to Bypass Secure Email Gateways appeared first on Cyber Security News.

OpenAI’s newly launched ChatGPT Atlas browser, designed to blend AI assistance with web navigation, faces a serious security flaw that allows attackers to jailbreak the system by disguising malicious prompts as harmless URLs. This vulnerability exploits the browser’s omnibox, a combined address and search bar that interprets inputs as either navigation commands or natural-language prompts […]

The post OpenAI ChatGPT Atlas Browser Jailbroken to Disguise Malicious Prompt as URLs appeared first on Cyber Security News.

In 2025, ransomware attacks against the public sector continue to accelerate at an alarming rate, showing no signs of slowing down despite increased cybersecurity awareness and defensive measures. Throughout the year, approximately 196 public sector entities worldwide have fallen victim to ransomware campaigns, resulting in crippling service outages, massive data loss, erosion of public trust, […]

The post Ransomware Actors Targeting Global Public Sectors and Critical Services in Targeted Attacks appeared first on Cyber Security News.

The cybersecurity landscape has entered an unprecedented era of sophistication with the emergence of AI-powered ransomware attacks. Recent research from MIT Sloan and Safe Security reveals a shocking statistic: 80% of ransomware attacks now utilize artificial intelligence. This represents a fundamental shift from traditional malware operations to autonomous, adaptive threats that can evolve in real-time […]

The post AI-Powered Ransomware Is the Emerging Threat That Could Bring Down Your Organization appeared first on Cyber Security News.

A sophisticated malware distribution campaign leveraging over 3,000 malicious YouTube videos has been uncovered, targeting users seeking pirated software and game cheats. The YouTube Ghost Network represents a coordinated ecosystem of compromised accounts that exploit platform features to distribute information-stealing malware while creating false trust through fabricated engagement. Active since 2021, the network has dramatically […]

The post YouTube Ghost Malware Network With 3,000+ Malicious Videos Attacking Users to Deploy Malware appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated ransomware campaign where Agenda group threat actors are deploying Linux-based ransomware binaries directly on Windows systems, targeting VMware virtualization infrastructure and backup environments. This cross-platform execution technique challenges traditional security assumptions and demonstrates how ransomware operators are adapting to bypass endpoint detection systems that primarily focus on Windows-native threats. […]

The post Agenda Ransomware Actors Deploying Linux RAT on Windows Systems Targeting VMware Deployments appeared first on Cyber Security News.

A sophisticated text message phishing campaign originating from China has emerged as one of the most extensive cybersecurity threats targeting users worldwide. The operation, attributed to a threat collective known as the Smishing Triad, represents a massive escalation in SMS-based fraud, impersonating services across banking, healthcare, law enforcement, e-commerce, and government sectors. What began as […]

The post New Text Message Based Phishing Attack from China Targeting Users Around the Globe appeared first on Cyber Security News.