-
A new wave of cyberattacks targeting organizations using SonicWall firewalls has been actively deploying Akira ransomware since late July 2025. Security researchers at Arctic Wolf Labs detected a surge in this activity, which remains ongoing. Threat actors are gaining initial access through malicious SSL VPN logins, successfully bypassing multi-factor authentication (MFA), and then rapidly moving […] The post Threat Actors Exploiting SonicWall Firewalls to Deploy Akira Ransomware Using Malicious Logins appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cybersecurity landscape continues to evolve as three of the most notorious English-speaking cybercrime groups—LAPSUS$, Scattered Spider, and ShinyHunters—have been found to share significant operational connections, tactical overlaps, and direct collaboration since 2023. These relationships have created what security experts now describe as a highly adaptive cybercrime ecosystem that poses an advanced persistent threat to […] The post Researchers Uncovered Connections Between LAPSUS$, Scattered Spider, and ShinyHunters Hacker Groups appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
LummaStealer has emerged as one of the most prolific information-stealing malware families in recent years, targeting victims across multiple industry verticals including telecommunications, healthcare, banking, and marketing. The sophisticated malware gained widespread notoriety in early 2025 when cybercriminals extensively deployed it in coordinated campaigns worldwide. Although law enforcement operations in May 2025 temporarily disrupted its […] The post LummaStealer Technical Details Uncovered Using ML-Based Detection Approach appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A 17-year-old suspect who surrendered over his alleged role in the 2023 cyberattacks against two major Las Vegas casino operators was released to his parents under strict supervision. During his initial hearing before Family Court Judge Dee Smart Butler in Las Vegas, the teenager originally from the Chicago area was ordered to remain in Clark […] The post 17-year-old Hacker Responsible for Vegas Casinos Hack has Been Released appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In 2025, AI penetration testing tools have become the backbone of modern cybersecurity strategies, offering automation, intelligence-driven reconnaissance, and vulnerability analysis faster than traditional manual assessments. Businesses now demand AI-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new threat has emerged in the cybersecurity landscape that represents a significant evolution in malware development. The LAMEHUG malware family, first identified by CERT-UA in July 2025, marks a concerning advancement in cyber attack methodology by integrating artificial intelligence directly into its operational framework. Unlike traditional malware that relies on static, pre-programmed instructions, […] The post LLM-Based LAMEHUG Malware Dynamically Generate Commands for Reconnaissance and Data Theft appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has disclosed multiple high-severity Denial-of-Service (DoS) vulnerabilities that could allow unauthenticated attackers to crash self-managed GitLab instances. These flaws impact Community Edition (CE) and Enterprise Edition (EE) versions prior to 18.4.1, 18.3.3, and 18.2.7, and exploit both HTTP endpoints and GraphQL APIs. Administrators must upgrade immediately to prevent service interruptions and potential data loss. […] The post GitLab High-Severity Vulnerabilities Let Attackers Crash Instances appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical, perfect 10.0 CVSS score vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) solution was actively exploited as a zero-day at least a week before the company released a patch. The vulnerability, tracked as CVE-2025-10035, is a command injection flaw that allows for unauthenticated remote code execution. Security firm watchTowr reported credible evidence of […] The post Fortra GoAnywhere Vulnerability Exploited as 0-Day Before Patch appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The macOS threat landscape has witnessed a significant escalation with the discovery of a new variant of the XCSSET malware targeting app developers. First observed in late September 2025, this variant builds upon earlier versions by introducing enhanced stealth techniques, expanded exfiltration capabilities, and robust persistence mechanisms. Attackers continue to leverage infected Xcode projects—the cornerstone […] The post New Variant of The XCSSET Malware Attacking macOS App Developers appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Enterprises everywhere are embracing MCP servers—tools that grant AI assistants “god-mode” permissions to send emails, run database queries, and automate tedious tasks. But no one ever stopped to ask: Who built these tools? Today, the first real-world …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
