-
A threat actor known as “888” has purportedly dumped sensitive data stolen from electronics giant LG Electronics, raising alarms in the cybersecurity community. The breach, first spotlighted on November 16, 2025, allegedly includes source code repositories, configuration files, SQL databases, and, critically, hardcoded credentials and SMTP server details potentially exposing LG’s internal communications and development […] The post Hackers Allegedly Claim Leak of LG Source Code, SMTP, and Hardcoded Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
eSentire’s Threat Response Unit (TRU) has uncovered a sophisticated malware campaign leveraging the ClickFix social engineering technique to distribute Amatera Stealer and NetSupport RAT, targeting cryptocurrency wallets, password managers, and s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
IBM has released critical security updates addressing four severe vulnerabilities in AIX and VIOS systems that could allow remote attackers to execute arbitrary commands, steal credentials, and traverse system directories. The vulnerabilities affect mu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Oligo Security have uncovered a series of critical Remote Code Execution vulnerabilities affecting widely deployed AI inference servers from major technology companies. The flaws affect frameworks developed by Meta, NVIDIA, Micr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Iranian threat actors aligned with the Islamic Revolutionary Guard Corps Intelligence Organization (IRGC-IO) are conducting a sophisticated espionage campaign tracked as SpearSpecter, systematically targeting high-value senior defense and government of…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Justice Department has announced a significant crackdown on North Korean cybercrime operations, securing five guilty pleas and initiating civil forfeiture actions totaling over $15 million against schemes orchestrated by the Democratic People&…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have unveiled comprehensive detection methodologies for NotDoor, a sophisticated backdoor malware that leverages Microsoft Outlook macros for covert command and control operations. The malware, attributed to the Russian state-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have observed a dramatic escalation in attacks exploiting a critical XWiki vulnerability, with multiple threat actors now leveraging CVE-2025-24893 to deploy botnets, cryptocurrency miners, and custom malware toolkits. The vu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability allowing attackers to inject malicious code into Cursor’s embedded browser through compromised MCP (Model Context Protocol) servers. Unlike VS Code, Cursor lacks integrity verification on its proprietary features, making it a prime target for tampering. The attack begins when a user downloads and registers a malicious MCP server through Cursor’s configuration file. […] The post Hackers Use Rogue MCP Server to Inject Malicious Code and Control the Cursor’s Built-in Browser appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new open-source tool called SilentButDeadly has emerged, designed to disrupt Endpoint Detection and Response (EDR) and antivirus (AV) software by severing their network communications. Developed by security researcher Ryan Framiñán, the tool leverages the Windows Filtering Platform (WFP) to create temporary, bidirectional blocks on EDR cloud connectivity, isolating threats without terminating processes. His approach […] The post SilentButDeadly – Network Communication Blocker Tool That Neutralizes EDR/AV appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
