Latest Cyber Security News
General Cyber Security News
The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that's targeting diplomatic entities across Europe with a new variant of WINELOADER and a …
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting LuresRead More
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The …
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux SystemsRead More
ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to perform unauthorized execution of functions on susceptible devices. The …
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update FirmwareRead More
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The …
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 StatesRead More
A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. "Attackers increasingly rely on such complex delivery mechanisms to evade …
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoaderRead More
Your employees didn't mean to expose sensitive data. They just wanted to move faster. So they used ChatGPT to summarize a deal. Uploaded a spreadsheet to an AI-enhanced tool. Integrated a chatbot into …
Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service (DDoS) malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and February …
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, …
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File DownloadRead More
The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued …
Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL UpdatesRead More
Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month …
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware CampaignsRead More
Talking about AI: Definitions Artificial Intelligence (AI) — AI refers to the simulation of human intelligence in machines, enabling them to perform tasks that typically require human intelligence, …
Blockchain is best known for its use in cryptocurrencies like Bitcoin, but it also holds significant applications for online authentication. As businesses in varying sectors increasingly embrace …
Blockchain Offers Security Benefits – But Don’t Neglect Your PasswordsRead More
A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under …
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code ExecutionRead More
Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. The activity, first …
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView InstallersRead More
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited …
CISA Flags Actively Exploited Vulnerability in SonicWall SMA DevicesRead More
Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild. The …
Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted AttacksRead More
Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to achieve privilege …
Experts Uncover Four New Privilege Escalation Flaws in Windows Task SchedulerRead More
Google on Wednesday revealed that it suspended over 39.2 million advertiser accounts in 2024, with a majority of them identified and blocked by its systems before it could serve harmful ads to …
Google Blocked 5.1B Harmful Ads and Suspended 39.2M Advertiser Accounts in 2024Read More
Threat actors are leveraging an artificial intelligence (AI) powered presentation platform named Gamma in phishing attacks to direct unsuspecting users to spoofed Microsoft login pages. "Attackers …
Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint LoginsRead More
Introduction Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, cloud-based …
From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply ChainsRead More
![[webinar] ai is already inside your saas stack — learn](https://thecybersecurity.news/data/2025/04/Webinar-AI-Is-Already-Inside-Your-SaaS-Stack-—-Learn-150x150.jpg)
