Monday, May 12, 2025

Cyber Security News

Metasploit Update Adds Erlang/OTP SSH Exploit and OPNSense Scanner

0
The open-source penetration testing toolkit Metasploit has unveiled a major update, introducing four new modules, including a highly anticipated exploit targeting Erlang/OTP SSH servers...

Google Researchers Use Mach IPC to Uncover Sandbox Escape Vulnerabilities

0
Google Project Zero researchers have uncovered new sandbox escape vulnerabilities in macOS using an innovative approach that leverages Mach Interprocess Communication (IPC) mechanisms-core components...

Cybercriminals Hide Undetectable Ransomware Inside JPG Images

0
A chilling new ransomware attack method has emerged, with hackers exploiting innocuous JPEG image files to deliver fully undetectable (FUD) ransomware, according to a recent...
Microsoft Entra ID

Hackers Exploit Legacy Protocols in Microsoft Entra ID to Bypass MFA and Conditional Access

0
A sophisticated and highly coordinated cyberattack campaign came to light, as tracked by Guardz Research. This operation zeroed in on legacy authentication protocols within...
Copilot AI in SharePoint

Hackers Abuse Copilot AI in SharePoint to Steal Passwords and Sensitive Data

0
Microsoft’s Copilot for SharePoint, designed to streamline enterprise collaboration through generative AI, has become an unexpected weapon for cybercriminals targeting organizational secrets. Recent findings...
Defendnot – Disabling Windows Defender

Defendnot: A Tool That Disables Windows Defender by Registering as Antivirus

0
Cybersecurity developers have released a new tool called "defendnot," a successor to the previously DMCA-takedown-affected "no-defender" project. This innovative utility leverages undocumented Windows Security...
Mitel SIP Phone

Mitel SIP Phone Flaws Allow Attackers to Inject Malicious Commands

0
A pair of vulnerabilities in Mitel’s 6800 Series, 6900 Series, and 6900w Series SIP Phones-including the 6970 Conference Unit-could enable attackers to execute arbitrary...
SIEM as a Service

Recent News

Critical Microsoft 0-Click Telnet Vulnerability Enables Credential Theft Without User Action

0
A critical vulnerability has been uncovered in Microsoft’s Telnet Client (telnet.exe), enabling attackers to steal Windows credentials from unsuspecting users, even without interaction in...
Mirai Botnet

Mirai Botnet Actively Targeting GeoVision IoT Devices for Command Injection Exploits

0
The Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of command injection vulnerabilities in discontinued GeoVision Internet of Things (IoT) devices....
Apache ActiveMQ

Apache ActiveMQ Vulnerability Allows Attackers to Induce DoS Condition

0
Critical vulnerability in Apache ActiveMQ (CVE-2024-XXXX) exposes brokers to denial-of-service (DoS) attacks by allowing malicious actors to exhaust system memory through specially crafted OpenWire...

New Mamona Ransomware Targets Windows Systems Using Abused Ping Command

0
Cybersecurity researchers are raising the alarm about a newly discovered commodity ransomware strain dubbed Mamona, which is rapidly spreading across Windows systems. Unlike traditional ransomware, Mamona...
AI Filters

Hackers Bypass AI Filters from Microsoft, Nvidia, and Meta Using a Simple Emoji

0
Cybersecurity researchers have uncovered a critical flaw in the content moderation systems of AI models developed by industry giants Microsoft, Nvidia, and Meta. Hackers have...
Missed Jury Duty

ESET Reveals How to Spot Fake Calls Demanding Payment for ‘Missed Jury Duty’

0
ESET, a leading cybersecurity firm, has shed light on one particularly insidious scheme: fake calls purportedly from government officials demanding payment for 'missed jury...
Darcula PhaaS

Darcula PhaaS: 884,000 Credit Card Details Stolen from 13 Million Global User Clicks

0
The Darcula group has orchestrated a massive phishing-as-a-service (PhaaS) operation, dubbed Magic Cat, compromising an estimated 884,000 credit card details from over 13 million...

FBI Warns Hackers Are Using End-of-Life Routers to Mask Their Tracks

0
The Federal Bureau of Investigation (FBI) has issued a stark warning to businesses and home users: cybercriminals are actively exploiting outdated, unsupported routers to...
DDoS-for-Hire

Europol Dismantles DDoS-for-Hire Network and Arrests Four Administrators

0
Significant blow to cybercriminal infrastructure, Europol has coordinated an international operation resulting in the arrest of four individuals in Poland who allegedly operated six...

Defendnot: A Tool That Disables Windows Defender by Registering as Antivirus

Cybersecurity developers have released a new tool called "defendnot," a successor to the previously DMCA-takedown-affected "no-defender" project. This innovative utility leverages undocumented Windows Security...

Hackers Abuse Copilot AI in SharePoint to Steal Passwords and Sensitive Data

Microsoft’s Copilot for SharePoint, designed to streamline enterprise collaboration through generative AI, has become an unexpected weapon for cybercriminals targeting organizational secrets. Recent findings...

Discover The Best Free Face Swap Tool For Fun And Creativity 

In the digital era, where creativity rules and social media trends change by the minute, face swapping has emerged as one of the most...

Metasploit Update Adds Erlang/OTP SSH Exploit and OPNSense Scanner

The open-source penetration testing toolkit Metasploit has unveiled a major update, introducing four new modules, including a highly anticipated exploit targeting Erlang/OTP SSH servers...

Google Researchers Use Mach IPC to Uncover Sandbox Escape Vulnerabilities

Google Project Zero researchers have uncovered new sandbox escape vulnerabilities in macOS using an innovative approach that leverages Mach Interprocess Communication (IPC) mechanisms-core components...

Cybercriminals Hide Undetectable Ransomware Inside JPG Images

A chilling new ransomware attack method has emerged, with hackers exploiting innocuous JPEG image files to deliver fully undetectable (FUD) ransomware, according to a recent...

Hackers Exploit Legacy Protocols in Microsoft Entra ID to Bypass MFA and Conditional Access

A sophisticated and highly coordinated cyberattack campaign came to light, as tracked by Guardz Research. This operation zeroed in on legacy authentication protocols within...

Mitel SIP Phone Flaws Allow Attackers to Inject Malicious Commands

A pair of vulnerabilities in Mitel’s 6800 Series, 6900 Series, and 6900w Series SIP Phones-including the 6970 Conference Unit-could enable attackers to execute arbitrary...

Microsoft Teams to Safeguard Meetings by Blocking Screen Snaps

Microsoft has announced the upcoming release of a groundbreaking "Prevent Screen Capture" feature for Teams, designed to block unauthorized screenshots and recordings during virtual...

Glossary