Cyber Security News

A sophisticated new cyberattack chain dubbed “KongTuke” has been uncovered by cybersecurity researchers, targeting unsuspecting internet users through compromised legitimate websites. Detailed in a report by Bradley Duncan of Palo Alto Networks’ Unit 42 team, this attack leverages malicious scripts and fake CAPTCHA pages to hijack victims’ clipboards and potentially install unidentified malware. The findings […]

The post “Clipboard Hijacking” A Fake CAPTCHA Leverage Pastejacking Script Via Hacked Sites To Steal Clipboard Data appeared first on Cyber Security News.

A recently discovered set of vulnerabilities, dubbed “IngressNightmare,” found in Ingress NGINX Controller, exposing clusters to unauthenticated remote code execution (RCE). Kubernetes dominates container orchestration, but its prominence has made it a target for exploitation. In Kubernetes, Ingress serves as a sophisticated traffic management system, enabling external access to internal services. It comprises two core […]

The post “IngressNightmare” Critical RCE Vulnerabilities in Kubernetes NGINX Clusters Let Attackers Gain Full Control appeared first on Cyber Security News.

Google has made a big move to fight cyber threats by announcing Sec-Gemini v1, an experimental AI model designed to revolutionize cybersecurity. Elie Burzstein and Marianna Tishchenko from the Sec-Gemini team unveiled a new AI model designed to help cybersecurity defenders tackle the growing complexity of cyber threats using advanced AI. In a blog post, […]

The post Sec-Gemini v1 – Google Released a New AI Model for Cybersecurity appeared first on Cyber Security News.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-22457, a critical vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA Gateways, to its Known Exploited Vulnerabilities (KEV) Catalog. This stack-based buffer overflow, actively exploited since mid-March 2025, allows remote unauthenticated attackers to achieve remote code execution (RCE), threatening organizations using these VPN and […]

The post CISA Adds Actively Exploits Ivanti Connect Secure Vulnerability in Known Exploited Catalog appeared first on Cyber Security News.

Microsoft celebrated its 50th anniversary on April 4, 2025, reflecting on its journey since Bill Gates and Paul Allen founded the company in 1975. The milestone event, held at Microsoft’s Redmond, Washington headquarters, blended nostalgia with cutting-edge AI advancements, particularly through its Copilot platform, while highlighting the transformative role of technology in gaming, education, and […]

The post Microsoft Celebrates 50th Anniversary! appeared first on Cyber Security News.

Ivanti has disclosed a critical vulnerability, CVE-2025-22457, affecting its Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways products that are actively exploited in the wild. This stack-based buffer overflow flaw, with a CVSS score of 9.0, has been actively exploited since mid-March 2025, posing significant risks to organizations using these VPN and […]

The post Ivanti Connect Secure RCE Vulnerability Actively Exploited in the Wild – Apply Patch Now! appeared first on Cyber Security News.

Cybersecurity search engines are specialized tools designed to empower professionals in identifying vulnerabilities, tracking threats, and analyzing data effectively. These platforms offer a wealth of information that generic search engines cannot provide, making them indispensable for cybersecurity researchers and professionals. Tools like Shodan and Censys help discover exposed devices and services on the internet, while […]

The post 30 Best Cyber Security Search Engines In 2025 appeared first on Cyber Security News.

Endpoint management tools are critical for organizations to efficiently manage and secure devices such as desktops, laptops, mobile devices, and IoT systems. These tools provide centralized control, allowing IT teams to enforce security policies, deploy software updates, and monitor device health. They help streamline operations by automating tasks like patch management, software deployment, and compliance […]

The post Top 20 Best Endpoint Management Tools – 2025 appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated attack campaign where threat actors impersonate recruitment professionals to distribute dangerous malware payloads. On November 29, 2024, threat actors were found impersonating Dev.to, a popular developer community, to distribute malicious code hidden within project files shared through BitBucket links. The attack represents a growing trend where threat actors exploit […]

The post Beware of Weaponized Recruitment Emails that Deliver BeaverTail and Tropidoor Malware appeared first on Cyber Security News.

Password managers help to securely store and manage passwords, enhancing security and simplifying access across various platforms. Top password management solutions make password protection easy and effective for online security. These solutions securely store your passwords in a virtual safe online, making them easily accessible from any device. Additionally, these leading Best Password Managers can […]

The post Top 10 Best Password Managers in 2025 appeared first on Cyber Security News.

IT asset management (ITAM) software has become essential for businesses to efficiently track, manage, and optimize their hardware, software, and cloud resources. As we approach 2025, the landscape of ITAM tools continues to evolve, offering more advanced features and capabilities. These solutions help organizations reduce costs, enhance security, ensure compliance, and streamline IT operations. From […]

The post 10 Best IT Asset Management Tools In 2025 appeared first on Cyber Security News.

Researchers have detected an alarming surge in malicious scanning activity targeting Palo Alto Networks’ GlobalProtect VPN portals.  Over a 30-day period, nearly 24,000 unique IP addresses have attempted to access these critical security gateways, suggesting a coordinated effort to probe network defenses and identify vulnerable systems. The campaign began on March 17, 2025, with activity […]

The post Hackers Scanning From 24,000 IPs to Gain Access to Palo Alto Networks GlobalProtect Portals appeared first on Cyber Security News.

The cybersecurity landscape is witnessing a growing complexity in the attribution of Advanced Persistent Threat (APT) actors, particularly the North Korean-linked Lazarus group. Once considered a singular entity, Lazarus has evolved into a network of specialized subgroups with overlapping tactics, techniques, and procedures (TTPs), complicating efforts to classify and counter their activities. Initially, “Lazarus” referred […]

The post Lazarus Group is No Longer Consider a Single APT Group, But Collection of Many Sub Groups appeared first on Cyber Security News.

Canon has issued a critical security advisory regarding a severe vulnerability detected in several of its printer drivers that could allow attackers to execute arbitrary code on affected systems.  The flaw, identified as CVE-2025-1268, carries a high-severity CVSS base score of 9.4, indicating significant security implications for users of affected Canon products. Critical Out-of-Bounds Vulnerability […]

The post Cannon Printer Vulnerability Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.

Security researchers have published a detailed technical analysis of a critical remote code execution (RCE) vulnerability (CVE-2023-38408) in OpenSSH’s agent forwarding feature that was disclosed in July 2023. The Qualys Threat Research Unit discovered the vulnerability, which affected all OpenSSH versions prior to 9.3p2 and received a near-maximum CVE score of 9.8. SSH agent forwarding […]

The post Technical Analysis Published for OpenSSH’s Agent Forwarding RCE Vulnerability appeared first on Cyber Security News.

A critical vulnerability (CVE-2025-2825) in CrushFTP, a widely used enterprise file transfer solution, allows attackers to bypass authentication and gain unauthorized server access.  The vulnerability, which affects versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0, received a CVSS score of 9.8, categorizing it as critical due to its low complexity and severe potential impact. The […]

The post CrushFTP Vulnerability Exploited to Gain Full Server Access appeared first on Cyber Security News.

Dell Technologies has released a critical security update addressing multiple severe vulnerabilities in its Unity enterprise storage systems that could allow attackers to execute arbitrary commands as root, delete critical system files, and perform other malicious activities without authentication.  Security researchers identified sixteen distinct vulnerabilities affecting Dell Unity, Dell UnityVSA, and Dell Unity XT running […]

The post Multiple Dell Unity Vulnerabilities Let Attackers Compromise Affected System appeared first on Cyber Security News.

Three critical bypasses in Ubuntu Linux’s unprivileged user namespace restrictions allow local attackers to escalate privileges and exploit kernel vulnerabilities.  These bypasses affect Ubuntu 23.10 and 24.04 LTS systems, where AppArmor-based protections were introduced to limit namespace misuse.  While not granting full system control independently, they become potent when combined with kernel flaws requiring administrative […]

The post New Ubuntu Security Bypasses Allow Attackers to Exploit Kernel Vulnerabilities appeared first on Cyber Security News.

A critical unauthenticated remote code execution vulnerability (CVE-2024-13804) has been discovered in HPE Insight Cluster Management Utility (CMU) v8.2, enabling attackers to bypass authentication mechanisms and execute commands with root privileges on the backend server. This high-severity vulnerability affects a tool designed for managing high-performance computing clusters, potentially giving attackers complete control over entire computing […]

The post Hewlett Packard RCE Vulnerability Allows Attackers to Bypass Authentication and Execute Remote Commands appeared first on Cyber Security News.

The cybersecurity landscape has been disrupted by Earth Alux, a China-linked advanced persistent threat (APT) group actively conducting espionage operations since the second quarter of 2023. Initially targeting the Asia-Pacific region, the group expanded its operations to Latin America by mid-2024, primarily focusing on government, technology, logistics, manufacturing, telecommunications, IT services, and retail sectors in […]

The post Earth Alux Hackers Employ VARGIET Malware to Attack Organizations appeared first on Cyber Security News.