cybersecurity Archives • Page 42 of 86 • Daily CyberSecurity

Beyond AI Lures: Noodlophile Stealer Evolves with Stealthy Copyright Phishing Infostealer, Noodlophile

Beyond AI Lures: Noodlophile Stealer Evolves with Stealthy Copyright Phishing

Ddos August 20, 2025

The Noodlophile Stealer, a malware family first exposed for distributing through fake AI video-generation platforms, has resurfaced...

The USB Threat Is Back: New Multi-Stage Cryptomining Attack Spreads via Infected Drives GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

The USB Threat Is Back: New Multi-Stage Cryptomining Attack Spreads via Infected Drives

Ddos August 20, 2025

CyberProof’s MDR analysts have uncovered a multi-stage cryptomining attack delivered via infected USB devices, demonstrating the persistent...

“Lazarus Stealer”: A New Android Trojan Is Stealing Financial Data from Russian Banks Android malware, banking trojan Lazarus Stealer

“Lazarus Stealer”: A New Android Trojan Is Stealing Financial Data from Russian Banks

Ddos August 20, 2025

A new CYFIRMA report has revealed the discovery of Lazarus Stealer, a highly sophisticated Android malware designed...

CVE-2025-55205: Critical Flaw in Capsule Kubernetes Exposes Clusters to Cross-Tenant Attacks Kubernetes security, multi-tenancy vulnerability CVE-2025-55205

Kubernetes security, multi-tenancy vulnerability CVE-2025-55205

CVE-2025-55205: Critical Flaw in Capsule Kubernetes Exposes Clusters to Cross-Tenant Attacks

Ddos August 19, 2025

A newly disclosed vulnerability in the Capsule Kubernetes multi-tenancy framework exposes organizations to privilege escalation and cross-tenant...

Phishing Scam Alert: McAfee Uncovers a New Android Campaign Impersonating a Government Solar Program FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

Phishing Scam Alert: McAfee Uncovers a New Android Campaign Impersonating a Government Solar Program

Ddos August 19, 2025

McAfee Labs has uncovered an active Android phishing campaign targeting users in India, where attackers impersonate a...

PyPI Fights Back: New Security Feature Prevents Account Takeovers via Expired Domains Supply chain security

PyPI Fights Back: New Security Feature Prevents Account Takeovers via Expired Domains

Ddos August 19, 2025

The Python Package Index (PyPI) is taking a significant step toward securing the open-source software supply chain...

CISA Flags Actively Exploited Trend Micro Apex One Vulnerability (CVE-2025-54948) n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA Flags Actively Exploited Trend Micro Apex One Vulnerability (CVE-2025-54948)

Ddos August 19, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Trend Micro Apex One vulnerability—CVE-2025-54948—to...

Microsoft’s Azure Used for Mass Surveillance in Gaza and West Bank Azure outage, Front Door Microsoft Azure Surveillance, Gaza Call Records Red Sea cables, Azure outage MFA enforcement Azure outage, Red Sea cables Azure Key Vault Azure, Surveillance

Azure outage, Front Door Microsoft Azure Surveillance, Gaza Call Records Red Sea cables, Azure outage MFA enforcement Azure outage, Red Sea cables Azure Key Vault Azure, Surveillance

Microsoft’s Azure Used for Mass Surveillance in Gaza and West Bank

Ddos August 19, 2025

A joint media investigation recently revealed that Israel’s Unit 8200 has been using customized cloud services provided...

PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits Backdoor, PipeMagic CVE-2025-29824

PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits

Ddos August 19, 2025

Kaspersky Labs has released a new report shedding light on the persistent threat posed by PipeMagic, a...

New Firmware Flaw in AMI Aptio UEFI Threatens Persistent System Compromise UEFI firmware, SMM vulnerability

New Firmware Flaw in AMI Aptio UEFI Threatens Persistent System Compromise

Ddos August 18, 2025

A new security vulnerability disclosed by CERT/CC highlights serious risks in AMI Aptio UEFI firmware, which powers...

Inside UAT-7237, a Chinese APT Group Targeting Taiwan Chinese APT, cyberespionage

Inside UAT-7237, a Chinese APT Group Targeting Taiwan

Ddos August 18, 2025

Cisco Talos has published a detailed report exposing a newly designated threat group, UAT-7237, a Chinese-speaking advanced...

CVE-2025-48387: Critical tar-fs Vulnerability Exposes Millions to Arbitrary File Writes tar-fs, directory traversal

CVE-2025-48387: Critical tar-fs Vulnerability Exposes Millions to Arbitrary File Writes

Ddos August 18, 2025

A newly disclosed vulnerability in the widely used tar-fs NPM package has raised alarms across the software...

CrossC2 and ReadNimeLoader: Inside the Multi-Stage Intrusions Targeting Linux and Windows Environments Cross-platform attacks, Cobalt Strike

CrossC2 and ReadNimeLoader: Inside the Multi-Stage Intrusions Targeting Linux and Windows Environments

Ddos August 18, 2025

Between September and December 2024, JPCERT/CC uncovered a sophisticated cyber campaign leveraging CrossC2, an extension tool designed...

Beyond Phishing: How AI and Deepfakes Are Powering a New Generation of Scams

Ddos August 18, 2025

Phishing and online scams are no longer confined to poorly written emails and obvious fake websites. A...

REVENANT: The Experimental Framework That Infects AI Models and Evades Traditional Defenses Experimental attack framework, AI security

REVENANT: The Experimental Framework That Infects AI Models and Evades Traditional Defenses

Ddos August 18, 2025

In a new report, CYFIRMA has detailed an experimental attack framework called REVENANT, which demonstrates how adversaries...

CVE-2025-7353 (CVSS 9.8): Rockwell Automation Issues Urgent Warning for ControlLogix Modules

Ddos August 18, 2025

Rockwell Automation has issued a critical security advisory regarding a remote code execution (RCE) vulnerability affecting its...

Pakistan Under Cyberattack: Unmasking the Blue Locker Ransomware Campaign Blue Locker, Ransomware

Pakistan Under Cyberattack: Unmasking the Blue Locker Ransomware Campaign

Ddos August 18, 2025

Pakistan has found itself in the crosshairs of a sophisticated ransomware campaign, as the country’s National Cyber...

Dodi Repacks Malware: Why Your Adblocker Won’t Save You Battlefield 6 Malware, Fake Game Cracks

Dodi Repacks Malware: Why Your Adblocker Won’t Save You

Ddos August 18, 2025

Pirated games have long been a risky endeavor, but recent research from Trellix reveals just how dangerous...

CVE-2025-7972: Rockwell Automation Patches Critical Security Bypass in FactoryTalk Linx

Ddos August 15, 2025

Rockwell Automation has released a security advisory addressing a critical security bypass vulnerability in its FactoryTalk Linx...

A New Threat: Unmasking Crypto24 Ransomware’s Stealthy Toolkit INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

A New Threat: Unmasking Crypto24 Ransomware’s Stealthy Toolkit

Ddos August 15, 2025

Trend Micro’s latest research sheds light on Crypto24, a highly coordinated ransomware operation that blends legitimate administrative...