-
The Chinese government’s cyber ecosystem continues to attract significant scrutiny from security researchers worldwide. Following revelations from Intrusion Truth, the i-Soon leaks, tracking of EagleMsgSpy, and exposure of Great Firewall componen…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A Perth man has been sent to jail for stealing private videos from women and creating a fake Wi-Fi network to trick airline passengers. The 44-year-old’s crimes have shocked the aviation industry and left many victims feeling violated. The Fake W…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new threat has emerged in the cybersecurity landscape as security experts discover a private Out-of-Band Application Security Testing (OAST) service operating on Google Cloud infrastructure. This mystery operation stands out from typical exploit scanning activities because it uses custom infrastructure rather than relying on public services. The attackers have been running a focused campaign […] The post Mystery OAST With Exploit for 200 CVEs Leveraging Google Cloud to Launch Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have confirmed that KimJongRAT, a sophisticated remote access Trojan attributed to the Kimsuky group and believed to be backed by North Korea, is being actively distributed via weaponized .hta files targeting Windows users. The dis…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Pakistan-based threat actor APT36, also known as Transparent Tribe, has launched a sophisticated cyber-espionage campaign against Indian government institutions using a newly developed Python-based ELF malware. The attack marks a significant escalation in the group’s capabilities, demonstrating their growing technical maturity and adaptability to Linux-based operating systems. The campaign centers on spear-phishing emails containing weaponized […] The post APT36 Hackers Used Python-Based ELF Malware to Target Indian Government Entities appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have discovered that modern attackers are abandoning traditional offensive tools and instead weaponizing legitimate Windows utilities to conduct cyberattacks without triggering security alarms. This shift in tactics, known as ̶…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Law enforcement authorities from Switzerland and Germany, with support from Europol, have successfully dismantled a primary cryptocurrency mixing service called ‘Cryptomixer’ that was facilitating cybercrime and money laundering operations …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SEQRITE Labs APT-Team has uncovered a sophisticated cyberattack campaign dubbed “Operation Hanoi Thief,” targeting IT departments and human resources recruiters across Vietnam with weaponized resume documents. The campaign, first detected o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in Devolutions Server, a popular centralized password and privileged access management solution. The flaw, rated critical severity by experts, could allow attackers to steal sensitive data or modify…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in the Apache bRPC framework that could allow remote attackers to crash servers by sending specially crafted JSON data. The flaw, tracked as CVE-2025-59789, affects all versions of Apache bRPC before 1.15.0 across all platforms. The vulnerability exists in the json2pb component of Apache bRPC, which converts JSON data to Protocol […] The post Critical Apache bRPC Framework Vulnerability Let Attackers Crash the Server appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
