.webp)
Microsoft 365 Authentication Issues Affecting User Access
Microsoft 365 administrators across multiple global regions are currently experiencing significant difficulties adding multifactor authentication (MFA).| Cyber Security News
Microsoft 365 administrators across multiple global regions are currently experiencing significant difficulties adding multifactor authentication (MFA).| Cyber Security News
The Lumma information stealer, a notorious C++ malware strain, continues its prominence in the cyber threat landscape.| Cyber Security News
Android users worldwide must install the September 2025 security patch without delay to safeguard their devices against high-severity vulnerabilities now being actively exploited in the wild. Released as part of the Android Security Bulletin on September 1, 2025, the update carries a security patch level of 2025-09-05 or later and addresses multiple critical flaws—two of […] The post Android Security Update Patches Actively Exploited 0-Day Vulnerabilities appeared first on Cyber Security ...| Cyber Security News
Microsoft has confirmed a newly disclosed remote code execution (RCE) vulnerability in its IIS Web Deploy toolchain, tracked as CVE-2025-53772. The flaw resides in the unsafe deserialization logic of the msdeployagentservice and msdeploy.axd endpoints, allowing authenticated attackers to execute arbitrary code on vulnerable web servers. As enterprises worldwide rely on Web Deploy for automated deployments, […] The post Public PoC Released for IIS WebDeploy RCE Vulnerability appeared first o...| Cyber Security News
In a pivotal shift for cyber offense, the newly released Hexstrike-AI framework equips threat actors with an orchestration “brain” that can direct more than 150 specialized AI agents to autonomously scan, exploit, and persist within target environments. Within hours of its public launch, dark-web chatter confirmed adversaries leveraging Hexstrike-AI to weaponize recent Citrix NetScaler ADC […] The post Hackers Exploit Zero-Day Vulnerabilities in Minutes Using Hexstrike-AI appeared first...| Cyber Security News
In late August 2025, cybersecurity firm Cyfirma discovered Inf0s3c Stealer, a Python-based grabber that targets Windows hosts and exfiltrates data via Discord. The 64-bit Portable Executable is first compressed with UPX and then packaged using PyInstaller, creating dual-layer packing that thwarts signature detection and complicates reverse engineering. Upon execution, the malware reconstructs embedded Python bytecode from […] The post Stealthy Python Malware Exploits Discord to Steal Data ...| Cyber Security News
In 2025, Identity and Access Management (IAM) has evolved beyond simple password management to become a critical component of a Zero Trust security model. With a dispersed workforce, multi-cloud environments, and the proliferation of SaaS applications, IAM is the new security perimeter. A robust IAM solution ensures that the right people and the right machines […] The post 10 Best IAM (Identity And Access Management) Solutions in 2025 appeared first on Cyber Security News.| Cyber Security News
Jaguar Land Rover (JLR), the UK’s premier luxury automotive manufacturer, has revealed that a sophisticated cyberattack compromised its global information technology infrastructure. In a statement issued early Wednesday, the company confirmed that an unauthorized intrusion triggered multiple security alerts late on Tuesday evening, prompting an immediate shutdown of critical systems to contain the breach and […] The post Jaguar Land Rover Confirms Cybersecurity Incident Disrupting Global ...| Cyber Security News
Cloudflare disclosed that its Salesforce instance was compromised due to the Salesloft Drift breach. A sophisticated actor, dubbed GRUB1, exploited OAuth credentials from Salesloft’s Drift integration to exfiltrate text-based support case data. While no core Cloudflare services were impacted, sensitive customer contact details, support ticket contents, and potentially embedded tokens were exposed—prompting urgent credential rotations […] The post Cloudflare Confirms Data Breach -Custome...| Cyber Security News
In early 2025, security researchers uncovered RapperBot. This sophisticated IoT botnet exploits zero-day vulnerabilities in network video recorders (NVRs) to orchestrate massive distributed denial-of-service (DDoS) attacks within seconds. By harnessing legacy devices, many of which are no longer supported by manufacturers, the operators of RapperBot can unleash floods exceeding terabits per second, crippling high-profile targets in […] The post RapperBot Hijacking Thousands of Devices to O...| Cyber Security News
Cybercriminals are leveraging TinyLoader’s versatile infection and propagation techniques to steal cryptocurrency and deploy additional malware on Windows systems. Advanced Persistence, Propagation, and Payload Delivery TinyLoader establishes deep persistence by creating hidden copies of itself named “Update.exe” in users’ Desktop and Documents folders, and by modifying Windows registry settings to hijack .txt file associations so […] The post Windows Users Hit by TinyLoader Malware...| Cyber Security News
.jpg)
ESPHome vulnerability - A critical vulnerability has been discovered in the ESPHome web server component on the ESP-IDF platform.| Cyber Security News
%20(1).webp)
Researchers have uncovered a novel phishing-as-a-service (PhaaS) platform named "ONNX Store" that specifically targets Microsoft 365 credentials.| Cyber Security News
.webp)
A critical vulnerability impacting millions of Google Pixel devices worldwide is a pre-installed, system-level application named Showcase.apk.| Cyber Security News
.webp)
Azure Health Bot Service, a cloud platform for AI-powered healthcare virtual assistants, suffered from critical vulnerabilities.| Cyber Security News
Attackers leveraged compromised infrastructure for email distribution, malware hosting, and data exfiltration, underscoring the ongoing threat to these organizations.| Cyber Security News
%20(1).webp)
The vulnerabilities, tracked as CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424, pose significant risks to organizations relying on these network infrastructure components for application delivery and secure remote access.| Cyber Security News
Cybersecurity researchers at GreyNoise have uncovered a significant pattern that could revolutionize how organizations prepare for emerging threats.| Cyber Security News
A sophisticated threat campaign leveraging GitHub’s infrastructure has been attributed to the North Korean state-backed threat group.| Cyber Security News
Telegram SSH brute-force - Socket's Threat Research Team has uncovered a sophisticated supply chain attack targeting cybersecurity.| Cyber Security News
The UK NCSC has released an in-depth technical report exposing a sophisticated malware campaign, dubbed “UMBRELLA STAND”.| Cyber Security News
Cybersecurity analysts at WithSecure report a steady uptick in highly targeted cyber activities utilizing Remote Monitoring and Management (RMM) tools.| Cyber Security News
.jpg)
Wolf's Assault - A sophisticated APT group known as Scaly Wolf has executed a persistent multi-year campaign against a Russian.| Cyber Security News
%20(1).webp)
The alleged data breach includes backend source code, payment systems, customer balances, and sensitive company details.| Cyber Security News
.webp)
The breach, which affected nearly 122 million unique corporate email addresses, has raised concerns about data privacy and security.| Cyber Security News
%20(1).webp)
Workday recently disclosed that it was targeted in a social engineering campaign designed to compromise employee trust and gain unauthorized access to sensitive systems.| Cyber Security News
A critical security flaw, CVE-2024-53704, has been identified in SonicWall's SonicOS SSLVPN application, enabling remote attackers.| Cyber Security News
%20(1).webp)
The Sarcoma ransomware group has expanded its list of victims, targeting three prominent companies across the United States, Germany, and Taiwan.| Cyber Security News
The technique, observed since March 2024, leverages both malspam and compromised websites to deliver the malicious script via popups.| Cyber Security News
.webp)
Red Hat, Inc. and AMD have announced a strategic collaboration aimed at expanding customer choice in building, deploying, and managing AI workloads.| Cyber Security News
%20(1).webp)
This latest iteration features a more compact development cycle of just 42 days, resulting in focused improvements and critical backend changes that will impact developers worldwide.| Cyber Security News
%20(1).webp)
Released on August 14, 2025, this major update introduces groundbreaking features that extend VirtualBox's capabilities across multiple platforms| Cyber Security News
Microsoft Threat Intelligence has uncovered a sophisticated cyberespionage campaign by the Russian state actor Secret Blizzard.| Cyber Security News
%20(1)%20(1).webp)
The flaw, tracked as CVE-2025-2183 with a CVSS score of 4.5, affects the certificate validation process in GlobalProtect applications running on Windows and Linux systems.| Cyber Security News
A recent demonstration has brought to light a critical exploit chain capable of bypassing modern zero-trust security policies.| Cyber Security News
Adversary-in-the-Middle (AitM) phishing attacks have rapidly escalated in both scale and sophistication, posing a significant threat.| Cyber Security News
%20(1).webp)
In a groundbreaking move, the UK's National Crime Agency (NCA) has brought the seized LockBit darknet site back online.| Cyber Security News
.jpg)
Qilin ransomware - The Qilin ransomware group has once again dominated the cyberthreat landscape in July 2025, claiming 73 victims.| Cyber Security News
Cyber Press offers a dedicated & fast Cyber Security News Coverage, so you can keep track of Activities & stay Sture.| Cyber Security News
Siemens has disclosed a critical vulnerability in its SiPass Integrated access control system that could allow unauthenticated remote attackers.| Cyber Security News
A critical security vulnerability has been discovered in Realtek's Bluetooth HCI Adaptor that enables local attackers with standard user privileges to delete arbitrary files.| Cyber Security News
%20(1).webp)
Designated as Premature Pairing Random Injection, this flaw affects the Realtek RTL8762EKF-EVB development platform running SDK v1.4.0.| Cyber Security News
A newly identified cyber campaign, orchestrated by actors behind Lampion banking malware, has escalated threats against Portuguese organizations.| Cyber Security News
IntelBroker is a prominent cybercriminal known for high-profile breaches that target both corporations and government entities and often involve advanced techniques.| Cyber Security News
A newly identified information-stealer, dubbed PupkinStealer, has surfaced in April 2025, targeting Windows users with a focus.| Cyber Security News
.webp)
A concerning development has emerged in the cybersecurity landscape as screenshots circulate of a tool called "FUD Windows Crypter" .| Cyber Security News
MediaTek has disclosed seven security vulnerabilities affecting a wide range of its chipsets used in smartphones, tablets, smart displays, and other connected devices.| Cyber Security News
Microsoft disclosed a critical security vulnerability in Windows Remote Desktop Services yesterday that could enable unauthorized attackers to execute malicious code.| Cyber Security News
.webp)
Microsoft mandates multi-factor authentication (MFA) for all Azure sign-ins in response to escalating cyber threats.| Cyber Security News
Pure Crypter has cemented its position as a prominent malware-as-a-service (MaaS) loader within the cybercriminal ecosystem.| Cyber Security News
Microsoft has rolled out a comprehensive set of security enhancements aimed at countering the surge in AiTM phishing attacks.| Cyber Security News
In a recent wave of cyberattacks, the Cl0p ransomware group has demonstrated its ability to exploit vulnerabilities in widely used file transfer software.| Cyber Security News
.webp)
IDA licensing has undergone significant changes, as licenses are now platform-agnostic, allowing them to be used across Windows, Linux, and macOS.| Cyber Security News
Dell Technologies has issued a security advisory regarding multiple vulnerabilities in its RecoverPoint for Virtual Machines (RP4VM) software.| Cyber Security News
Microsoft Threat Intelligence has uncovered a novel cyberattack strategy employed by the North Korean state-sponsored hacking group Emerald Sleet.| Cyber Security News
%20(1).webp)
The directory, located at https://server.xcode.co.id/files/mimikatz/Win32/, has raised sconcerns about potential misuse by malicious actors.| Cyber Security News
Recent investigations have revealed that ransomware groups like BianLian and Rhysida are using Azure Storage Explorer to steal sensitive data| Cyber Security News
%20(1).webp?w=1600&resize=1600,900&ssl=1)
The update includes fixes for 25 critical RCE vulnerabilities, three of which are zero-day vulnerabilities actively exploited in the wild.| Cyber Security News
%20(1).webp)
The victims, all based in France, include Omydoo, Ayomi.fr, and ADULLACT, marking a significant escalation in their cyber extortion campaign.| Cyber Security News
%20(1).webp?w=1600&resize=1600,900&ssl=1)
The breach underscores persistent vulnerabilities in the nation’s cybersecurity infrastructure and raises pressing concerns about data protection.| Cyber Security News
Netskope Threat Labs has uncovered a widespread phishing campaign that leverages Webflow's Content Delivery Network (CDN) and SEO.| Cyber Security News
In October 2023, Microsoft introduced native support for 11 additional compression formats in Windows 11 through the KB5031455 update.| Cyber Security News
A C#-based malware loader, Trammy.dll, obfuscated with ConfuserEx, is part of a complex infection chain initiated by an ISO image email.| Cyber Security News
IllusionCAPTCHA capitalizes on the human brain's unique ability to interpret visual discrepancies, creating tasks that are intuitive for humans but perplexing for AI.| Cyber Security News
A surge in Advanced Persistent Threat (APT) attacks has been witnessed in Korea, with notable exploitation of malicious Hancom Office (HWP) and LNK files.| Cyber Security News
%20(1)%20(1).webp)
This marks yet another chapter in the group's ongoing campaign of digital extortion and data breaches.| Cyber Security News
%20(1).webp)
This incident underscores the growing threat of ransomware targeting architecture and engineering (A&E) firms.| Cyber Security News
Microsoft Entra ID has introduced a robust security mechanism called protected actions, aimed at preventing attackers from permanently deleting user accounts.| Cyber Security News
A critical vulnerability in SolarWinds' Web Help Desk (WHD) software has been identified, allowing remote, unauthenticated attackers to exploit hardcoded credentials embedded in the system.| Cyber Security News
.webp)
The pursuit of single-bit fault injection attacks has long been regarded as a challenging frontier in hardware security.| Cyber Security News
A critical security vulnerability, identified as CVE-2025-1077, has been disclosed in IBL Software Engineering's Visual Weather software and its derived products.| Cyber Security News
%20(1).webp)
The incident underscores the growing threat posed by this ransomware group, which has targeted various industries worldwide.| Cyber Security News
The EarlyCrow system introduces a groundbreaking approach to detecting Advanced Persistent Threat (APT) malware command and control (C&C) communications.| Cyber Security News
%20(1).webp)
The group announced their exploit on social media, asserting that they had exfiltrated a substantial amount of sensitive data.| Cyber Security News
%20(1).webp)
The exposed information reportedly includes sensitive personal details such as names, email addresses, phone numbers, and home addresses.| Cyber Security News
