-
ACR Stealer represents one of the most sophisticated information-stealing malware families actively circulating in 2025, distinguished by its advanced evasion techniques and comprehensive data harvesting capabilities. Originally emerging in March 2024 as a Malware-as-a-Service (MaaS) offering on Russian-speaking cybercrime forums, ACR Stealer has rapidly evolved from its predecessor, GrMsk Stealer, into a formidable threat that […] The post ACR Stealer – Uncovering Attack Chains, Functionalities And IOCs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has issued an urgent reminder to enterprise and educational institutions worldwide about the impending end of support for Windows 11 version 22H2. With just 60 days remaining, organizations must prepare for the October 14, 2025, deadline when…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
August 2025 saw a dramatic surge in targeted attacks by the DarkCloud Stealer against financial institutions worldwide. CyberProof’s MDR analysts and threat hunters identified a wave of phishing emails bearing malicious RAR archives designed to prey on…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability affecting FlowiseAI’s Flowise platform has been disclosed, revealing a severe authentication bypass flaw that allows attackers to perform complete account takeovers with minimal effort. The vulnerability tracked as CVE-2025-58434 impacts both cloud deployments at cloud.flowiseai.com and self-hosted installations, making it a widespread security concern for organizations using this AI agent-building platform. Key […] The post FlowiseAI Password Reset Token Vulnerability Allows Account Takeover appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A massive data breach has exposed the inner workings of China’s internet censorship system, with over 500GB of sensitive documents from the Great Firewall of China (GFW) leaked online on September 11, 2025. This represents the largest leak of int…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered ransomware group called Yurei has emerged with sophisticated encryption capabilities, targeting organizations through double-extortion tactics while leveraging open-source code to rapidly scale operations. First observed on September…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Two critical vulnerabilities have been discovered in the Linux Common Unix Printing System (CUPS), exposing millions of systems to remote denial-of-service attacks and authentication bypass exploits. The vulnerabilities, tracked as CVE-2025-58364 and CVE-2025-58060, affect the core printing infrastructure used across virtually all Linux distributions and pose significant risks to network security. Key Takeaways1. Two Critical […] The post Linux CUPS Vulnerability Let Attackers Remote DoS and Bypass Authentication appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in FlowiseAI has been discovered that allows attackers to take over user accounts with minimal effort. The flaw, tracked as CVE-2025-58434, affects both cloud-hosted and self-hosted FlowiseAI deployments, posing signi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In 2025, web applications are no longer just static websites; they are dynamic, complex ecosystems that serve as the primary interface between businesses and their customers. This makes them a prime target for cybercriminals. Traditional network firewa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Phishing-as-a-Service operation called VoidProxy that uses advanced adversary-in-the-middle techniques to bypass traditional multi-factor authentication and steal session tokens from Microsoft 365 and Google accounts. The five steps of a SIM-swap attac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
