-
Cisco’s Simple Network Management Protocol (SNMP) implementations in IOS and IOS XE have come under intense scrutiny following reports of active exploitation in the wild. First disclosed in August 2025, CVE-2025-20352 describes a critical buffer overflow in the SNMP engine that allows unauthenticated remote attackers to execute arbitrary code. The vulnerability arises when an oversized […] The post CISA Warns of Cisco IOS and IOS XE SNMP Vulnerabilities Exploited in Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ukraine’s national cyber incident response team, CERT-UA, has issued an urgent warning about a new malware campaign that weaponizes Excel add-in (XLL) files to deploy the CABINETRAT backdoor. Throughout September 2025, CERT-UA analysts discovered multi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent weeks, a novel malware campaign dubbed MatrixPDF has surfaced, targeting Gmail users with carefully crafted emails that slip past conventional spam and phishing filters. This campaign has been active since mid-September 2025 and leverages PDF attachments that, when opened, initiate a stealthy infection chain designed to exfiltrate sensitive information and deliver additional payloads. […] The post MatrixPDF Attacks Gmail Users Bypassing Email Filters and Fetch Malicious Payload appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WestJet announced a cybersecurity incident in which a sophisticated third-party actor gained unauthorized access to internal systems, exposing personal information of some customers. The breach, discovered on June 13, 2025, has since been contained and remediated, but not before sensitive data elements were exfiltrated. WestJet Passenger Data Exposed WestJet’s security team first detected anomalous activity […] The post WestJet Confirms Data Breach – Customers Personal Information Exposed appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Chinese state-sponsored cyber threat group Salt Typhoon has been targeting global telecommunications infrastructure since at least 2019, exploiting network edge devices to establish deep persistence and harvest vast quantities of sensitive data. Aligne…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In August 2025, Australian authorities issued multiple scam alerts after users reported suspicious Facebook groups promoting “active senior trips.” What initially appeared as harmless community gatherings concealed a sophisticated mobile malware operat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The digital landscape in 2025 is characterized by unprecedented connectivity and an equally sophisticated array of cyber threats. Organizations face a constant barrage of attacks targeting their data, infrastructure, and reputation. Selecting the right…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
JFrog’s security research team has identified a malicious PyPI package named SoopSocks that masquerades as a legitimate SOCKS5 proxy utility while stealthily implanting a backdoor on Windows systems. This package leverages automated installation, advan…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WestJet Airlines has confirmed that a recent cybersecurity incident exposed certain personal information belonging to its customers. The Canadian carrier says the breach took place in mid-June and was discovered on June 13, 2025. Company officials stre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Since mid-2025, cybersecurity researchers have tracked a resurgence of Patchwork Advanced Persistent Threat (APT) campaigns targeting government and telecommunications sectors across Asia and Eastern Europe. Initially leveraging spear-phishing emails containing malicious Office document attachments, this latest wave of activity has evolved into a multi-stage infection chain employing sophisticated persistence and payload retrieval tactics. The initial […] The post Patchwork APT Using PowerShell Commands to Create Scheduled Task and Downloads Final Payload appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
