-
The U.S. Justice Department announced major actions against North Korean cybercrime, including five people admitting guilt and the government taking more than $15 million in property linked to the crimes. These operations reveal how the Democratic People’s Republic of Korea (DPRK) uses fraudulent IT workers and cryptocurrency heists to fund its weapons programs while evading […] The post North Korean Hackers Infiltrated 136 U.S. Companies to Generate $2.2 Million in Revenue appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sharp increase in attacks targeting a critical vulnerability in XWiki servers. Multiple threat actors are actively exploiting CVE-2025-24893 to deploy botnets and coin miners, and to establish unauthorized server access across the internet. Since the initial discovery on October 28, 2025, exploitation has expanded dramatically. VulnCheck reported that multiple independent attackers are now actively targeting the […] The post Hackers Exploiting XWiki Vulnerability in the Wild to Hire the Servers for Botnet appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Pig-butchering scams, the sophisticated long-con investment fraud schemes that have plagued millions globally, have reached unprecedented scale through the strategic deployment of artificial intelligence technologies. Once reliant on labor-intensive so…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Samsung users across West Asia and North Africa are raising serious privacy concerns over AppCloud. This pre-installed bloatware application collects sensitive personal data without consent. It cannot be easily removed from Galaxy A and M series smartp…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly identified phishing campaign is exploiting Microsoft Entra tenant invitation functionality to orchestrate TOAD (Telephone-Oriented Attack Delivery) attacks against unsuspecting users. Security researchers have uncovered how threat actors are we…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Samsung has been accused of shipping budget Galaxy A and M series smartphones with pre-installed spyware that users can’t easily remove. The software in question, AppCloud, developed by the mobile analytics firm IronSource, has been embedded in devices sold primarily in the Middle East and North Africa (MENA) region. Security researchers and privacy advocates warn […] The post Unremovable Spyware on Samsung Devices Comes Pre-installed on Galaxy Series Devices appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A threat actor known as “888” has purportedly dumped sensitive data stolen from electronics giant LG Electronics, raising alarms in the cybersecurity community. The breach, first spotlighted on November 16, 2025, allegedly includes source code repositories, configuration files, SQL databases, and, critically, hardcoded credentials and SMTP server details potentially exposing LG’s internal communications and development […] The post Hackers Allegedly Claim Leak of LG Source Code, SMTP, and Hardcoded Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
eSentire’s Threat Response Unit (TRU) has uncovered a sophisticated malware campaign leveraging the ClickFix social engineering technique to distribute Amatera Stealer and NetSupport RAT, targeting cryptocurrency wallets, password managers, and s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
IBM has released critical security updates addressing four severe vulnerabilities in AIX and VIOS systems that could allow remote attackers to execute arbitrary commands, steal credentials, and traverse system directories. The vulnerabilities affect mu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Oligo Security have uncovered a series of critical Remote Code Execution vulnerabilities affecting widely deployed AI inference servers from major technology companies. The flaws affect frameworks developed by Meta, NVIDIA, Micr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
