-
Cybersecurity researchers at Zensec have exposed a sophisticated supply-chain attack campaign that weaponised trusted Remote Monitoring and Management (RMM) infrastructure to deploy ransomware across multiple UK organisations throughout early 2025. The…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MAD-CAT (Meow Attack Data Corruption Automation Tool) targets MongoDB, Elasticsearch, Cassandra, Redis, CouchDB, and Hadoop HDFS, exactly the systems hit in the original wave. This persistent threat inspired security researcher Karl Biron of Trustwave to create MAD-CAT, a Python-based tool for simulating these destructive campaigns across six vulnerable database platforms. While the notorious Meow attacks […] The post MAD-CAT Meow Attack Tool to Simulate Real-World Data Corruption Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A surge in online casino spam is reshaping the dark corners of the internet, with threat actors increasingly hacking websites to embed malicious SEO-boosting links. This evolving tactic aims to promote online gambling sites by hijacking the authority o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Three critical vulnerabilities in runc, the container runtime powering Docker, Kubernetes, and other containerization platforms. These flaws could allow attackers to escape container isolation and gain root access to host systems. However, no active exploits have been detected yet. The vulnerabilities leverage race mount conditions and procfs write redirects to break out of container boundaries. […] The post Critical runc Vulnerabilities Put Docker and Kubernetes Container Isolation at Risk appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An extract from “The Enemy Inside, the Paragon Case, Spies and Regime Methods in Giorgia Meloni’s Italy” by Francesco Cancellato, published by Rizzoli on November 11, 2025. This surveillance system continues to expand its reach into o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical remote code execution vulnerability in Monsta FTP, a popular web-based FTP client used by financial institutions and enterprises worldwide. The flaw, now tracked as CVE-2025-34299, affects multiple versions of the software and has been exploited in the wild. Monsta FTP is a browser-based file transfer client that allows users to manage files on remote […] The post Monsta web-based FTP Remote Code Execution Vulnerability Exploited appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The construction industry has emerged as a primary target for sophisticated cyber adversaries in 2025, with threat actors including state-sponsored APT groups, ransomware operators, and organized cybercriminal networks actively targeting organizations …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Three critical vulnerabilities in runc, the widely-used container runtime that powers Docker and Kubernetes, have been disclosed, allowing attackers to break out of container isolation and gain root access to host systems. The flaws, identified as CVE-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft researchers have unveiled a sophisticated side-channel attack targeting remote language models that could allow adversaries to infer conversation topics from encrypted network traffic. Despite end-to-end encryption via Transport Layer Securit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have discovered an actively exploited remote code execution vulnerability in Monsta FTP, a web-based FTP client used by financial institutions, enterprises, and individual users worldwide. The flaw, now tracked as CVE-2025-34299, a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
