Cyber Security News

Microsoft’s newly unveiled “Connected Agents” feature in Copilot Studio, announced at Build 2025, is creating a significant security vulnerability. Attackers are already exploiting to gain unauthorized backdoor access to critical business systems. Connected Agents enables AI-to-AI integration, allowing agents to share functionality and reuse logic across environments. While designed for efficiency, similar to wrapping repeated […]

The post Hackers Exploit Copilot Studio’s New Connected Agents Feature to Gain Backdoor Access appeared first on Cyber Security News.

A major supply chain attack targeting EmEditor, a widely used text editor software, has exposed millions of users to sophisticated infostealer malware. Between December 19 and December 22, 2025, the official EmEditor website fell victim to unauthorized modification, serving compromised installer files to unsuspecting users during a critical four-day window. The company confirmed that users […]

The post EmEditor Editor Website Hacked to Deliver Infostealer Malware in Supply Chain Attack appeared first on Cyber Security News.

Chinese threat actors operating under the name Silver Fox are targeting Indian organizations through sophisticated phishing campaigns that impersonate legitimate income tax documents. The attack campaign uses authentic-looking Income Tax Department emails to trick users into downloading a malicious executable disguised as a tax-related file. Once clicked, victims are redirected to a command-and-control server, which […]

The post Silver Fox Hackers Attacking Indian Entities with Income Tax Phishing Lures appeared first on Cyber Security News.

A Spanish-speaking phishing operation targeting Microsoft Outlook users has been active since March 2025, using a sophisticated kit that shows clear indicators of AI-assisted development. The campaign, tracked through a unique signature of four mushroom emojis embedded in the string “OUTL,” has been observed in over 75 distinct deployments. The operation captures email credentials along […]

The post New Phishing Kit with AI-assisted Development Attacking Microsoft Users to Steal Logins appeared first on Cyber Security News.

Public reports about cyberattacks often present a polished picture—threat actors working methodically through a well-planned playbook with every action perfectly executed. This perception leads many to believe that modern attackers operate with machine-like precision, seamlessly moving from one objective to another without facing obstacles. However, this narrative masks a much different reality that becomes clear […]

The post Windows Event Logs Reveal the Messy Reality Behind ‘Sophisticated’ Cyberattacks appeared first on Cyber Security News.

A coordinated exploitation campaign that generated more than 2.5 million malicious requests against Adobe ColdFusion servers and 47+ other technology platforms during the Christmas 2025 holiday period. The operation was attributed to a single threat actor operating from Japan-based infrastructure. This indicates an advanced scanning effort by attackers seeking both legacy and new vulnerabilities dating […]

The post 2.5 Million+ Malicious Request From Hackers Attacking Adobe ColdFusion Servers appeared first on Cyber Security News.

Security researchers have disclosed critical vulnerabilities affecting widely used Bluetooth headphones and earbuds that could allow attackers to eavesdrop on conversations, steal sensitive data, and even hijack connected smartphones. The flaws, identified as CVE-2025-20700, CVE-2025-20701, and CVE-2025-20702, impact devices powered by Airoha Bluetooth System-on-Chips (SoCs), which are used by major manufacturers including Sony, Bose, JBL, […]

The post New Vulnerabilities in Bluetooth Headphones Let Hackers Hijack Connected Smartphone appeared first on Cyber Security News.

A new form of cyber disruption is reshaping the landscape of modern conflict. Hacktivist groups are increasingly operating as strategic instruments of state pressure, launching coordinated attacks that align perfectly with geopolitical events such as sanctions announcements and military aid declarations. Unlike traditional cybercrime or isolated digital activism, these operations follow a consistent, repeatable pattern […]

The post Hacktivist Proxy Operations Emerge as a Repeatable Model of Geopolitical Cyber Pressure appeared first on Cyber Security News.

In a desperate attempt to cover his tracks, the hacker behind Coupang’s massive personal data leak hurled his MacBook Air into a nearby river, only for company investigators to fish it out days later. This cinematic twist emerged as South Korean e-commerce giant Coupang detailed its government-directed probe into the breach affecting 33.7 million customers, […]

The post Hacker Threw MacBook in River to Erase Evidence in Coupang Data Breach appeared first on Cyber Security News.

Security researchers are increasingly focusing on privilege escalation attacks through two primary Windows attack surfaces: kernel drivers and named pipes. These vectors exploit fundamental trust boundary weaknesses between the user and kernel modes. Enabling attackers to escalate from standard user privileges to SYSTEM-level access. Kernel drivers present a significant LPE attack surface due to insufficient […]

The post Windows Vulnerabilities via Kernel Drivers and Named Pipes Allows Privilege Escalation appeared first on Cyber Security News.

An open-source detection tool to help organizations identify potential exploitation of MongoBleed (CVE-2025-14847), a critical memory disclosure vulnerability affecting MongoDB databases.​ The vulnerability allows attackers to extract sensitive information, including credentials, session tokens, and personally identifiable information, directly from server memory without requiring authentication. The flaw exists in MongoDB’s zlib decompression mechanism and affects versions […]

The post MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847) appeared first on Cyber Security News.

OpenAI has rolled out a critical security update to ChatGPT Atlas, its browser-based AI agent, introducing advanced defenses against prompt injection attacks. The update marks a significant step in protecting users from emerging adversarial threats targeting agentic AI systems. What Are Prompt Injection Attacks? Prompt injection attacks exploit AI agents by embedding malicious instructions into […]

The post OpenAI Hardened ChatGPT Atlas Against Prompt Injection Attacks appeared first on Cyber Security News.

Hackers have leaked a database containing over 2.3 million WIRED subscriber records, marking a major breach at Condé Nast, the parent company. The threat actor “Lovely” claims this is just the start, promising to release up to 40 million more records from brands like Vogue and The New Yorker.​ The data dump, posted on hacking […]

The post Hackers Claim Breach of WIRED Database Containing 2.3 million Subscriber Records appeared first on Cyber Security News.

A high-severity unauthenticated information-leak vulnerability in MongoDB Server, dubbed MongoBleed after the infamous Heartbleed bug, is now being actively exploited in real-world attacks. MongoDB has disclosed CVE-2025-14847, a critical flaw affecting multiple supported and legacy server versions that allows unauthenticated remote attackers to exfiltrate sensitive data and authentication credentials from vulnerable instances. MongoBleed stems from […]

The post MongoBleed (CVE-2025-14847) Now Exploited in the Wild: MongoDB Servers at Critical Risk appeared first on Cyber Security News.

The chaos surrounding Ubisoft escalated significantly today as the first group of hackers, previously known for silent exploits, initiated a highly visible and disruptive takeover of Rainbow Six Siege servers. Players worldwide are reporting a massive influx of in-game currency, unwarranted bans, and taunting messages broadcast directly through the game’s administrative feeds. Starting early this […]

The post Ubisoft Rainbow Six Siege Servers Breach linked to MongoBleed Vulnerability appeared first on Cyber Security News.

A high-severity vulnerability in MongoDB Server that allows unauthenticated remote attackers to siphon sensitive data from database memory. Dubbed “MongoBleed” due to its automated similarities to the infamous Heartbleed bug, the flaw tracks as CVE-2025-14847 and carries a CVSS score of 7.5. The vulnerability resides in the MongoDB Server’s zlib message decompression implementation. According to […]

The post 87,000+ MongoDB Instances Vulnerable to MongoBleed Flaw Exposed Online – PoC Exploit Released appeared first on Cyber Security News.

A proof-of-concept (PoC) exploit dubbed “mongobleed” for CVE-2025-14847, a critical unauthenticated memory leak vulnerability in MongoDB’s zlib decompression handling. Dubbed by its creator Joe Desimone as a way to bleed sensitive server memory, the flaw lets attackers remotely extract uninitialized data without credentials, potentially exposing internal logs, system stats, and more. The vulnerability stems from […]

The post Mongobleed PoC Exploit Tool Released for MongoDB Flaw that Exposes Sensitive Data appeared first on Cyber Security News.

Multiple critical vulnerabilities in TeamViewer DEX Client’s Content Distribution Service (NomadBranch.exe), formerly part of 1E Client. Affecting Windows versions before 25.11 and select older branches, the flaws stem from improper input validation (CWE-20), potentially enabling attackers on the local network to execute code, crash the service, or leak sensitive data. The most severe issue, CVE-2025-44016 […]

The post TeamViewer DEX Vulnerabilities Let Attackers Trigger DoS Attack and Expose Sensitive Data appeared first on Cyber Security News.

An information disclosure vulnerability in M-Files Server enables authenticated attackers to capture and reuse session tokens from active users. Potentially gaining unauthorized access to sensitive document management systems. The flaw, tracked as CVE-2025-13008, affects multiple versions across different release branches and carries a high-severity CVSS 4.0 base score of 8.6. The vulnerability exists within M-Files […]

The post M-Files Vulnerability Let Attacker Capture Session Tokens of Other Active Users appeared first on Cyber Security News.

Many Trust Wallet users saw their wallets drained of over $7 million after a security breach in the Chrome browser extension version 2.68.0, released on December 24, 2025. Blockchain investigator ZachXBT first flagged the incident on X, noting a surge in unauthorized outflows from affected addresses shortly after users interacted with the extension.​ Reports emerged […]

The post TrustWallet Chrome Extension Hacked – Users Reporting Millions in Losses appeared first on Cyber Security News.