-
Luma Infostealer, a malware-as-a-service (MaaS) offering, has emerged as a potent threat targeting high-value credentials such as web browser cookies, cryptocurrency wallets, and VPN/RDP account information. Beyond isolated theft, threat actors are emp…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Understanding exactly how users authenticate to cloud services is crucial for effective security monitoring. A recently refined bitfield mapping technique decodes the opaque UserAuthenticationMethod values in Microsoft 365 audit logs, transforming nume…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apache Syncope, has disclosed a critical security vulnerability that allows authenticated administrators to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-57738, impacts all Apache Syncope versions 3.x before 3.0.14 and 4.x b…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over the summer of 2025, a novel malware family emerged following the public disclosure of the LOSTKEYS implant. This new strain was rapidly weaponized in a series of highly targeted campaigns against policy advisors, non-governmental organizations, and dissidents. Leveraging a refreshed lure known as COLDCOPY ClickFix, threat actors masqueraded the payload as a CAPTCHA verification […] The post New LOSTKEYS Malware Linked to Russia State-Sponsored Hacker Group COLDRIVER appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Motex has disclosed a severe remote code execution vulnerability in its LANSCOPE Endpoint Manager On-Premise Edition. Assigned CVE-2025-61932, the flaw carries a CVSS 3.0 score of 9.8, classifying it as an emergency-level threat. This vulnerability could allow attackers to execute arbitrary code on affected systems, potentially leading to full compromise of endpoint devices. The issue […] The post LANSCOPE Endpoint Manager Vulnerability Let Attackers Execute Remote Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recent surge in underground cybercrime chatter has shone a spotlight on Monolock Ransomware V1.0, as multiple posts on dark web forums claim that the malicious software is now available for purchase. Cybersecurity researchers monitoring illicit marke…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over the past several months, cybersecurity researchers have observed a surge of fraudulent Chrome extensions masquerading as legitimate WhatsApp Web automation tools. These 131 rebranded clones, each presenting as distinct offerings, share an identical codebase designed to automate bulk messaging and scheduling without user consent. By injecting custom scripts directly into the WhatsApp Web interface, […] The post 131 Malicious Extensions Targeting WhatsApp Used Found in Chrome Web Store appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GlassWorm is the world’s first self-propagating worm targeting VS Code extensions in the OpenVSX marketplace, unleashing invisible malicious payloads and decentralized command infrastructure that make it nearly impossible to detect or dismantle. First …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw has been found in the on-premise edition of LANSCOPE Endpoint Manager that could let attackers run malicious code on vulnerable machines. The issue, tracked as CVE-2025-61932, involves a remote code execution vulnerability in t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Amazon Web Services experienced a significant service disruption in its US-EAST-1 region that lasted nearly 24 hours, affecting over 140 services and causing widespread issues for customers worldwide. The outage began late on October 19, 2025, and was …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
