-
Luxury department store Harrods has become the latest victim of a significant cybersecurity incident after hackers successfully accessed personal data belonging to 430,000 customers. The prestigious London retailer confirmed that threat actors contacte…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
VMware has disclosed critical security vulnerabilities in vCenter Server and NSX platforms that could allow attackers to enumerate valid usernames and manipulate system notifications. The vulnerabilities, tracked as CVE-2025-41250, CVE-2025-41251, and CVE-2025-41252, affect multiple VMware products, including Cloud Foundation, vSphere Foundation, NSX, NSX-T, and Telco Cloud platforms. Broadcom, which acquired VMware, released a security advisory […] The post VMware vCenter and NSX Vulnerabilities Let Attackers Enumerate Valid Usernames appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated cybercriminal group known as Lunar Spider successfully compromised a Windows machine through a single malicious click, establishing a foothold that allowed them to harvest credentials and maintain persistent access for nearly two months…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have identified a sophisticated campaign where threat actors are using malicious advertisements and search engine optimization poisoning to distribute fake Microsoft Teams installers containing the Oyster backdoor malware. The…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated cyber campaign is exploiting the trust users place in popular collaboration software, tricking them into downloading a weaponized version of Microsoft Teams to gain remote access to their systems. Threat actors are using search engine optimization (SEO) poisoning and malicious advertisements to lure unsuspecting victims to fraudulent download pages, a tactic that closely […] The post Hackers Trick Users to Download Weaponized Microsoft Teams to Gain Remote Access appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Luxury department store Harrods has disclosed a significant data breach affecting approximately 430,000 customer records after a third-party provider was compromised. The hackers behind the attack have contacted the retailer, but Harrods has stated it will not engage with the threat actor, suggesting a potential ransom demand was made. The breach, which Harrods first communicated […] The post New Harrods Data Breach Exposes 430,000 Customer Personal Records appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
New Spear-Phishing Attack Delivers DarkCloud Malware to Steal Keystrokes, FTP Credentials and Others
A newly observed spear-phishing campaign is leveraging sophisticated social engineering lures to distribute DarkCloud, a modular malware suite designed to harvest keystrokes, exfiltrate FTP credentials and gather system information. Over the past month, targeted emails masquerading as legitimate software updates or corporate invoices have reached unsuspecting recipients across various industries. These messages carry a weaponized […] The post New Spear-Phishing Attack Delivers DarkCloud Malware to Steal Keystrokes, FTP Credentials and Others appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As attackers increasingly leverage Scalable Vector Graphics (SVG) for stealthy code injection, security researchers face mounting challenges in detecting obfuscated payloads embedded within SVG assets. The SVG Security Analysis Toolkit by HackingLZ offers a comprehensive solution: a suite of four Python-based tools designed to reveal hidden scripts, decode obfuscated URLs, and verify protection mechanisms, all […] The post SVG Security Analysis Toolkit to Detect Malicious Scripts Hidden in SVG Files appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Adversaries don’t work 9–5 and neither do we. At eSentire, our 24/7 SOCs are staffed with elite threat hunters and cyber analysts who hunt, investigate, contain and respond to threats within minutes. Backed by threat intelligence, tactical threat respo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malware campaign has emerged that weaponizes seemingly legitimate productivity tools to infiltrate systems and steal sensitive information. The TamperedChef malware represents a concerning evolution in threat actor tactics, utilizing trojanized applications disguised as calendar tools and image viewers to bypass traditional security defenses. This campaign demonstrates how cybercriminals increasingly exploit user trust in […] The post New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶