-
Chinese state-sponsored cyber threat group Salt Typhoon has been targeting global telecommunications infrastructure since at least 2019, exploiting network edge devices to establish deep persistence and harvest vast quantities of sensitive data. Aligne…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In August 2025, Australian authorities issued multiple scam alerts after users reported suspicious Facebook groups promoting “active senior trips.” What initially appeared as harmless community gatherings concealed a sophisticated mobile malware operat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The digital landscape in 2025 is characterized by unprecedented connectivity and an equally sophisticated array of cyber threats. Organizations face a constant barrage of attacks targeting their data, infrastructure, and reputation. Selecting the right…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
JFrog’s security research team has identified a malicious PyPI package named SoopSocks that masquerades as a legitimate SOCKS5 proxy utility while stealthily implanting a backdoor on Windows systems. This package leverages automated installation, advan…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WestJet Airlines has confirmed that a recent cybersecurity incident exposed certain personal information belonging to its customers. The Canadian carrier says the breach took place in mid-June and was discovered on June 13, 2025. Company officials stre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Since mid-2025, cybersecurity researchers have tracked a resurgence of Patchwork Advanced Persistent Threat (APT) campaigns targeting government and telecommunications sectors across Asia and Eastern Europe. Initially leveraging spear-phishing emails containing malicious Office document attachments, this latest wave of activity has evolved into a multi-stage infection chain employing sophisticated persistence and payload retrieval tactics. The initial […] The post Patchwork APT Using PowerShell Commands to Create Scheduled Task and Downloads Final Payload appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NVIDIA has issued a critical security bulletin revealing multiple vulnerabilities in its NVIDIA App software that can enable attackers to escalate privileges on Windows systems. The flaws, addressed in the September 2025 update, stem from improper file…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A novel rootkit hooking method dubbed FlipSwitch has emerged, circumventing the latest Linux 6.9 kernel dispatch safeguards and reigniting concerns over kernel-level compromise. By manipulating the machine code of the new syscall dispatcher rather than…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Red Hat published security advisory CVE-2025-10725, detailing an Important severity flaw in the OpenShift AI Service that could enable low-privileged attackers to elevate their permissions to full cluster administrator and compromise the entire platform. With a CVSS v3 base score of 9.9, this vulnerability poses a critical risk for organizations leveraging Red Hat OpenShift AI […] The post Red Hat Openshift AI Service Vulnerability Allow Attackers to Take Control of the Infrastructure appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Confidential computing promised to protect sensitive workloads in the public cloud. Yet a new low-cost hardware attack, Battering RAM, demonstrates that even up-to-date memory-encryption schemes on Intel and AMD processors can be defeated with a simple interposer costing under 50 dollars. Modern servers use DDR4 DRAM with hardware-backed encryption, such as Intel SGX’s Total Memory Encryption (TME) […] The post New Battering RAM Attack Bypasses Latest Defenses on Intel and AMD Cloud Processors appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
