-
Scams and threats circulating on messaging apps like WhatsApp demonstrate how easily trusted platforms can be weaponized against users. One deceptive tactic gaining traction involves tricking people into sharing their phone screens during WhatsApp vide…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Remcos, a commercial remote access tool distributed by Breaking-Security and marketed as administrative software, has become a serious threat in the cybersecurity landscape. Developed in the mid-2010s, this malware enables attackers to execute remote commands, steal files, capture screens, log keystrokes, and collect user credentials through command-and-control servers using HTTP or HTTPS channels. Despite being […] The post Remcos RAT C2 Activity Mapped Along with The Ports Used for Communications appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Lazarus APT Group has unveiled a new Remote Access Trojan called ScoringMathTea, representing a significant advancement in their cyberattack capabilities. This C++ based malware was identified as part of Operation DreamJob, a campaign aligned with the North Korean government. The threat actors have been targeting companies that provide Unmanned Aerial Vehicle technology to Ukraine, […] The post Lazarus APT Group New ScoringMathTea RAT Enables Remote Command Execution Among Other Capabilities appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical command injection vulnerability has been discovered in the W3 Total Cache plugin, one of WordPress’s most popular caching solutions used by approximately 1 million websites. The vulnerability, tracked as CVE-2025-9501 with a CVSS severity score of 9.0 (Critical), allows unauthenticated attackers to execute arbitrary PHP commands directly on vulnerable servers. W3 Total Cache Vulnerability The flaw exists in […] The post W3 Total Cache Command Injection Vulnerability Exposes 1 Million WordPress Sites to RCE Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A serious security flaw was discovered in the AI-Bolit component of Imunify products. This vulnerability allows attackers to run arbitrary code and even become root on a server. Imunify released a fix on October 23, 2025, and most servers have already received the automatic update. Currently, there are no reports of hackers exploiting this security […] The post Imunify AI-Bolit Vulnerability Let Execute Arbitrary Code and Escalate Privileges to Root appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google is taking decisive action against apps that drain excessive battery power, introducing a new warning system that will alert users before they download power-hungry applications. Starting March 1, 2026, apps that fail to meet Google’s batte…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The notorious Everest ransomware group has claimed responsibility for a major cyber breach against Under Armour, the global sportswear giant, alleging the theft of 343 GB of internal data that could impact millions of customers and employees worldwide. The announcement, posted on the group’s dark web leak site on November 16, 2025, includes a sample […] The post Everest Ransomware Group Allegedly Exposes 343 GB of Sensitive Data in Major Under Armour Breach appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a landmark operation targeting cybercriminal infrastructure, the East Netherlands cybercrime team conducted a major takedown of a rogue hosting company suspected of facilitating a broad spectrum of malicious activities. During the coordinated enforc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Since mid-2024, a sophisticated Iranian-backed threat group known as UNC1549 has been conducting targeted campaigns against aerospace, aviation, and defense organizations across the globe. The hackers employ an advanced dual approach, combining carefully crafted phishing campaigns with the exploitation of trusted connections between primary targets and their third-party suppliers. This strategy proves particularly effective against […] The post UNC1549 Hackers with Custom Tools Attacking Aerospace and Defense Systems to Steal Logins appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw has been discovered in the widely used W3 Total Cache WordPress plugin, putting over 1 million websites at serious risk. The vulnerability allows attackers to take complete control of affected websites without needing any login…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
