-
The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert on October 14, 2025, highlighting a critical vulnerability in Rapid7’s Velociraptor endpoint detection and response (EDR) tool. This flaw, stemming from incorrect default permissions, has already been weaponized by threat actors to execute arbitrary commands and seize control of infected endpoints, amplifying risks for […] The post CISA Warns Of Rapid7 Velociraptor Vulnerability Exploited in Ransomware Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A major manufacturing company fell victim to a swift and devastating ransomware attack after threat actors gained access using just one set of stolen VPN credentials. The attack, carried out by the cybercrime group Ignoble Scorpius, culminated in wides…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The BlackSuit ransomware group, tracked as Ignoble Scorpius by cybersecurity experts, devastated a prominent manufacturer’s operations. The attack, detailed in a recent Unit 42 report from Palo Alto Networks, began with something as simple as compromised VPN credentials, escalating into widespread encryption and data theft that could have cost millions. This incident underscores the escalating […] The post BlackSuit Ransomware Actors Breached Corporate Environment, Including 60+ VMware ESXi Hosts appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency has added a critical vulnerability in Rapid7 Velociraptor to its Known Exploited Vulnerabilities catalogue, warning that threat actors are actively exploiting the flaw in ransomware attacks. The vuln…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered zero-day vulnerability in the Windows Agere Modem driver has been actively exploited by threat actors to elevate privileges on affected systems. Tracked as CVE-2025-24052 and CVE-2025-24990, these flaws allow a low-privileged user to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated threat actor known as TigerJack has systematically infiltrated developer marketplaces with at least 11 malicious Visual Studio Code extensions, targeting thousands of unsuspecting developers worldwide. Operating under multiple publisher identities including ab-498, 498, and 498-00, this cybercriminal has deployed a comprehensive attack arsenal designed to steal source code, mine cryptocurrency, and establish remote […] The post TigerJack Hacks Infiltrated Developer Marketplaces with 11 Malicious VS Code Extensions appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The emergence of a sophisticated malware campaign leveraging geo-mapping technology has put critical infrastructure and enterprise networks on high alert. First observed targeting sectors across Asia and North America, the malware was traced to a group of Chinese threat actors employing advanced stealth tactics to sustain prolonged network penetration. Attackers harnessed a unique blend of […] The post Chinese Hackers Leverage Geo-Mapping Tool to Maintain Year-Long Persistence appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated campaign orchestrated by multiple hacktivist groups has emerged, targeting government portals, financial services, and online commerce platforms across Israel and allied nations. The coordinated cyber offensive, timed around the October 7 anniversary, demonstrated unprecedented levels of organization and cross-ideological cooperation among geographically dispersed threat actors. The campaign peaked on October 7, 2025, with […] The post Pro-Russian Hacktivist Group Attacking Government Portals, Financial Services and Online Commerce appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A serious security flaw has been discovered in Microsoft’s Internet Information Services (IIS) that lets attackers run arbitrary code without logging in. The vulnerability affects the IIS Inbox COM Objects and stems from improper handling of shared mem…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Veeam has released an urgent security patch to address multiple critical remote code execution (RCE) vulnerabilities in Veeam Backup & Replication version 12. These flaws could allow authenticated domain users to run malicious code on backup server…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
