-
North Korean state-sponsored threat actors have escalated their cyber operations with the deployment of sophisticated new malware variants designed to establish persistent backdoor access to compromised systems. Recent investigations by threat intellig…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a severe injection vulnerability in the XWiki Platform, designated as CVE-2025-24893. This flaw allows unauthenticated attackers to execute arbitrary remote code, posing significant risks to organizations using the open-source wiki software. Discovered and actively exploited, the vulnerability underscores the dangers of […] The post CISA Warns of XWiki Platform Injection vulnerability Exploited to Execute Remote Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In an unprecedented cybersecurity incident that occurred in September 2025, over 500 gigabytes of internal data from China’s Great Firewall infrastructure were exposed in what security experts are calling one of the most consequential breaches in digital surveillance history. The massive leak encompasses more than 100,000 documents, including internal source code, work logs, configuration files, […] The post Historic Great Firewall Breach – 500GB+ Censorship Data Exposed appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a historic breach of China’s censorship infrastructure, over 500 gigabytes of internal data were leaked from Chinese infrastructure firms associated with the Great Firewall (GFW) in September 2025. Researchers now estimate the full dump is clo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WhatsApp has unveiled passkey-encrypted backups, simplifying the protection of cherished chat histories without the burden of memorizing complex passwords. This feature allows users to secure their end-to-end encrypted backups using biometric methods like fingerprints, facial recognition, or device screen locks, ensuring seamless access even after losing a phone or switching devices. Announced on October 29, […] The post WhatsApp Introduces Passkey Encryption for Enhanced Chat Message Backup Security appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a sophisticated attack vector that exploits how AI search tools and autonomous agents retrieve web content. The vulnerability, termed “agent-aware cloaking,” allows attackers to serve different webpage ve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA), working alongside the National Security Agency and international cybersecurity partners, has released a comprehensive security guidance document focused on hardening Microsoft Exchange server…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated phishing campaign leveraging multilingual ZIP file lures has emerged across East and Southeast Asia, targeting government institutions and financial organizations with unprecedented coordination. Security researchers utilizing Hunt.io&#…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated Linux kernel rootkit designed to slip past the defenses of Elastic Security, a leading endpoint detection and response (EDR) platform. Released on GitHub by researcher 0xMatheuZ, the rootkit employs advanced obfuscation techniques to evade YARA-based detection and behavioral monitoring. While presented strictly for educational purposes, Singularity underscores the evolving challenges in kernel-level threat […] The post Researchers Created a Linux Rootkit that Evades Elastic Security EDR Detection appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-41244 to its Known Exploited Vulnerabilities catalog. This local privilege escalation flaw affects Broadcom’s VMware Aria Operations and VMware Tools, with evidence of active exploitation in the wild. Security researchers and officials urge immediate patching to prevent potential ransomware and other attacks that could compromise virtualized […] The post CISA Warns of VMware Tools and Aria Operations 0-Day Vulnerability Exploited in Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
