-
A sophisticated ransomware attack has emerged targeting organizations through compromised third-party managed service provider (MSP) credentials, showcasing the evolving tactics of cybercriminals in 2025. The Sinobi Group, operating as a Ransomware-as-a-Service (RaaS) affiliate, successfully infiltrated corporate networks by exploiting SonicWall SSL VPN credentials mapped to over-privileged Active Directory accounts with domain administrator rights. The attack […] The post Hackers Leverage Compromised Third-Party SonicWall SSL VPN Credentials to Deploy Sinobi Ransomware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated backdoor in AppSuite PDF Editor that enables threat actors to execute arbitrary commands on compromised Windows systems. Initially flagged as a potentially unwanted program due to its aggressive installation behavior, AppSuite’s true na…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity teams worldwide have observed a surge in sophisticated campaigns exploiting both Windows and Linux vulnerabilities in recent months to achieve unauthorized system access. These attacks often begin with phishing emails or malicious web content designed to deliver weaponized documents. Once opened, the embedded exploits target unpatched vulnerabilities in commonly used software components, allowing attackers […] The post Threat Actors Leveraging Windows and Linux Vulnerabilities in Real-world Attacks to Gain System Access appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has confirmed that a security breach involving the Salesloft Drift platform is more extensive than initially reported, potentially compromising all authentication tokens connected to the service. The new findings from the Google Threat Intelligence Group (GTIG) indicate that the incident, previously thought to be limited to Salesforce integrations, affects all third-party applications connected to […] The post Google Confirms Potential Compromise of All Salesloft Drift Customer Authentication Tokens appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
On August 28, 2025, the Hikvision Security Response Center (HSRC) issued Security Advisory SN No. HSRC-202508-01, detailing three critical vulnerabilities affecting various HikCentral products. Collectively assigned CVE identifiers CVE-2025-39245, CVE-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over the past year, security researchers have observed a growing trend of North Korean–linked developers establishing credible-looking profiles on popular code-sharing platforms such as GitHub, CodeSandbox, and Gist. These accounts frequently host legitimate open-source projects alongside hidden payloads, allowing operators to mask malicious activity under the guise of normal developer contributions. The overall goal appears […] The post DPRK IT Workers Using Code-Sharing Platforms to Secure New Remote Jobs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Virustotal today unveiled a powerful addition to its Code Insight suite: a dedicated API endpoint that accepts code snippets—either disassembled or decompiled—and returns succinct summaries and detailed descriptions tailored for malware analysts. Launc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hikvision has disclosed three significant security vulnerabilities affecting multiple versions of its HikCentral product suite that could enable attackers to execute malicious commands and gain unauthorized administrative access. The vulnerabilities, assigned CVE identifiers CVE-2025-39245, CVE-2025-39246, and CVE-2025-39247, were reported to the Hikvision Security Response Center (HSRC) on by security researchers Yousef Alfuhaid, Nader Alharbi, Eduardo […] The post Multiple Hikvision Vulnerabilities Let Attackers Inject Executable Commands appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
VirusTotal today unveiled Virustotal’s New endpoint, which receives code requests and returns a description of its functionality for malware analysts, a powerful addition to its Code Insight platform. Designed to streamline reverse engineering workflows, the new API endpoint pre-analyzes disassembled or decompiled code and highlights behaviors most relevant to malware hunters. Early adopters report significant reductions in […] The post Virustotal’s New Endpoint Provides Functionality Descriptions for Malware Analysts’ Code Requests appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have uncovered a sophisticated malvertising campaign on Meta’s Facebook platform in recent weeks that targets Android users with promises of a free TradingView Premium application. These deceptive ads mimic official TradingView branding and visuals, luring unsuspecting victims to download what appears to be a legitimate APK. Once installed, however, the app unleashes a […] The post Threat Actors Weaponizing Facebook Ads with Free TradingView Premium App Lures That Delivers Android Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
