-
A newly discovered Windows malware packer named TangleCrypt has emerged as a serious threat in ransomware attacks, specifically designed to evade endpoint detection and response (EDR) solutions. The packer was first observed during a September 2025 ransomware incident involving Qilin ransomware, where threat actors deployed it alongside the ABYSSWORKER driver to disable security tools before […] The post TangleCrypt Windows Packer with Ransomware Payloads Evades EDR Using ABYSSWORKER Driver appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has acknowledged a frustrating new issue affecting users of the “new Outlook” for Windows, where Excel attachments fail to open if their filenames contain non-ASCII characters. The technical glitch, tracked under the reference ID EX1189359, triggers a vague error message advising users to “Try opening the file again later,” leaving many confused about the […] The post Microsoft Confirms New Outlook Bug Blocking Excel Attachments appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated Advanced Persistent Threat group known as Bloody Wolf has intensified its cyber espionage operations across Central Asia, targeting government and private sectors. Since late June 2025, the group has orchestrated spear-phishing campaigns primarily focusing on organizations within Kyrgyzstan and Uzbekistan. By meticulously impersonating state entities such as the Ministry of Justice, the attackers […] The post Bloody Wolf Hackers Mimic as Government Agencies to Deploy NetSupport RAT via Weaponized PDF’s appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
South Korean e-commerce giant Coupang has confirmed a massive security incident affecting approximately 33.7 million customers—nearly the company’s entire user base. The breach, which exposed names, phone numbers, email addresses, shipping addresses, and order histories, has been traced back to a former employee who exploited unrevoked internal access credentials. While the scale of the leak […] The post Coupang Data Breach Exposed Personal Data of 33.7 Million Customers appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
“ShadyPanda,” a sophisticated threat actor responsible for a seven-year campaign that has successfully infected 4.3 million Chrome and Edge users. By exploiting the inherent trust in browser marketplaces, ShadyPanda weaponized “Featured” and “Verified” extensions to deploy remote code execution (RCE) backdoors and massive spyware operations without triggering traditional security alarms. The investigation reveals that ShadyPanda’s […] The post 4.3 Million Chrome and Edge Users Hacked in 7-Year ShadyPanda Malware Campaign appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals have found a more effective method to compromise Windows computers while evading detection by security software. Ivan Spiridonov observed that uploading malicious tools, hackers are now using legitimate Windows programs already installed on target systems, a tactic known as “living off the land” (LOLBins, or Living Off the Land Binaries). Unlike traditional attacks that […] The post Hackers are Moving to “Living Off the Land” Techniques to Attack Windows Systems Bypassing EDR appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenAI has patched a command injection flaw in its Codex CLI tool that allowed attackers to execute arbitrary commands on developers’ machines simply by getting a malicious configuration file into a project repository. The issue, now fixed in Codex CLI version 0.23.0, effectively turned routine use of the codex command into a silent remote‑code‑execution trigger. […] The post OpenAI Codex CLI Command Injection Vulnerability Let Attackers Execute Arbitrary Commands appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability in Microsoft Azure API Management (APIM) Developer Portal enables attackers to register accounts across different tenant instances, even when administrators have explicitly disabled user signup through the portal interface. The flaw, which Microsoft has classified as “by design,” remains unpatched as of December 1, 2025, leaving organizations potentially exposed to unauthorized […] The post Microsoft Azure API Management Flaw Enables Cross-Tenant Account Creation, Bypassing Admin Restrictions appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Tomiris hacker group has resurfaced with a sophisticated campaign targeting foreign ministries and government entities worldwide. Beginning in early 2025, this advanced persistent threat (APT) actor shifted its operational strategy to focus on high-value diplomatic infrastructure. By leveraging a diverse array of programming languages—including Go, Rust, C/C++, and Python—the group has enhanced its ability […] The post Tomiris Hacker Group Added New Tools and Techniques to Attack Organizations Globally appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Qualcomm Technologies, Inc. has issued an urgent security bulletin warning customers about multiple critical vulnerabilities affecting millions of devices worldwide. The most severe flaw threatens the secure boot process, a fundamental security mechani…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
