Cyber Security News

A critical zero-day vulnerability has been identified in WinRAR that cybercriminals are actively exploiting through sophisticated phishing campaigns to distribute RomCom malware.  The flaw, designated as CVE-2025-8088, represents a significant security threat with a CVSS v3.1 score of 8.4, enabling attackers to execute arbitrary code on victims’ systems through malicious archive files. Key Takeaways1. WinRAR […]

The post WinRAR 0-Day in Phishing Attacks to Deploy RomCom Malware appeared first on Cyber Security News.

Researchers have compromised OpenAI’s latest GPT-5 model using sophisticated echo chamber and storytelling attack vectors, revealing critical vulnerabilities in the company’s most advanced AI system.  The breakthrough demonstrates how adversarial prompt engineering can bypass even the most robust safety mechanisms, raising serious concerns about enterprise deployment readiness and the effectiveness of current AI alignment strategies. […]

The post GPT-5 Jailbreaked With Echo Chamber and Storytelling Attacks appeared first on Cyber Security News.

A newly disclosed security vulnerability in the popular 7-Zip file compression software has raised significant concerns in the cybersecurity community. CVE-2025-55188, discovered and reported by security researcher Landon on August 9, 2025, allows attackers to perform arbitrary file writes during archive extraction, potentially leading to code execution on vulnerable systems. The vulnerability affects all versions […]

The post 7-Zip Arbitrary File Write Vulnerability Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.

LAS VEGAS — At the DEF CON 33 security conference, researchers Yair and Shahak Morag of SafeBreach Labs unveiled a new class of denial-of-service (DoS) attacks, dubbed the “Win-DoS Epidemic.” The duo presented their findings, which include four new Windows DoS vulnerabilities and one zero-click distributed denial-of-service (DDoS) flaw. The discovered flaws, all of which […]

The post New ‘Win-DoS’ Zero-Click Vulnerabilities Turns Windows Server/Endpoint, Domain Controllers Into DDoS Botnet appeared first on Cyber Security News.

Tech giant Google has officially acknowledged a significant data breach affecting its corporate Salesforce database, with the company completing email notifications to affected users as of August 8, 2025. Google revealed on August 5 that one of its corporate Salesforce instances was compromised in June 2025 by the notorious cybercriminal group known as ShinyHunters, officially […]

The post Google Confirms Data Breach – Notifying Users Affected By the Cyberattack appeared first on Cyber Security News.

Darknet markets, operating beyond the reach of traditional payment processors and legal systems, rely on escrow systems to secure cryptocurrency transactions between buyers and vendors.  These systems, using multisignature wallets and automated release mechanisms, aim to ensure transaction security and facilitate dispute resolution. However, vulnerabilities in centralized dispute processes and the persistent threat of exit […]

The post Darknet Market Escrow Systems is Vulnerable to Administrator Exit Scams appeared first on Cyber Security News.

A critical vulnerability in OpenAI’s ChatGPT Connectors feature allows attackers to exfiltrate sensitive data from connected Google Drive accounts without any user interaction beyond the initial file sharing. The attack, dubbed “AgentFlayer,” represents a new class of zero-click exploits targeting AI-powered enterprise tools. The vulnerability was disclosed by cybersecurity researchers Michael Bargury from Zenity and […]

The post ChatGPT Connectors ‘0-click’ Vulnerability Let Attackers Exfiltrate Data From Google Drive appeared first on Cyber Security News.

A critical vulnerability in the Linux kernel, identified as CVE-2025-38236, has exposed a flaw that could allow attackers to escalate privileges from within the Chrome renderer sandbox on Linux systems.  Google Project Zero researcher Jann Horn discovered the bug affects Linux kernel versions 6.9 and above, stemming from the obscure MSG_OOB (out-of-band) feature in UNIX […]

The post New Linux Kernel Vulnerability Directly Exploited from Chrome Renderer Sandbox Via Rare Linux Socket Feature appeared first on Cyber Security News.

A sophisticated cryptocurrency theft campaign has emerged targeting the Bittensor ecosystem through malicious Python packages distributed via the Python Package Index (PyPI). The attack leverages typosquatting techniques to deceive developers and users into installing compromised versions of legitimate Bittensor packages, ultimately resulting in complete wallet drainage during routine staking operations. The malicious campaign was orchestrated […]

The post Threat Actors Using Typosquatted PyPI Packages to Steal Cryptocurrency from Bittensor Wallets appeared first on Cyber Security News.

A sophisticated malware campaign dubbed “Efimer” has emerged as a significant threat to cryptocurrency users worldwide, employing a multi-vector approach that combines compromised WordPress websites, malicious torrents, and deceptive email campaigns. First detected in October 2024, this ClipBanker-type Trojan has evolved from a simple cryptocurrency stealer into a comprehensive malicious infrastructure capable of self-propagation and […]

The post Huge Wave of Malicious Efimer Malicious Script Attack Users via WordPress Sites, Malicious Torrents, and Email appeared first on Cyber Security News.

A sophisticated cybercriminal enterprise operating over 5,000 fraudulent online pharmacy websites has been exposed in a comprehensive investigation, revealing one of the largest pharmaceutical fraud networks ever documented. This massive operation, orchestrated by a single threat actor group, targets vulnerable individuals seeking prescription medications through deceptive digital storefronts that mimic legitimate pharmaceutical retailers. The fraudulent […]

The post 5,000+ Fake Online Pharmacies Websites Selling Counterfeit Medicines appeared first on Cyber Security News.

Researchers have disclosed a series of critical zero-day vulnerabilities that completely bypass Windows BitLocker encryption, allowing attackers with physical access to extract all protected data from encrypted devices in a matter of minutes. The research, conducted by Alon Leviev and Netanel Ben Simon from Microsoft’s Security Testing & Offensive Research at Microsoft (STORM) team, exposes […]

The post BitUnlocker – Multiple 0-days to Bypass BitLocker and Extract All Protected Data appeared first on Cyber Security News.

A sophisticated information-stealing malware campaign has emerged, utilizing advanced obfuscation techniques and multiple infection vectors to evade traditional security controls. The DarkCloud Stealer, first documented in recent threat intelligence reports, represents a significant evolution in cybercriminal tactics, employing a complex multi-stage delivery mechanism that begins with seemingly innocuous archive files and culminates in the deployment […]

The post DarkCloud Stealer Employs New Infection Chain and ConfuserEx-Based Obfuscation appeared first on Cyber Security News.

Over 28,000 unpatched Microsoft Exchange servers are exposed on the public internet and remain vulnerable to a critical security flaw designated CVE-2025-53786, according to new scanning data released on August 7, 2025, by The Shadowserver Foundation. The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 25-02 on August 7, mandating federal agencies to address […]

The post 28,000+ Microsoft Exchange Servers Vulnerable to CVE-2025-53786 Exposed Online appeared first on Cyber Security News.

A sophisticated new malware framework named CastleBot has emerged as a significant threat to cybersecurity, operating as a Malware-as-a-Service (MaaS) platform that enables cybercriminals to deploy diverse malicious payloads ranging from infostealers to backdoors linked to ransomware attacks. First appearing in early 2025, the malware has demonstrated remarkable adaptability and technical sophistication, with activity levels […]

The post CastleBot Malware-as-a-Service Deploys Range of Payloads Linked to Ransomware Attacks appeared first on Cyber Security News.

A sophisticated new variant of the DarkCloud information stealer has emerged in the cyberthreat landscape, targeting Windows users through carefully crafted phishing campaigns designed to harvest sensitive credentials and financial information. This fileless malware variant represents a significant evolution in stealer technology, employing advanced evasion techniques and multi-stage deployment mechanisms that make detection particularly challenging […]

The post New Windows-Based DarkCloud Stealer Attacking Computers to Steal Login Credentials and Financial Data appeared first on Cyber Security News.

Critical security flaws in Axis Communications’ surveillance infrastructure have left over 6,500 organizations worldwide vulnerable to sophisticated cyberattacks, with potential impacts spanning government agencies, educational institutions, and Fortune 500 companies. The Swedish security camera manufacturer’s popular video surveillance products contain four distinct vulnerabilities that could allow attackers to gain complete control over camera networks and […]

The post Axis Camera Server Vulnerabilities Exposes Thousands of Organizations to Attack appeared first on Cyber Security News.

The notorious VexTrio traffic distribution system (TDS) has expanded its cybercriminal operations beyond traditional web-based scams to include the development and distribution of malicious mobile applications designed to masquerade as legitimate VPN services..This sophisticated threat actor, which has maintained a dominant presence in the malicious advertising ecosystem since 2015, is now leveraging app stores to […]

The post VexTrio TDS System Developing Several Malicious Apps Mimic as VPNs to Publish in Google Play and App Store appeared first on Cyber Security News.

U.S. authorities have announced the successful dismantling of the BlackSuit ransomware operation, a notorious group linked to attacks on more than 450 organizations worldwide. The operation, led by Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI), involved seizing servers, domains, and digital assets used for deploying ransomware, extorting victims, and laundering illicit profits. BlackSuit, […]

The post US Confirms Shutdown of BlackSuit Ransomware That Hacked Over 450 Organizations appeared first on Cyber Security News.

In recent months, security researchers have uncovered a novel attack vector targeting Python package installers through ambiguities in the ZIP archive format. By exploiting discrepancies between local file headers and the central directory, malicious actors can craft seemingly benign wheel distributions that, when unpacked by vulnerable installers, silently smuggle unauthorized files into the target environment. […]

The post PyPI Released Advisory to Prevent ZIP Parser Confusion Attacks on Python Package Installers appeared first on Cyber Security News.