-
GitLab has released important security updates. The new versions are 18.4.2, 18.3.4, and 18.2.8 for both Community Edition (CE) and Enterprise Edition (EE). These updates fix several vulnerabilities that could lead to denial-of-service (DoS) attacks and allow unauthorized access. All self-managed GitLab installations are strongly advised to upgrade promptly to mitigate potential disruptions. GitLab.com and […] The post GitLab Security Update – Patch For Multiple Vulnerabilities That Enables DoS Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly spotted Python remote access trojan (RAT) on VirusTotal employs advanced polymorphic and self-modifying techniques, allowing it to alter its code signature on every execution and evade detection. Security researchers examining VirusTotal submis…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The popular communication platform Discord is confronting a major extortion attempt after cybercriminals breached one of its third-party customer service providers, compromising sensitive user data including government identification photos used for ag…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ransomware threats reached a tipping point in Q3 2025 as data-leak sites surged to a record 81 active platforms, driven by major developments across the ecosystem. English-speaking hacking collective Scattered Spider teased its first ransomware-as-a-se…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Volexity have uncovered compelling evidence that China-aligned threat actors are leveraging artificial intelligence platforms like ChatGPT to enhance their sophisticated cyberattack capabilities. The group, tracked as UTA0388, h…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In 2025, the notorious Chaos ransomware has undergone a dramatic transformation, emerging with a sophisticated C++ variant that represents the most dangerous iteration to date. This marks the first time Chaos has departed from its traditional .NET foun…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Since emerging in the mid-2010s as a persistent threat actor, the IRGC-linked APT35 collective has continually adapted its tactics to target government entities, energy firms, and diplomatic missions across the Middle East and beyond. Initially focused on credential harvesting via targeted phishing campaigns, the group has evolved a modular toolkit capable of deep network infiltration […] The post IRGC-Linked APT35 Structure, Tools, and Espionage Operations Disclosed appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a sophisticated cyberattack campaign where Chinese threat actors are exploiting web applications using an innovative log poisoning technique to deploy web shells and subsequently weaponize Nezha, a legitimate server …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated technique known as hidden text salting has emerged as a significant threat to email security systems, allowing cybercriminals to bypass detection mechanisms through the strategic abuse of cascading style sheets (CSS) properties. This attack vector enables threat actors to embed irrelevant content, or “salt,” within various components of malicious emails while rendering it […] The post Hackers Abuse CSS Properties With Messages to Inject Malicious Codes in Hidden Text Salting Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CrowdStrike has disclosed two critical vulnerabilities affecting its Falcon sensor for Windows that could enable attackers to delete arbitrary files and potentially compromise system stability. The cybersecurity company released patches for both securi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
