Cyber Security News

A new, surprisingly simple method called Context Compliance Attack (CCA) has proven effective at bypassing safety guardrails in most leading AI systems. Unlike complex prompt engineering techniques that attempt to confuse AI systems with intricate word combinations, CCA exploits a fundamental architectural weakness present in many deployed models. The method works by manipulating conversation history […]

The post New Context Compliance Attack Jailbreaks Most of The Major AI Models appeared first on Cyber Security News.

A Russian-speaking actor using the Telegram handle @ExploitWhispers leaked internal chat logs of Black Basta Ransomware-as-a-Service (RaaS) members on February 11, 2025. These communications, spanning from September 2023 to September 2024, have provided security researchers with unprecedented insight into the group’s operational tactics and infrastructure used to target organizations across multiple sectors. Black Basta, which […]

The post Black Basta Ransomware Attack Edge Network Devices With Automated Brute Force Attacks appeared first on Cyber Security News.

A hacker operating under the pseudonym “Empire” has allegedly listed a database containing 3,176,958 records from Honda Cars India Ltd for sale on a notorious cybercrime forum. The leaked data reportedly includes sensitive customer information such as names, aliases, addresses, customer IDs, and contact details like mobile numbers and email addresses. The breach is claimed […]

The post Hackers Allegedly Selling 3.17 Million Records of Honda Cars India Customers appeared first on Cyber Security News.

Cisco has issued security advisories for multiple vulnerabilities affecting its IOS XR Software, with particular emphasis on a significant memory corruption vulnerability in the Border Gateway Protocol (BGP) confederation implementation.  The vulnerability tracked as CVE-2025-20115, with a CVSS score of 8.6, could allow unauthenticated, remote attackers to cause denial-of-service conditions on affected network infrastructure. The […]

The post Cisco Warns of IOS XR Software Vulnerability That Let Attackers Trigger DoS condition appeared first on Cyber Security News.

Two critical authentication bypass vulnerabilities have been discovered in the ruby-saml library, potentially exposing numerous web applications to account takeover attacks.  Security researchers from GitHub Security Lab have identified parser differential vulnerabilities (CVE-2025-25291 and CVE-2025-25292) affecting ruby-saml versions up to 1.17.0, which could allow attackers to impersonate any user within affected systems. GitHub reports that […]

The post Critical ruby-saml Vulnerabilities Let Attackers Bypass Authentication appeared first on Cyber Security News.

Researchers have identified a series of sophisticated attacks by the notorious Lazarus group targeting South Korean web servers.  The threat actors have been breaching IIS servers to deploy ASP-based web shells, which are subsequently used as first-stage Command and Control (C2) servers that proxy communications to second-stage C2 infrastructure.  These attacks, identified in January 2025, […]

The post Lazarus Hackers Exploiting IIS Servers to Deploy ASP-based Web Shells appeared first on Cyber Security News.

Microsoft Threat Intelligence has identified an ongoing phishing campaign impersonating Booking.com to deliver credential-stealing malware. The campaign, which began in December 2024, targets hospitality organizations in North America, Oceania, Asia, and Europe. This sophisticated attack specifically aims at individuals in these organizations who are most likely to work with the popular travel platform. The attackers […]

The post Microsoft Warns of Cyber Attack Mimic Booking .com To Deliver Password Stealing Malware appeared first on Cyber Security News.

Rostislav Panev, a 51-year-old dual Russian and Israeli national, has been extradited to the United States on charges related to his alleged role as a developer for the notorious LockBit ransomware group.  The extradition, which took place on March 13, 2025, follows Panev’s arrest in Israel in August pursuant to a U.S. provisional arrest request.  […]

The post United States Charges Developer of LockBit Ransomware Group appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has recently issued multiple Industrial Control Systems (ICS) advisories highlighting significant security vulnerabilities across various critical infrastructure sectors.  These advisories reveal several high-severity and critical vulnerabilities that demand immediate attention from organizations operating industrial control systems.  This report analyzes the most critical vulnerabilities identified in recent ICS advisories, […]

The post CISA Releases Thirteen Industrial Control Systems Focusing Vulnerabilities & Exploits appeared first on Cyber Security News.

Two sophisticated phishing campaigns were observed targeting Microsoft 365 users by exploiting OAuth redirection vulnerabilities combined with brand impersonation techniques.  Threat researchers are warning organizations about these highly targeted attacks designed to bypass traditional security controls and achieve account takeover (ATO). The malicious campaigns leverage familiar brands including Adobe and DocuSign to trick users into […]

The post Microsoft365 Themed Attack Leveraging OAuth Redirection for Account Takeover  appeared first on Cyber Security News.

Security researchers have uncovered a sophisticated malware campaign targeting users of the Python Package Index (PyPI), Python’s official third-party software repository.  This latest attack vector involves several malicious packages disguised as time-related utilities, which are actually designed to steal sensitive information including cloud access tokens, API keys, and other credentials. According to Reversing Labs post […]

The post New Campaign Attacking PyPI Users to Steal Sensitive Data Including Cloud Tokens appeared first on Cyber Security News.

A cybersecurity researcher has successfully broken the encryption used by the Linux/ESXI variant of the Akira ransomware, enabling data recovery without paying the ransom demand.  The breakthrough exploits a critical weakness in the ransomware’s encryption methodology. According to the researcher, the malware uses the current time in nanoseconds as a seed for its encryption process, […]

The post Decrypting Linux/ESXi Akira Ransomware Files Without Paying Ransomware appeared first on Cyber Security News.

Between late January and early March 2025, cybersecurity researchers at Forescout’s Vedere Labs uncovered a series of sophisticated intrusions leveraging critical Fortinet vulnerabilities. The attacks, attributed to a newly identified threat actor tracked as “Mora_001,” culminated in the deployment of a custom ransomware strain dubbed “SuperBlack.” Mora_001 has demonstrated a systematic approach to compromising networks, […]

The post SuperBlack Actors Exploiting Two Fortinet Vulnerabilities to Deploy Ransomware appeared first on Cyber Security News.

Cyber attack simulation tools help organizations identify vulnerabilities, test security defenses, and improve their cybersecurity posture by simulating real-world attacks. These tools range from breach and attack simulation (BAS) platforms to adversary emulation frameworks. Here are some of the top cyber attack simulation tools: Cyberattack is not at all a distant threat. Any organization can […]

The post Top 10 Best Cyber Attack Simulation Tools – 2025 appeared first on Cyber Security News.

QR code Phishing, or “Quishing,” is a cyber threat that exploits the widespread use of QR (Quick Response) codes in phishing attacks.  Quishing takes advantage of the recent high-use volume and increasing popularity of QR codes. These codes, which can be easily scanned using smartphones, are commonly seen as innocent and have become a widely […]

The post What is QR Code Phishing? (Quishing) – Attack & Prevention Guide in 2025 appeared first on Cyber Security News.

CISA has issued a warning regarding a newly discovered vulnerability affecting Juniper Networks’ Junos OS. The vulnerability, identified as CVE-2025-21590, involves an improper isolation or compartmentalization issue within the operating system’s kernel. This flaw could allow a local attacker with high-level privileges to inject arbitrary code, potentially compromising the integrity of affected devices. The vulnerability […]

The post CISA Warns of Juniper Junos OS Improper Isolation Vulnerability Exploited in Wild appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has warned about an actively exploited zero-day vulnerability in Apple’s WebKit browser engine, tracked as CVE-2025-24201. This vulnerability, an out-of-bounds write issue, could allow attackers to execute unauthorized code on vulnerable devices. The vulnerability lies within WebKit, a cross-platform web browser engine used by Safari and other applications […]

The post CISA Warns of Apple WebKit Out-of-Bounds Write Vulnerability Exploited in Wild appeared first on Cyber Security News.

A significant data breach involving sensitive healthcare worker information has been discovered, exposing over 86,000 records belonging to ESHYFT, a New Jersey-based HealthTech company.  Cybersecurity researcher Jeremiah Fowler identified an unprotected AWS S3 storage bucket containing approximately 108.8 GB of data that lacked password protection or encryption, leaving private healthcare worker information publicly accessible.  The […]

The post 86,000+ Healthcare Staff Records Exposed from Misconfigured AWS S3 Bucket appeared first on Cyber Security News.

As organizations increasingly integrate Microsoft Copilot into their daily workflows, cybercriminals have developed sophisticated phishing campaigns specifically targeting users of this AI-powered assistant.  Microsoft Copilot, which launched in 2023, has rapidly become an essential productivity tool for many organizations, integrating deeply with Microsoft 365 apps to provide AI-powered assistance.  However, this widespread adoption has created […]

The post Hackers Abuse Microsoft Copilot for Sophisticated Phishing Attack appeared first on Cyber Security News.

Siemens has disclosed a critical security vulnerability affecting specific SINAMICS S200 drive systems that could allow attackers to compromise devices by exploiting an unlocked bootloader.  The vulnerability, tracked as CVE-2024-56336 and has received the highest severity ratings with a CVSS v3.1 score of 9.8 and CVSS v4.0 score of 9.5. The security advisory SSA-787280 identifies […]

The post Siemens SINAMICS S200 Bootloader Vulnerability Let Attackers Compromise the Device appeared first on Cyber Security News.