-
The cybercriminal underground has witnessed a significant consolidation as three of the most notorious threat actors Scattered Spider, ShinyHunters, and LAPSUS$ have formally aligned to create the Scattered LAPSUS$ Hunters (SLH), a federated collective…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Gladinet CentreStack and Triofox to its Known Exploited Vulnerabilities catalog, signaling active exploitation in the wild. The flaw, tracked as CV…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released its Cybersecurity Forecast 2026 report, providing a comprehensive analysis of emerging threats and security trends anticipated throughout the coming year. Rather than relying on speculation, the report is grounded in real-world data…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NGate represents a sophisticated Android-based threat that exploits NFC technology to enable unauthorized ATM cash withdrawals without physically stealing payment cards. Rather than stealing cards outright, threat actors use an ingenious relay attack t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a dangerous OS command injection vulnerability affecting Control Web Panel (CWP), formerly known as CentOS Web Panel. The vulnerability, tracked as CVE-2025-48703, enables unauthenticated remote attackers to execute arbitrary commands on vulnerable systems with minimal prerequisites. CVE-2025-48703 represents a significant security risk […] The post CISA Warns of Control Web Panel OS Command Injection Vulnerability Exploited in Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
JPCERT/CC has issued an urgent warning about ongoing attacks by the advanced persistent threat group APT-C-60, which continues to target recruitment professionals in Japan through sophisticated spear-phishing campaigns. The attack campaign specifically…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DragonForce, a ransomware-as-a-service operation active since 2023, has dramatically evolved into what researchers now describe as a structured cybercriminal cartel, leveraging the publicly leaked Conti v3 source code to establish a formidable threat infrastructure. The group initially relied on the LockBit 3.0 builder for developing encryptors before transitioning to a customized Conti v3 codebase, giving […] The post DragonForce Cartel Emerges From the Leaked Source Code of Conti v3 Ransomware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency has issued an urgent alert about a critical command-injection vulnerability in Control Web Panel that is currently being actively exploited in the wild. Tracked as CVE-2025-48703, this flaw poses a s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
European organizations are facing an unprecedented surge in ransomware attacks as cybercriminals increasingly adopt artificial intelligence and sophisticated social engineering tactics to breach defenses and accelerate their operations. According to th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A significant security threat has emerged from the Google Play Store, where threat actors have successfully deployed 239 malicious applications that have been collectively downloaded more than 42 million times. This discovery marks a disturbing trend in mobile malware campaigns targeting users during a period when remote and hybrid work environments have become the norm. […] The post 239 Malicious Android Apps on Google Play With Downloaded Over 40 Million Times appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
