Cyber Security News

A new proof-of-concept (PoC) tool named Obex has been released, offering a method to prevent Endpoint Detection and Response (EDR) and other monitoring solutions’ dynamic-link libraries (DLLs) from loading into processes. The tool, created by a researcher known as “dis0rder0x00,” is designed to block specified DLLs both during the initial startup of a process and […]

The post New Obex Tool Blocks EDR Dynamic Libraries From Loading at Runtime appeared first on Cyber Security News.

A proof-of-concept (PoC) exploit has been released for a critical vulnerability chain in VMware Workstation that allows an attacker to escape from a guest virtual machine and execute arbitrary code on the host operating system. The exploit successfully chains together an information leak and a stack-based buffer overflow vulnerability to achieve a full guest-to-host escape, […]

The post PoC exploit Released for VMware Workstation guest-to-host escape Vulnerability appeared first on Cyber Security News.

An extortion group known as the Crimson Collective claims to have breached Red Hat’s private GitHub repositories, making off with nearly 570GB of compressed data from 28,000 internal repositories. This data theft is being regarded as one of the most significant breaches in technology history, involving the unauthorized extraction of source code and sensitive confidential […]

The post Red Hat Data Breach – Threat Actors Claim Breach of 28K Private GitHub Repositories appeared first on Cyber Security News.

Google has released Chrome 141 to address 21 security vulnerabilities, including critical flaws that could allow attackers to crash browsers and potentially execute malicious code. The update, rolling out across Windows, Mac, and Linux platforms, patches several high-severity vulnerabilities that pose significant risks to user security. The most severe vulnerability addressed is CVE-2025-11205, a heap […]

The post Chrome Security Update Patches 21 Vulnerabilities that Allow Attackers to Execute Arbitrary Code appeared first on Cyber Security News.

Microsoft has confirmed it is investigating a significant bug in the classic Outlook for Windows desktop client that causes the application to fail upon launch. The issue, which appears to be linked to Microsoft Exchange logon attempts, prevents users from accessing their mailboxes and displays a critical error message, disrupting daily workflows for affected individuals […]

The post Microsoft Outlook for Windows Bug Leads to Crash While Opening Email appeared first on Cyber Security News.

Splunk has released patches for multiple vulnerabilities in its Enterprise and Cloud Platform products, some of which could allow attackers to execute unauthorized JavaScript code, access sensitive information, or cause a denial-of-service (DoS) condition. The advisories, published on October 1, 2025, detail six security flaws, with severity ratings ranging from Medium to High. The most […]

The post Multiple Splunk Enterprise Vulnerabilities Let Attackers Execute Unauthorized JavaScript code appeared first on Cyber Security News.

Ukrainian security agencies have issued an urgent warning regarding a sophisticated malware campaign targeting government and critical infrastructure sectors through weaponized XLL files distributed via compressed archives. The malicious campaign leverages Microsoft Excel add-in files containing the CABINETRAT backdoor, representing a significant evolution in targeted cyber operations against Ukrainian entities. The attack methodology involves distributing […]

The post Ukraine Warns of Weaponized XLL Files Delivers CABINETRAT Malware Via Zip Files appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated Android malware campaign targeting seniors through fraudulent travel and social activity promotions on Facebook. The newly identified Datzbro malware represents a dangerous evolution in mobile threats, combining advanced spyware capabilities with remote access tools designed to facilitate financial fraud. This campaign, first detected in August 2025, has expanded beyond […]

The post Threat Actors Leveraging Senior Travel Scams to Deliver Datzbro Malware appeared first on Cyber Security News.

A sophisticated malicious package has infiltrated the Python Package Index (PyPI), masquerading as a legitimate SOCKS5 proxy tool while harboring backdoor capabilities that target Windows systems. The SoopSocks package, tracked as XRAY-725599, presents itself as a benign networking utility that creates SOCKS5 proxy services and reports server information to configurable Discord webhooks. However, beneath this […]

The post Malicious PyPI Package Mimics as SOCKS5 Proxy Tool Attacking Windows Platforms appeared first on Cyber Security News.

Google has introduced a new AI-powered ransomware detection feature for Google Drive for desktop, designed to block cyberattacks and protect user files automatically. This enhancement adds a significant layer of security for users of Windows and macOS, addressing the persistent and costly threat of ransomware. Ransomware continues to be a major cybersecurity challenge for organizations […]

The post New Google Drive Desktop Feature adds AI-powered Ransomware Detection to Prevent Cyberattacks appeared first on Cyber Security News.

The cybersecurity landscape witnessed the emergence of a sophisticated rootkit variation, FlipSwitch, targeting modern Linux kernels. First surfacing in late September 2025, FlipSwitch exploits recent changes in syscall dispatching to implant stealthy hooks directly into kernel code. Early indicators suggest attackers leverage this novel approach to evade traditional detection, compromising critical infrastructure and cloud environments. […]

The post New FlipSwitch Hooking Technique Bypasses Linux Kernel Defenses appeared first on Cyber Security News.

A sophisticated DNS-based malware campaign has emerged, utilizing thousands of compromised websites worldwide to deliver the Strela Stealer information-stealing malware through an unprecedented technique involving DNS TXT records. The threat, tracked as Detour Dog by security researchers, represents a significant evolution in malware distribution methods that leverages the Domain Name System as both a command-and-control […]

The post New DNS Malware Detour Dog Delivers Strela Stealer Using DNS TXT Records appeared first on Cyber Security News.

In recent weeks, security analysts have observed a new wave of macOS attacks leveraging legitimately issued Extended Validation (EV) certificates to sign malicious disk images (DMGs). This technique allows malware authors to evade detection by VirusTotal and built-in macOS security checks. The campaign first surfaced when multiple samples appeared on threat intelligence feeds, each bearing […]

The post Hackers Abuse EV Certificates to Sign Completely Undetectable DMG Malware appeared first on Cyber Security News.

Allianz Life Insurance Company of North America has reported a significant data security incident that has exposed the sensitive personal information of an estimated 1.5 million customers, financial professionals, and employees. The breach involved unauthorized access to a cloud-based system, compromising highly sensitive data, including Social Security numbers. The incident occurred on July 16, 2025, […]

The post Allianz Life Data Breach Exposes Personal Records of 1.5 Million Users appeared first on Cyber Security News.

A new ransomware strain, dubbed FunkLocker, is leveraging artificial intelligence to expedite its development, while relying on the abuse of legitimate Windows utilities to disable security defenses and disrupt systems. The ransomware, attributed to a group known as FunkSec, highlights a growing trend of threat actors using AI to piece together malware with varying degrees […]

The post AI-Powered FunkLocker Ransomware Leverages Windows utilities to Disable Defenses appeared first on Cyber Security News.

Google has published a comprehensive guide aimed at fortifying organizational defenses against UNC6040, a sophisticated threat actor known for targeting cloud environments and enterprise networks. Emerging in late 2024, UNC6040 quickly garnered attention for its highly coordinated campaigns, which leverage advanced payload delivery methods and custom malware loaders. Initial investigations linked the group’s activity to […]

The post Google Releases Guide to Harden Security Strategy and Detection Capabilities Against UNC6040 appeared first on Cyber Security News.

Cisco’s Simple Network Management Protocol (SNMP) implementations in IOS and IOS XE have come under intense scrutiny following reports of active exploitation in the wild. First disclosed in August 2025, CVE-2025-20352 describes a critical buffer overflow in the SNMP engine that allows unauthenticated remote attackers to execute arbitrary code. The vulnerability arises when an oversized […]

The post CISA Warns of Cisco IOS and IOS XE SNMP Vulnerabilities Exploited in Attacks appeared first on Cyber Security News.

In recent weeks, a novel malware campaign dubbed MatrixPDF has surfaced, targeting Gmail users with carefully crafted emails that slip past conventional spam and phishing filters. This campaign has been active since mid-September 2025 and leverages PDF attachments that, when opened, initiate a stealthy infection chain designed to exfiltrate sensitive information and deliver additional payloads. […]

The post MatrixPDF Attacks Gmail Users Bypassing Email Filters and Fetch Malicious Payload appeared first on Cyber Security News.

WestJet announced a cybersecurity incident in which a sophisticated third-party actor gained unauthorized access to internal systems, exposing personal information of some customers.  The breach, discovered on June 13, 2025, has since been contained and remediated, but not before sensitive data elements were exfiltrated. WestJet Passenger Data Exposed WestJet’s security team first detected anomalous activity […]

The post WestJet Confirms Data Breach – Customers Personal Information Exposed appeared first on Cyber Security News.

Since mid-2025, cybersecurity researchers have tracked a resurgence of Patchwork Advanced Persistent Threat (APT) campaigns targeting government and telecommunications sectors across Asia and Eastern Europe. Initially leveraging spear-phishing emails containing malicious Office document attachments, this latest wave of activity has evolved into a multi-stage infection chain employing sophisticated persistence and payload retrieval tactics. The initial […]

The post Patchwork APT Using PowerShell Commands to Create Scheduled Task and Downloads Final Payload appeared first on Cyber Security News.