-
Security researchers have uncovered a serious vulnerability in nopCommerce, a popular open-source ecommerce platform used by major companies, including Microsoft, Volvo, and BMW. The flaw allows attackers to hijack user accounts by exploiting captured …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Raspberry Pi Foundation has announced immediate availability of a new 1GB version of the Raspberry Pi 5, marking a significant expansion of its affordable computing platform. The new entry-level model arrives at $45, making high-performance computing more accessible to budget-conscious consumers and developers worldwide. The 1GB Raspberry Pi 5 retains all the flagship capabilities […] The post Raspberry Pi 5 Now Available With 1GB RAM With Dual-Band Wi-Fi and PCI Express Port Support appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Multiple Ukrainian hacktivist groups have launched an extensive spearphishing campaign targeting Russia’s critical aerospace and defence industries, according to a new threat intelligence report by Intrinsec. The coordinated attacks between June …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated threat actor has been conducting a persistent phishing campaign against United States educational institutions since April 2025, leveraging the open-source Evilginx framework to bypass multi-factor authentication (MFA). The campaign, wh…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Glassworm malware campaign has resurfaced with unprecedented scale, deploying 24 malicious extensions across Microsoft Visual Studio Marketplace and OpenVSX over the past week. This latest wave of attacks demonstrates the persistent threat posed by supply chain compromises targeting developer tools. The malware specifically clones legitimate extensions for popular frameworks, including Flutter, Tailwind, Vim, Yaml, […] The post Glassworm Malware Hits OpenVSX and Microsoft Visual Studio Platforms with 24 New Packages appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new malware campaign has emerged that exploits the trust users place in popular applications. Threat actors are distributing trojanized installers for Telegram, WinSCP, Google Chrome, and Microsoft Teams to deploy ValleyRat, a remote access trojan designed for long-term system compromise. The campaign has been attributed to the China-aligned APT group known as Silver Fox, […] The post Hackers Leverages Telegram, WinSCP, Google Chrome, and Microsoft Teams to Deploy ValleyRat appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SmartTube, a popular open-source YouTube client for Android TV devices with over 25,900 GitHub stars, has been compromised after its digital signing keys were exposed, prompting an urgent security response from developer Yurii Liskov (yuliskov). The in…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers at Insikt Group have uncovered new infrastructure linked to multiple operational clusters associated with Israeli spyware vendor Candiru, revealing an ongoing campaign deploying the sophisticated DevilsTongue malware against Windows users a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Evil Crow Cable Wind is a stealthy tool for red teamers that hides a powerful hacking implant inside what appears to be a standard USB charging cable. Designed by security researcher Joel Serna Moreno, this device functions as a Human Interface Device (HID) capable of executing automated keystroke attacks at speeds of up to […] The post Charging Cable that Hacks your Device to Record Keystrokes and Control Wi-Fi appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw in the Azure API Management Developer Portal enables attackers to bypass administrator controls and register accounts across multiple tenants, even when user sign-up has been explicitly disabled. The vulnerability remains unpat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
