-
Shuyal Stealer is a recently uncovered infostealer that pushes the boundaries of traditional browser-targeted malware. Unlike most variants that zero in on popular platforms like Chrome and Edge, Shuyal dramatically widens its scope by targeting 19 dif…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In an era where AI and SaaS applications underpin daily workflows, organizations face an unprecedented challenge: the invisible exfiltration of sensitive information. Traditional, file-based data loss prevention (DLP) measures were designed for attachm…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenAI announced it has banned a series of ChatGPT accounts linked to Chinese state-affiliated hacking groups that used the AI models to refine malware and create phishing content. The October 2025 report details the disruption of several malicious networks as part of the company’s ongoing commitment to preventing the abuse of its AI technologies by […] The post OpenAI Banned ChatGPT Accounts Used by Chinese Hackers to Develop Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a groundbreaking disclosure, CloudSEK’s TRIAD unit has unearthed internal operational materials that shed light on Charming Kitten (APT35), revealing an intricate espionage apparatus linked to Iran’s Islamic Revolutionary Guard Corps (IRGC). The lea…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a sophisticated evolution of email-based attacks, adversaries have begun leveraging Cascading Style Sheets (CSS) to inject hidden “salt” — irrelevant content used to confuse detection systems — deep within HTML emails. Cisco Talos’s year-long monito…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WordPress websites have become a prime target for threat actors seeking to monetize traffic and compromise visitor security. In recent months, a new malvertising campaign has emerged, leveraging silent PHP code injections within theme files to serve unwanted third-party scripts. The attack blends seamlessly with legitimate site operations, delivering obfuscated JavaScript that redirects visitors, displays […] The post Hackers Weaponizing WordPress Websites by Injecting Malicious PHP Codes Silently appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In 2025, account takeover (ATO) attacks remain one of the most critical cybersecurity risks facing businesses, especially in industries like e-commerce, banking, SaaS, and healthcare. Hackers continuously launch credential stuffing, phishing, and brute…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued a critical warning regarding a zero-day cross-site scripting (XSS) vulnerability in Synacor’s Zimbra Collaboration Suite (ZCS), designated as CVE-2025-27915. This vulnerability has been actively exploited in attacks and poses significant risks to organizations using the popular email and collaboration platform. Zimbra Collaboration Suite (ZCS) XSS Flaw The vulnerability exists within the Classic […] The post CISA Warns of Zimbra Collaboration Suite (ZCS) XSS Zero-Day Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A massive escalation in attacks targeting Palo Alto Networks PAN-OS GlobalProtect login portals, with over 2,200 unique IP addresses conducting reconnaissance operations as of October 7, 2025. This represents a significant surge from the initial 1,300 IPs observed just days earlier, marking the highest scanning activity recorded in the past 90 days according to GreyNoise […] The post Attacks on Palo Alto PAN-OS Global Protect Login Portals Surge from 2,200 IPs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Brand protection has become a necessity for enterprises in 2025, with increasing risks of counterfeiting, phishing, domain abuse, fake social media accounts, and digital piracy. Businesses today must not only defend their intellectual property but also…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
