Cyber Security News

A sophisticated North Korean cryptocurrency theft campaign has resurfaced with renewed vigor, weaponizing twelve malicious NPM packages to target developers and steal digital assets. The campaign, which represents a significant escalation in supply chain attacks, exploits the trust developers place in open-source package repositories to distribute advanced malware capable of cross-platform data exfiltration. The attack […]

The post North Korean Hackers Weaponizing NPM Packages to Steal Cryptocurrency and Sensitive Data appeared first on Cyber Security News.

Cisco has confirmed it was the target of a cyberattack where a malicious actor successfully stole the basic profile information of an undisclosed number of users registered on Cisco.com. The technology giant revealed that the breach occurred after an employee was deceived by a sophisticated voice phishing, or “vishing,” attack. The incident, which Cisco became […]

The post Cisco Hacked – Attackers Stole Profile Details of Users Registered on Cisco.com appeared first on Cyber Security News.

North Korean state-sponsored cyber-espionage group Kimsuky has unveiled a sophisticated new campaign targeting South Korean entities through malicious Windows shortcut (LNK) files, demonstrating the group’s continued evolution in stealth and precision. The campaign combines tailored social engineering with advanced malware frameworks designed to systematically infiltrate government agencies, defense contractors, and research organizations while evading traditional […]

The post Kimsuky APT Hackers Weaponizing LNK Files to Deploy Reflective Malware Bypassing Windows Defender appeared first on Cyber Security News.

SonicWall has issued an urgent security advisory following a significant increase in cyber incidents targeting its Gen 7 SonicWall firewalls over the past 72 hours. The company is actively investigating a wave of attacks that appear to be focused on devices where the Secure Sockets Layer Virtual Private Network (SSLVPN) feature is enabled. In a […]

The post SonicWall Warns of Escalating Cyberattacks Targeting Gen 7 Firewalls in Last 72 Hours appeared first on Cyber Security News.

A sophisticated attack method where hackers are exploiting a deserialization vulnerability in SharePoint to steal Internet Information Services (IIS) Machine Keys. This enables attackers to bypass security measures, forge trusted data, and ultimately achieve persistent Remote Code Execution (RCE) on compromised servers. According to SANS researcher Bojan Zdrnja, the attack begins with the exploitation of […]

The post Hackers Can Steal IIS Machine Keys by Exploiting SharePoint Deserialization Vulnerability appeared first on Cyber Security News.

North Korean-linked Famous Chollima APT group has emerged as a sophisticated threat actor, orchestrating targeted campaigns against job seekers and organizations through deceptive recruitment processes. Active since December 2022, this advanced persistent threat has developed an intricate multi-stage attack methodology that exploits the trust inherent in professional networking and job-seeking activities. The group’s operations represent […]

The post Famous Chollima APT Hackers Attacking Job Seekers and Organization to Deploy JavaScript Based Malware appeared first on Cyber Security News.

French luxury fashion house Chanel has become the latest victim in a sophisticated cybercrime campaign targeting major corporations through their Salesforce customer relationship management systems. The company confirmed on July 25, 2025, that unauthorized threat actors had breached a database containing personal information of U.S. customers who contacted their client care center. The breach exposed […]

The post Fashion Giant Chanel Hacked in Wave of Salesforce Attacks appeared first on Cyber Security News.

Google released its August 2025 Android Security Bulletin on August 4, revealing a critical vulnerability that poses significant risks to Android device users worldwide.  The most severe flaw, designated CVE-2025-48530, affects the core System component and could enable remote code execution without requiring any user interaction, making it particularly dangerous for millions of Android devices […]

The post Critical Android System Component Vulnerability Allows Remote Code Execution Without User Interaction appeared first on Cyber Security News.

A sophisticated new Android malware campaign has emerged targeting Indian banking customers through convincing impersonations of popular financial applications. The malicious software masquerades as legitimate apps from major Indian financial institutions, including SBI Card, Axis Bank, Indusind Bank, ICICI, and Kotak, deceiving users into downloading fake applications that steal sensitive financial information. The malware operates […]

The post New Android Malware Mimics as SBI Card, Axis Bank Apps to Steal Users Financial Data appeared first on Cyber Security News.

A critical vulnerability chain in NVIDIA’s Triton Inference Server that allows unauthenticated attackers to achieve complete remote code execution (RCE) and gain full control over AI servers.  The vulnerability chain, identified as CVE-2025-23319, CVE-2025-23320, and CVE-2025-23334, exploits the server’s Python backend through a sophisticated three-step attack process involving shared memory manipulation. Key Takeaways1. CVE-2025-23319 chain […]

The post NVIDIA Triton Vulnerability Chain Let Attackers Take Over AI Server Control appeared first on Cyber Security News.

The sudden emergence of the Royal ransomware in early 2023 marked a significant escalation in cyber threats targeting service providers across Europe. Exploiting unpatched VPN and remote-desktop gateways, attackers initiated brute-force and credential-stuffing campaigns to breach perimeter defenses. Once inside, the malware deployed a custom encryption engine that leveraged AES-256 for file encryption and RSA-4096 […]

The post Ransomware Attack on Phone Repair and Insurance Company Cause Millions in Damage appeared first on Cyber Security News.

Two high-severity vulnerabilities in Anthropic’s Claude Code could allow attackers to escape restrictions and execute unauthorized commands. Most remarkably, Claude itself unwittingly assisted in developing the exploits used against its own security mechanisms. The vulnerabilities uncovered by Elad Beber from Cymulate, CVE-2025-54794 and CVE-2025-54795, demonstrate how AI systems’ analytical capabilities can be turned against their […]

The post Claude Vulnerabilities Let Attackers Execute Unauthorized Commands With its Own Help appeared first on Cyber Security News.

The cybersecurity landscape has witnessed an unprecedented evolution as threat actors increasingly weaponize artificial intelligence to amplify their attack capabilities and target the very AI systems organizations depend upon. According to the CrowdStrike 2025 Threat Hunting Report, adversaries are no longer merely using AI as an auxiliary tool but have integrated generative AI technologies into […]

The post Threat Actors Using AI to Scale Operations, Accelerate Attacks and Attack Autonomous AI Agents appeared first on Cyber Security News.

A sophisticated new cybercriminal campaign has emerged, leveraging a Python-based information stealer known as PXA Stealer to orchestrate one of the most extensive data theft operations observed in recent months. The malware, which first surfaced in late 2024, has evolved into a highly evasive multi-stage operation that has successfully compromised over 4,000 unique victims across […]

The post New Python-Based PXA Stealer Via Telegram Stolen 200,000 Unique Passwords and Hundreds of Credit Cards appeared first on Cyber Security News.

A likely zero-day vulnerability in SonicWall’s Secure Mobile Access (SMA) VPNs and firewall appliances is being actively exploited in the wild, enabling attackers to bypass multi-factor authentication (MFA) and deploy ransomware within hours of the initial breach. Security firms, including Huntress, Arctic Wolf, and Sophos, have reported a recent surge in high-severity incidents targeting these […]

The post SonicWall VPNs Actively Exploited for 0-Day Vulnerability to Bypass MFA and Deploy Ransomware appeared first on Cyber Security News.

A sophisticated new attack method that exploits AI models’ tendency to comply with legal-sounding text, successfully bypassing safety measures in popular development tools. A study by Pangea AI Security has revealed a novel prompt injection technique dubbed “LegalPwn” that weaponizes legal disclaimers, copyright notices, and terms of service to manipulate large language models (LLMs) into […]

The post New LegalPwn Attack Exploits Gemini, ChatGPT and other AI Tools into Executing Malicious Code via Disclaimers appeared first on Cyber Security News.

Mozilla has issued an urgent security alert to its developer community following the detection of a sophisticated phishing campaign specifically targeting AMO (addons.mozilla.org) accounts. The company’s security team, led by Scott DeVaney, reported on August 1, 2025, that cybercriminals are actively attempting to compromise developer credentials through deceptive emails claiming account updates are required to […]

The post Mozilla Warns of Phishing Attacks Targeting Add-on Developers Account appeared first on Cyber Security News.

A critical security vulnerability affecting multiple FUJIFILM printer models could allow attackers to trigger denial-of-service (DoS) conditions through malicious network packets.  The vulnerability, tracked as CVE-2025-48499, was announced on August 4, 2025, and affects various DocuPrint and Apoes printer series. Key Takeaways1. CVE-2025-48499 allows attackers to crash FUJIFILM DocuPrint and Apeos printers.2. Printers freeze and […]

The post FUJIFILM Printers Vulnerability Let Attackers Trigger DoS Condition appeared first on Cyber Security News.

Researchers exploited CVE-2025-38001—a previously unknown Use-After-Free (UAF) vulnerability in the Linux HFSC queuing discipline—to compromise all Google kernelCTF instances (LTS, COS, and mitigation) as well as fully patched Debian 12 systems.  Their work netted an estimated $82,000 in cumulative bounties and underscores the continuing importance of in-depth code auditing beyond automated fuzzing. Key Takeaways1. NETEM’s […]

The post Researchers Exploited Google kernelCTF Instances And Debian 12 With A 0-Day appeared first on Cyber Security News.

Since mid-2022, Chinese military-industrial networks have reportedly been the target of highly sophisticated cyber intrusions attributed to US intelligence agencies. These campaigns exploited previously unknown vulnerabilities to install stealthy malware, maintain prolonged access, and exfiltrate sensitive defense data. Initially identified following an NSA breach at Northwestern Polytechnical University, the latest incidents uncovered by CNCERT illustrate […]

The post CNCERT Accuses of US Intelligence Agencies Attacking Chinese Military-Industrial Units appeared first on Cyber Security News.