-
In March 2025, security researchers at Kaspersky detected a sophisticated campaign exploiting a previously unknown Chrome vulnerability to deliver advanced spyware to high-profile targets. The attack, dubbed Operation ForumTroll, leveraged personalized…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Qilin ransomware has emerged as one of the most devastating threats in the second half of 2025, operating at an alarming pace with over 40 victim disclosures per month on its public leak site. Originally tracked under the name Agenda before rebranding to Qilin around July 2022, this ransomware-as-a-service platform has evolved into a global […] The post Qilin Ransomware Leveraging Mspaint and Notepad to Find Files with Sensitive Information appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As iOS 26 is being rolled out, a critical forensic challenge has emerged: the operating system now automatically overwrites the shutdown.log file on every reboot, effectively erasing crucial evidence of Pegasus and Predator spyware infections. This dev…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As iOS 26 is being rolled out, a critical forensic challenge has emerged: the operating system now automatically overwrites the shutdown.log file on every reboot, effectively erasing crucial evidence of Pegasus and Predator spyware infections. This dev…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Famous Chollima, a threat group affiliated with North Korea’s Reconnaissance General Bureau, has significantly expanded its operational capabilities by integrating two potent malware strains: BeaverTail and OtterCookie. This convergence marks a critical evolution in the group’s attack methodology, targeting cryptocurrency and blockchain sectors with renewed sophistication. The merging of these toolsets reflects a deliberate shift […] The post North Korean Chollima Actors Added BeaverTail and OtterCookie to Its Arsenal appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have developed a sophisticated new tool called EDR-Redir that can bypass Endpoint Detection and Response (EDR) systems by exploiting Windows’ Bind Filter and Cloud Filter drivers. This technique represents a significant …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors have launched a significant mass exploitation campaign targeting critical vulnerabilities in two popular WordPress plugins, GutenKit and Hunk Companion, affecting hundreds of thousands of websites globally. These vulnerabilities, discovered in September and October 2024, have resurfaced as an active threat in October 2025, demonstrating the persistent danger of unpatched installations. The attack vectors […] The post Hackers Actively Exploiting WordPress Arbitrary Installation Vulnerabilities in The Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
HashiCorp has disclosed two critical vulnerabilities in Vault and Vault Enterprise that could enable attackers to bypass authentication mechanisms and launch denial-of-service attacks against infrastructure. The first vulnerability, identified under Bu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Dell Technologies has disclosed three critical vulnerabilities affecting Dell Storage Manager that could allow unauthenticated remote attackers to completely compromise storage systems. Dell Storage Manager versions prior to 2020 R1.21 are vulnerable t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at NeuralTrust have uncovered a critical vulnerability in OpenAI’s Atlas browser that allows attackers to bypass safety measures by disguising malicious instructions as innocent-looking web addresses. The flaw exploits how th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
