-
Chinese-affiliated threat actor UNC6384 has been actively leveraging a critical Windows shortcut vulnerability to target European diplomatic entities across Hungary, Belgium, Serbia, Italy, and the Netherlands. Arctic Wolf researchers identified this sophisticated cyber espionage campaign operating throughout September and October 2025, representing a significant evolution in the group’s operational capabilities and geographic reach. The attack […] The post Hackers Weaponizing Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors operating under the control of North Korea’s regime have demonstrated continued technical sophistication by introducing advanced malware toolsets designed to establish persistent backdoor access and remote control over compromised systems. Recent findings have revealed that Kimsuky, known for orchestrating espionage campaigns, deployed HttpTroy, while the Lazarus APT group introduced an enhanced variant of […] The post Kimsuky and Lazarus Hacker Groups Unveil New Tools That Enable Backdoor and Remote Access appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Progress Software has released security patches to address a high-severity vulnerability in its MOVEit Transfer platform discovered on October 29, 2025. The flaw, tracked as CVE-2025-10932, affects the AS2 module and allows attackers to consume sy…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated cyber espionage campaign targeting European diplomatic institutions has been uncovered, signaling a strategic escalation by Chinese-affiliated threat actor UNC6384. Central to this campaign is the exploitation of the Windows shortcut (L…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have unveiled a sophisticated Linux rootkit capable of bypassing Elastic Security’s advanced detection mechanisms, demonstrating critical vulnerabilities in endpoint detection and response solutions. The Singularity rootkit e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Sophisticated threat actors have orchestrated a coordinated multilingual phishing campaign targeting financial and government organizations across East and Southeast Asia. The campaign leverages carefully crafted ZIP file lures combined with region-specific web templates to deceive users into downloading staged malware droppers. Recent analysis reveals three interconnected clusters spanning Traditional Chinese, English, and Japanese-language variants, each […] The post Threat Actors Using Multilingual ZIP File to Attack Financial and Government Organizations appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
AzureHound, an open-source data collection tool designed for legitimate penetration testing and security research, has become a favored weapon in the hands of sophisticated threat actors. The tool, which is part of the BloodHound suite, was originally created to help security professionals and red teams identify and fix cloud vulnerabilities. However, malicious actors have increasingly […] The post AzureHound Penetration Testing Tool Weaponized by Threat Actors to Enumerate Azure and Entra ID appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has raised alarm over active exploitation of a critical privilege escalation vulnerability affecting Broadcom’s VMware Tools and VMware Aria Operations. Tracked as CVE-2025-41244, this 0…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
North Korean state-sponsored threat actors have escalated their cyber operations with the deployment of sophisticated new malware variants designed to establish persistent backdoor access to compromised systems. Recent investigations by threat intellig…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a severe injection vulnerability in the XWiki Platform, designated as CVE-2025-24893. This flaw allows unauthenticated attackers to execute arbitrary remote code, posing significant risks to organizations using the open-source wiki software. Discovered and actively exploited, the vulnerability underscores the dangers of […] The post CISA Warns of XWiki Platform Injection vulnerability Exploited to Execute Remote Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
