-
Hackers have begun actively exploiting a critical remote code execution (RCE) vulnerability in the popular file archiver 7-Zip, putting millions of users at risk of malware infection and system compromise. The flaw, tracked as CVE-2025-11001, stems from improper handling of symbolic links in ZIP archives, allowing attackers to traverse directories and execute arbitrary code on […] The post Hackers Actively Exploiting 7-Zip RCE Vulnerability in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is bringing native Sysmon functionality directly into Windows, eliminating the need for manual deployment and separate downloads. Starting next year, Windows 11 and Windows Server 2025 will include System Monitor (Sysmon) capabilities, transforming how security teams detect threats and investigate incidents. For years, Sysmon has been the go-to tool for IT administrators, security professionals, and threat […] The post Sysmon – Go-to Tool for IT Admins, Security Pros, and Threat Hunters Coming to Windows appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new ransomware threat named “The Gentlemen” has emerged in the cybersecurity landscape, demonstrating advanced attack capabilities and a well-structured operational model. First appearing around July 2025, this group quickly established itself as a serious threat, publishing 48 victims on their dark web leak site between September and October 2025. The ransomware operates as a […] The post ‘The Gentlemen’ Ransomware Group with Dual-Extortion Strategy Encrypts and Exfiltrates Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A China-aligned threat group known as PlushDaemon has been weaponizing a sophisticated attack method to infiltrate networks across multiple regions since 2018. The group’s primary strategy involves intercepting legitimate software updates by deploying a specialized tool called EdgeStepper, which acts as a bridge between users’ computers and malicious servers. This technique allows hackers to inject […] The post Chinese PlushDaemon Hackers use EdgeStepper Tool to Hijack Legitimate Updates and Redirect to Malicious Servers appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated cyber campaign known as Operation WrtHug has hijacked tens of thousands of ASUS WRT routers globally, turning them into potential espionage tools for suspected China-linked hackers. SecurityScorecard’s STRIKE team, in collaboration with ASUS, revealed the operation on November 18, 2025, highlighting how attackers exploited outdated firmware to build a stealthy network infrastructure. This […] The post Massive Hacking Operation WrtHug Compromises Thousands of ASUS Routers Worldwide appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new wave of cyberattacks has emerged using the Tuoni Command and Control (C2) framework, a sophisticated tool that allows threat actors to deploy malicious payloads directly into system memory. This technique helps attackers avoid detection by traditional security solutions that rely on scanning files stored on disk. The Tuoni framework has gained attention in […] The post Hackers Using Leverage Tuoni C2 Framework Tool to Stealthily Deliver In-Memory Payloads appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has launched an investigation into a widespread issue affecting Microsoft Copilot in Microsoft 365, where users are experiencing significant limitations when performing actions on files. The technology giant confirmed the incident via official Microsoft 365 Status channels, assigning the tracking identifier CP1188020 for administrative reference. The Issue and Impact The reported problem prevents users […] The post Microsoft Investigating Copilot Issue On Processing Files appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A global data storage and infrastructure company fell victim to a severe ransomware attack orchestrated by Howling Scorpius, the group responsible for distributing Akira ransomware. The incident began with what appeared to be a routine security check on a compromised car dealership website. An employee clicked on what seemed like a standard verification prompt to […] The post Destructive Akira Ransomware Attack with a Single Click on CAPTCHA in Malicious Website appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybereason Threat Intelligence Team has uncovered a sophisticated ransomware operation known as “The Gentlemen,” which emerged around July 2025 and quickly established itself as a formidable threat actor. Operating with a dual-extortion met…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical OS command injection vulnerability in Fortinet FortiWeb, warning that the flaw is actively being exploited in real-world attacks. The vulnerabil…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
