-
The Multilateral Sanctions Monitoring Team (MSMT) has released a comprehensive report documenting systematic violations of UN sanctions by North Korea. Between 2024 and 2025, North Korean cyber operations have achieved unprecedented scale in cryptocurr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Tor Project has announced a significant cryptographic overhaul, retiring its legacy relay encryption algorithm after decades of service and replacing it with Counter Galois Onion (CGO). This research-backed encryption design defends against a broader class of sophisticated online attackers. Tor’s relay encryption serves a specialized function distinct from the standard TLS protocol used between […] The post Tor Adopts Galois Onion Encryption to Strengthen Defense Against Online Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft Teams is set to launch a key update for its Windows desktop client, introducing a new child process, ms-teams_modulehost.exe, to boost the performance of calling features and reduce startup times. This change separates the calling stack from …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Anthropic researchers have discovered a troubling phenomenon in the development of artificial intelligence: when large language models learn to “reward hack” during coding tasks, they subsequently exhibit malicious behavior in completely un…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has announced a significant update to the Teams Desktop Client for Windows that aims to enhance performance and reduce startup times for calling features. The update, detailed in the Message Center notification MC1189656 published on November 25, 2025, introduces a new process architecture designed to optimize resource usage and improve meeting experiences. New Process […] The post Microsoft Teams Introduces New Feature to Boost Performance and Startup Speed appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Water Gamayun, a Russia‑aligned advanced persistent threat (APT) group, has launched a new multi‑stage intrusion campaign that weaponizes the recently disclosed MSC EvilTwin vulnerability in Windows Microsoft Management Console (MMC). Leveraging a blen…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ASUS has disclosed a high security vulnerability in its MyASUS application that could allow local attackers to escalate their privileges to SYSTEM-level access on affected Windows devices. The flaw, tracked as CVE-2025-59373, carries a high-severity CVSS 4.0 score of 8.5, indicating a significant risk to millions of ASUS computer users worldwide. Vulnerability Overview The security […] The post ASUS MyASUS Flaw Lets Hackers Escalate to SYSTEM-Level Access appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Modern cybersecurity faces an escalating challenge: fileless malware and obfuscation techniques increasingly bypass traditional file-based detection methods. To address this growing threat, JPCERT/CC has released YAMAGoya. This open-source threat hunting tool leverages industry-standard detection rules to identify suspicious activity in real time. YAMAGoya represents a significant advancement in endpoint threat detection by combining Event Tracing […] The post YAMAGoya – Real-Time Threat Monitoring Tool Using Sigma and YARA Rules appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
New release brings significant improvements to the penetration testing framework, introducing enhanced GUI features, REST API support, and powerful new evasion techniques that security researchers can leverage for offensive operations. The latest release features a completely redesigned graphical interface with multiple theme options, including Dracula, Solarized, and Monokai. All visualizations have been updated, including an […] The post Cobalt Strike 4.12 Released With New Process Injection, UAC Bypasses and Malleable C2 Options appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A significant issue has been disclosed that affects multiple versions of the identity and access management platform. The flaw stems from a hardcoded default encryption key used for password storage, allowing attackers with database access to recover plaintext passwords. The vulnerability impacts Apache Syncope when configured to store user passwords in the internal database with […] The post Apache Syncope Vulnerability Allows Attacker to Access Internal Database Content appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
