-
A novel AI-driven threat leverages LLMs on Hugging Face to execute adaptive reconnaissance and data exfiltration in real time. Rather than relying on static scripts or prewritten payloads, LAMEHUG dynamically queries a Qwen 2.5-Coder-32B-Instruct model…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity authorities are urging organizations to take immediate action following the discovery of a sophisticated espionage campaign targeting Cisco Adaptive Security Appliance (ASA) firewalls. In a significant update, Cisco and the UK’s National Cyber Security Centre (NCSC) have revealed that a state-sponsored threat actor is exploiting a zero-day vulnerability (CVE-2025-20333) in Cisco ASA 5500-X series […] The post Hackers Exploiting Cisco ASA Zero-Day to Deploy RayInitiator and LINE VIPER Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco published Security Advisory cisco-sa-http-code-exec-WmfP3h3O revealing a severe flaw in multiple Cisco platforms that handle HTTP-based management. Tracked as CVE-2025-20363, this vulnerability stems from improper validation of user-supplied inpu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have discovered an advanced variant of the XCSSET malware specifically targeting macOS developers through infected Xcode projects, introducing sophisticated clipboard hijacking and enhanced data exfiltration capabilities. Micr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has issued an emergency security advisory warning of active exploitation of a critical zero-day vulnerability in its Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) software platforms. The vulnerability, tracked as CVE-2025-20333, carries a maximum CVSS score of 9.9 and enables authenticated remote attackers to execute arbitrary code with root […] The post Cisco ASA 0-Day RCE Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In mid-2024, cybersecurity professionals began observing a surge of targeted intrusions against government, defense, and technology organizations worldwide. These incidents were linked to a previously uncharacterized threat group later christened RedNovember, which leverages open-source and commodity tools to deploy a stealthy Go-based backdoor. Initial compromises often stemmed from the exploitation of Internet-facing devices—including VPN appliances, […] The post RedNovember Hackers Attacking Government and Technology Organizations to Deploy Backdoor appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Noma Labs have discovered a critical vulnerability in Salesforce’s Agentforce AI platform that could allow attackers to steal sensitive customer data through sophisticated prompt injection techniques. The vulnerabilit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals are increasingly turning to artificial intelligence to enhance their attack capabilities, as demonstrated in a sophisticated phishing campaign recently uncovered by security researchers. The campaign represents a significant evolution in malware obfuscation techniques, utilizing AI-generated code to disguise malicious payloads within seemingly legitimate business documents. This development marks a concerning shift in the threat […] The post Hackers Leverage AI-Generated Code to Obfuscate Its Payload and Evade Traditional Defenses appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Trend Micro have discovered a new and dangerous variant of LockBit ransomware that targets Windows, Linux, and VMware ESXi systems, utilizing advanced obfuscation techniques and sophisticated cross-platform capabilities. Ad…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated phishing campaign has emerged targeting maintainers of packages on the Python Package Index (PyPI), employing domain confusion tactics to steal authentication credentials from unsuspecting developers. The attack leverages fraudulent emails designed to mimic official PyPI communications, directing recipients to malicious domains that closely resemble the legitimate PyPI infrastructure. The phishing operation utilizes carefully […] The post New Phishing Attack Targeting PyPI Maintainers to Steal Login Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
