To counter this trend, Volexity has introduced GoResolver, an innovative open-source tool designed to simplify the reverse engineering of obfuscated Golang binaries.| Cyber Security News
Cybersecurity experts have identified a concerning trend in the misuse of the open-source Pyramid pentesting tool.| Cyber Security News
A high-severity DoS vulnerability, tracked as CVE-2024-3393, has been discovered in the DNS Security feature of Palo Alto Networks PAN-OS.| Cyber Security News
As AI-driven security solutions proliferate, this transparent benchmark provides critical insight into accuracy, speed, and actionable intelligence generation.| Cyber Security News
A critical weakness in Cisco’s IOS and IOS XE platforms allows an unauthenticated adversary to bypass TACACS+ authentication, potentially granting full administrative control of affected routers and switches. Tracked as CVE-2025-20160 and carrying a CVSS 3.1 score of 8.1, the flaw stems from improper validation of the TACACS+ shared secret configuration. Cisco has not observed […]| Cyber Security News
A malicious Model Context Protocol (MCP) server has been discovered exfiltrating thousands of emails daily through AI assistant integrations, marking the first documented case of a supply chain attack targeting the emerging MCP ecosystem. The compromised package, postmark-mcp, has been downloaded approximately 1,500 times weekly and has been quietly stealing sensitive email communications since version […] The post Malicious MCP Server Discovered Stealing Sensitive Email Data Through AI Age...| Cyber Security News
In Apache Airflow’s milestone 3.0 release, the development team introduced a “write-only” model that restricts sensitive Connection fields, such as passwords, tokens, and private keys, to users with Connection Editing privileges. Unfortunately, in version 3.0.3, this access control model was inadvertently bypassed, allowing any user with READ permissions to retrieve confidential data via both the […] The post Apache Airflow Bug Leaks Sensitive Details to Users with Read-Only Access ap...| Cyber Security News
A comprehensive white paper presented at Virus Bulletin 2025 reveals the intricate operations of DeceptiveDevelopment, a North Korea-aligned threat actor that collaborates with fraudulent IT workers to compromise organizations worldwide. The campaign represents a hybrid threat combining cybercrime with employment fraud, targeting software developers through elaborate social engineering schemes. Deceptive development operators pose as recruiters […] The post North Korean IT Operatives Collab...| Cyber Security News
In September 2025, Zscaler ThreatLabz uncovered a sophisticated multi-stage ClickFix campaign targeting members of Russian civil society. Attributed with moderate confidence to the Russia-linked APT group COLDRIVER, also known as Star Blizzard, Callisto, and UNC4057, this operation blends social engineering with lightweight malware to achieve document theft and persistent access. COLDRIVER’s ClickFix infection chain begins […] The post ClickFix Multi Stage Campaign Delivering a PowerShell...| Cyber Security News
A sophisticated botnet campaign exploiting exposed command-and-control (C2) logs has surged by 230% between July and August 2025, compromising thousands of SOHO routers, embedded Linux devices, and enterprise web servers. CloudSEK’s TRIAD threat hunters uncovered six months of panel logs revealing a Loader-as-a-Service model that automates authentication probes, command injection, and payload delivery across diverse […] The post New Loader as a Service Botnet Targets Routers and IoT Devic...| Cyber Security News
Cybersecurity firm Resecurity has uncovered extensive evidence of collaboration and operational convergence among three of the most notorious English-speaking cybercrime groups: LAPSUS$, Scattered Spider, and ShinyHunters. The research reveals these groups now function as part of a “loosely connected and highly adaptive cybercrime ecosystem” that has targeted Fortune 100 corporations and government agencies throughout 2023-2025. […] The post Researchers Reveal Links Among LAPSUS$, Scatt...| Cyber Security News
In early 2025, LummaStealer emerged as a prolific information stealer targeting industries ranging from telecom and healthcare to banking and marketing. A coordinated law enforcement operation in May briefly disrupted its activities; however, recent months have seen novel LummaStealer variants resurface. Netskope Threat Labs’ analysis of sample hash 87118baadfa7075d7b9d2aff75d8e730 reveals advanced obfuscation, sophisticated evasion, and robust persistence […] The post Uncovering LummaS...| Cyber Security News
A sophisticated new malware family dubbed LAMEHUG has emerged as the first known threat to weaponize artificial intelligence for dynamic attack execution, marking a significant evolution in cybercriminal tactics. First identified by CERT-UA in July 2025, this Python-based malware leverages large language models hosted on Hugging Face to generate real-time Windows commands for reconnaissance and data exfiltration. […] The post Dynamic Command Generation by LLM Based LAMEHUG Malware for Rec...| Cyber Security News
Active Directory (AD) holds the digital keys to an organization’s network. Threat actors targeting the NTDS.dit file, which contains hashed credentials and critical domain data, can achieve full domain compromise if they succeed. This article walks through a real-world scenario where attackers dumped and exfiltrated NTDS.dit, bypassing common defenses, and highlights how Trellix Network Detection […] The post Active Directory Compromise – NTDS.dit Exfiltration Enables Complete Credentia...| Cyber Security News
Today, the National Cyber Security Centre (NCSC) – part of GCHQ – issued further advice to help network defenders mitigate| Cyber Security News
A recent presentation at Botconf 2025 in Angers shed light on the ongoing threat posed by RapperBot, a sophisticated botnet.| Cyber Security News
The patches were made available on July 15, 2025, targeting critical security flaws that could potentially compromise Windows systems and enable denial-of-service attacks.| Cyber Security News
A critical security flaw in the NVIDIA Container Toolkit (NCT) the foundational software powering many cloud-based AI and GPU services.| Cyber Security News
According to the Dmpdump report, the campaign first emerged on VirusTotal on August 28, 2025, when a file uploaded from Malaysia triggered alarms.| Cyber Security News
The vulnerability arises from how Axios decodes data: URLs, allowing an attacker to trigger unbounded memory allocation and crash Node.js processes.| Cyber Security News
The breach originated from attackers exploiting the Drift communication and sales engagement platform, which maintained connections to various Salesforce instances.| Cyber Security News
Microsoft 365 administrators across multiple global regions are currently experiencing significant difficulties adding multifactor authentication (MFA).| Cyber Security News
The Lumma information stealer, a notorious C++ malware strain, continues its prominence in the cyber threat landscape.| Cyber Security News
ESPHome vulnerability - A critical vulnerability has been discovered in the ESPHome web server component on the ESP-IDF platform.| Cyber Security News
Researchers have uncovered a novel phishing-as-a-service (PhaaS) platform named "ONNX Store" that specifically targets Microsoft 365 credentials.| Cyber Security News
A critical vulnerability impacting millions of Google Pixel devices worldwide is a pre-installed, system-level application named Showcase.apk.| Cyber Security News
Azure Health Bot Service, a cloud platform for AI-powered healthcare virtual assistants, suffered from critical vulnerabilities.| Cyber Security News
Attackers leveraged compromised infrastructure for email distribution, malware hosting, and data exfiltration, underscoring the ongoing threat to these organizations.| Cyber Security News
The vulnerabilities, tracked as CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424, pose significant risks to organizations relying on these network infrastructure components for application delivery and secure remote access.| Cyber Security News
Cybersecurity researchers at GreyNoise have uncovered a significant pattern that could revolutionize how organizations prepare for emerging threats.| Cyber Security News
A sophisticated threat campaign leveraging GitHub’s infrastructure has been attributed to the North Korean state-backed threat group.| Cyber Security News
Telegram SSH brute-force - Socket's Threat Research Team has uncovered a sophisticated supply chain attack targeting cybersecurity.| Cyber Security News
The UK NCSC has released an in-depth technical report exposing a sophisticated malware campaign, dubbed “UMBRELLA STAND”.| Cyber Security News
Cybersecurity analysts at WithSecure report a steady uptick in highly targeted cyber activities utilizing Remote Monitoring and Management (RMM) tools.| Cyber Security News
Wolf's Assault - A sophisticated APT group known as Scaly Wolf has executed a persistent multi-year campaign against a Russian.| Cyber Security News
The alleged data breach includes backend source code, payment systems, customer balances, and sensitive company details.| Cyber Security News
The breach, which affected nearly 122 million unique corporate email addresses, has raised concerns about data privacy and security.| Cyber Security News
Workday recently disclosed that it was targeted in a social engineering campaign designed to compromise employee trust and gain unauthorized access to sensitive systems.| Cyber Security News
A critical security flaw, CVE-2024-53704, has been identified in SonicWall's SonicOS SSLVPN application, enabling remote attackers.| Cyber Security News
The Sarcoma ransomware group has expanded its list of victims, targeting three prominent companies across the United States, Germany, and Taiwan.| Cyber Security News
The technique, observed since March 2024, leverages both malspam and compromised websites to deliver the malicious script via popups.| Cyber Security News
Red Hat, Inc. and AMD have announced a strategic collaboration aimed at expanding customer choice in building, deploying, and managing AI workloads.| Cyber Security News
This latest iteration features a more compact development cycle of just 42 days, resulting in focused improvements and critical backend changes that will impact developers worldwide.| Cyber Security News
Released on August 14, 2025, this major update introduces groundbreaking features that extend VirtualBox's capabilities across multiple platforms| Cyber Security News
Microsoft Threat Intelligence has uncovered a sophisticated cyberespionage campaign by the Russian state actor Secret Blizzard.| Cyber Security News
The flaw, tracked as CVE-2025-2183 with a CVSS score of 4.5, affects the certificate validation process in GlobalProtect applications running on Windows and Linux systems.| Cyber Security News
A recent demonstration has brought to light a critical exploit chain capable of bypassing modern zero-trust security policies.| Cyber Security News
Adversary-in-the-Middle (AitM) phishing attacks have rapidly escalated in both scale and sophistication, posing a significant threat.| Cyber Security News
In a groundbreaking move, the UK's National Crime Agency (NCA) has brought the seized LockBit darknet site back online.| Cyber Security News
Qilin ransomware - The Qilin ransomware group has once again dominated the cyberthreat landscape in July 2025, claiming 73 victims.| Cyber Security News
Cyber Press offers a dedicated & fast Cyber Security News Coverage, so you can keep track of Activities & stay Sture.| Cyber Security News
Microsoft mandates multi-factor authentication (MFA) for all Azure sign-ins in response to escalating cyber threats.| Cyber Security News
Microsoft has rolled out a comprehensive set of security enhancements aimed at countering the surge in AiTM phishing attacks.| Cyber Security News
In a recent wave of cyberattacks, the Cl0p ransomware group has demonstrated its ability to exploit vulnerabilities in widely used file transfer software.| Cyber Security News
IDA licensing has undergone significant changes, as licenses are now platform-agnostic, allowing them to be used across Windows, Linux, and macOS.| Cyber Security News
Dell Technologies has issued a security advisory regarding multiple vulnerabilities in its RecoverPoint for Virtual Machines (RP4VM) software.| Cyber Security News
Microsoft Threat Intelligence has uncovered a novel cyberattack strategy employed by the North Korean state-sponsored hacking group Emerald Sleet.| Cyber Security News
The directory, located at https://server.xcode.co.id/files/mimikatz/Win32/, has raised sconcerns about potential misuse by malicious actors.| Cyber Security News
Recent investigations have revealed that ransomware groups like BianLian and Rhysida are using Azure Storage Explorer to steal sensitive data| Cyber Security News
The update includes fixes for 25 critical RCE vulnerabilities, three of which are zero-day vulnerabilities actively exploited in the wild.| Cyber Security News
The victims, all based in France, include Omydoo, Ayomi.fr, and ADULLACT, marking a significant escalation in their cyber extortion campaign.| Cyber Security News
The breach underscores persistent vulnerabilities in the nation’s cybersecurity infrastructure and raises pressing concerns about data protection.| Cyber Security News
Netskope Threat Labs has uncovered a widespread phishing campaign that leverages Webflow's Content Delivery Network (CDN) and SEO.| Cyber Security News
In October 2023, Microsoft introduced native support for 11 additional compression formats in Windows 11 through the KB5031455 update.| Cyber Security News
A C#-based malware loader, Trammy.dll, obfuscated with ConfuserEx, is part of a complex infection chain initiated by an ISO image email.| Cyber Security News
IllusionCAPTCHA capitalizes on the human brain's unique ability to interpret visual discrepancies, creating tasks that are intuitive for humans but perplexing for AI.| Cyber Security News
A surge in Advanced Persistent Threat (APT) attacks has been witnessed in Korea, with notable exploitation of malicious Hancom Office (HWP) and LNK files.| Cyber Security News
This marks yet another chapter in the group's ongoing campaign of digital extortion and data breaches.| Cyber Security News
This incident underscores the growing threat of ransomware targeting architecture and engineering (A&E) firms.| Cyber Security News
Microsoft Entra ID has introduced a robust security mechanism called protected actions, aimed at preventing attackers from permanently deleting user accounts.| Cyber Security News
A critical vulnerability in SolarWinds' Web Help Desk (WHD) software has been identified, allowing remote, unauthenticated attackers to exploit hardcoded credentials embedded in the system.| Cyber Security News
The pursuit of single-bit fault injection attacks has long been regarded as a challenging frontier in hardware security.| Cyber Security News
A critical security vulnerability, identified as CVE-2025-1077, has been disclosed in IBL Software Engineering's Visual Weather software and its derived products.| Cyber Security News
The incident underscores the growing threat posed by this ransomware group, which has targeted various industries worldwide.| Cyber Security News
The EarlyCrow system introduces a groundbreaking approach to detecting Advanced Persistent Threat (APT) malware command and control (C&C) communications.| Cyber Security News
The group announced their exploit on social media, asserting that they had exfiltrated a substantial amount of sensitive data.| Cyber Security News
The exposed information reportedly includes sensitive personal details such as names, email addresses, phone numbers, and home addresses.| Cyber Security News