Monday, April 21, 2025

Cyber Security News

Hackers Abuse Zoom’s Remote Control to Access Users’ Computers

0
A newly uncovered hacking campaign is targeting business leaders and cryptocurrency firms by abusing Zoom’s remote control feature, allowing attackers to take over victims’...

Speedify VPN Vulnerability on macOS Exposes Users to System Takeover

0
A major security flaw in the Speedify VPN application for macOS, tracked as CVE-2025-25364, has exposed millions of users to the risk of complete system...

Critical PyTorch Vulnerability Allows Hackers to Run Remote Code

0
A newly disclosed critical vulnerability (CVE-2025-32434) in PyTorch, the widely used open-source machine learning framework, allows attackers to execute arbitrary code on systems loading...

ASUS Router Flaw Allows Hackers to Remotely Execute Malicious Code

0
ASUS has acknowledged multiple critical vulnerabilities affecting its routers that could allow hackers to remotely execute malicious code, thereby compromising network security and user...

Cybercriminals Exploit Google OAuth Loophole to Evade Gmail Security

0
A sophisticated phishing attack exploiting a loophole in Google’s OAuth infrastructure has surfaced, raising significant concerns about the security of Gmail users worldwide. Security researcher...
Effective Detection

Writing Effective Detection Rules With Sigma, YARA, And Suricata

0
In the ever-evolving world of cybersecurity, the ability to detect threats quickly and accurately is crucial for defending modern digital environments. Detection rules are...
Network Pivot

How To Conduct End-to-End Forensics From Compromised Endpoint To Network Pivot

0
The discovery of a compromised endpoint in an organization's network marks the beginning of what can be a complex forensic investigation. End-to-end forensics involves...
SIEM as a Service

Recent News

Credit Card Information

Cybercriminals Exploit Search Results to Steal Credit Card Information

0
Everyday internet searches, a routine activity for billions, harbor a hidden risk: cybercriminals are increasingly manipulating search engine results to lure unsuspecting users into...

Over 6 Million Chrome Extensions Found Executing Remote Commands

0
Security researchers have uncovered a network of over 35 Google Chrome extensions—collectively installed on more than 6 million browsers—secretly executing remote commands and potentially...

Hertz Data Breach Exposes Customer Personal Information to Hackers

0
The Hertz Corporation has confirmed that sensitive personal information belonging to customers of its Hertz, Dollar, and Thrifty brands was compromised after hackers targeted...
ClickFix Attack

State Sponsored Hackers now Widely Using ClickFix Attack Technique in Espionage Campaigns

0
The state-sponsored hackers from North Korea, Iran, and Russia have begunp deploying the ClickFix social engineering technique, traditionally associated with cybercriminal activities, into their...
Chinese Hacker Group Mustang Panda Bypass EDR Detection

Chinese Hacker Group Mustang Panda Bypass EDR Detection With New Hacking Tools

0
The China-sponsored hacking group, Mustang Panda, has been uncovered by Zscaler ThreatLabz to employ new techniques and tools, including the updated backdoor ToneShell and...
APT29 Hackers Use GRAPELOADER

APT29 Hackers Use GRAPELOADER in New Attack Against European Diplomats

0
Check Point Research (CPR) has uncovered a new targeted phishing campaign employing GRAPELOADER, a sophisticated initial-stage downloader, launched by the notorious Russian-linked hacking group...

CISA Issues Alert on SonicWall Flaw Being Actively Exploited

0
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert after confirming active exploitation of a SonicWall vulnerability. The flaw, documented as CVE-2021-20035,...
Best Email Security Solutions

10 Best Email Security Solutions in 2025

0
Email security solutions are critical for protecting organizations from the growing sophistication of cyber threats targeting email communication. As email remains a primary channel...
Chinese UNC5174 Group Expands Arsenal

Chinese UNC5174 Group Expands Arsenal with New Open Source Tool and C2 Infrastructure

0
The Sysdig Threat Research Team (TRT) has revealed a significant evolution in the offensive capabilities of the Chinese state-sponsored threat actor, UNC5174. In late...

Hackers Abuse Zoom’s Remote Control to Access Users’ Computers

A newly uncovered hacking campaign is targeting business leaders and cryptocurrency firms by abusing Zoom’s remote control feature, allowing attackers to take over victims’...

Samsung Galaxy Store Flaw Allows Remote Attacker to Run Code on Affected Phones

A security flaw in the Galaxy Store allows attackers to trigger remote code execution on affected smartphones.  The now patched vulnerability, which affects Galaxy Store...

U.S. Federal Network Hacked – Iranian APT Hackers Compromised Domain Controller

Recently, the FBI and CISA published a joint advisory in which they disclosed an Iranian APT group compromised the Federal Civilian Executive Branch (FCEB)...

Operation HAECHI III – INTERPOL Arrested 1000 Cyber Criminals & Seized $130 Million

Recently, there have been almost 1000 arrests made as a result of a police operation conducted by INTERPOL in an attempt to combat online...

Chrome Zero-Day Bug Actively Exploited in the Wild – Google Emergency Update!

The eighth zero-day vulnerability used in attacks this year has been fixed by Google in an emergency security upgrade for the desktop version of...

RCE Bug in Android Remote Keyboard Apps With 2M Downloads Let Hackers Access keystrokes

Multiple critical vulnerabilities were found by the security researchers at Synopsys in three Android apps that enable users to control computer systems with Android...

LastPass Hacked – Attackers Breached Cloud Storage & Access Customer Data

Using data from the August 2022 incident, LastPass experienced a breach of user information within a third-party cloud storage service. LastPass is a freemium Android...

Google Found a Framework Used to Exploit Zero-Days in Chrome, Firefox, & Windows

A trio of newly discovered exploit frameworks has been detailed by Google's Threat Analysis Group (TAG) in a recent publication. In the last few...

CryWiper Malware Masquerades as Ransomware & Purposely Destroys Data

CryWiper, a previously unknown data wiper that masquerades as ransomware, has been recently discovered and is spreading around the internet. Furthermore, this ransomware completely...

Glossary