-
Since mid-2024, a sophisticated Iranian-backed threat group known as UNC1549 has been conducting targeted campaigns against aerospace, aviation, and defense organizations across the globe. The hackers employ an advanced dual approach, combining carefully crafted phishing campaigns with the exploitation of trusted connections between primary targets and their third-party suppliers. This strategy proves particularly effective against […] The post UNC1549 Hackers with Custom Tools Attacking Aerospace and Defense Systems to Steal Logins appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw has been discovered in the widely used W3 Total Cache WordPress plugin, putting over 1 million websites at serious risk. The vulnerability allows attackers to take complete control of affected websites without needing any login…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has announced the public preview of its Alert Triage and Investigation agent, a significant advancement in artificial intelligence-driven security operations. The intelligent agent is now embedded directly within Google Security Operations, helping security teams process alerts faster and more effectively. The new agent represents a significant step toward Google’s vision of an “Agentic SOC,” a […] The post Google Reveals Public Preview of Alert Triage and Investigation Agent for Security Operations appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about a severe vulnerability in Lynx+ Gateway devices that could expose sensitive information in clear text during transmission. The flaw allows attackers to catch network traffic and obtain plaintext credentials and other confidential data. The vulnerability, tracked as CVE-2025-62765, stems from the product’s […] The post CISA Warns of Critical Lynx+ Gateway Vulnerability Exposes Data in Cleartext appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated threat actor has orchestrated a multi-stage ransomware attack spanning nine days, leveraging compromised Remote Desktop Protocol (RDP) credentials to infiltrate a corporate network, exfiltrate sensitive data, and deploy Lynx ransomware …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability was discovered in the AI-Bolit component of Imunify security products, raising concerns across the web hosting and Linux server communities. This flaw could let attackers execute arbitrary code and escalate their privileges to …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Remcos, a commercial remote access tool distributed by Breaking-Security and marketed as “Remote Administration Software,” continues to pose a significant threat to organizations worldwide. Despite its administrative positioning, the tool&#…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released an urgent security update for its Chrome browser to address a critical zero-day vulnerability actively exploited by threat actors. The flaw, tracked as CVE-2025-13223, affects the V8 JavaScript engine and poses a significant risk to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Lynx ransomware has emerged as a significant threat to enterprise environments, with recent intrusions demonstrating sophisticated attack strategies that prioritize data exfiltration and infrastructure destruction. The malware campaign combines compromised credentials with careful planning to ensure maximum impact on target networks. Security researchers continue to monitor this evolving threat as attackers refine their techniques and […] The post Threat Actors Leveraging Compromised RDP Logins to Deploy Lynx Ransomware After Deleting Server Backups appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Lazarus APT Group, an advanced persistent threat (APT) attributed to North Korea, has deployed a sophisticated new Remote Access Trojan (RAT) called ScoringMathTea as part of its ongoing Operation DreamJob cyberespionage campaign. ScoringMathTea re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
