-
ESET security researchers have uncovered a sophisticated cyber threat campaign targeting Windows servers across multiple countries, with attackers deploying custom malware tools designed for both remote access and search engine manipulation. Cybersecur…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly identified hacking group, dubbed “GhostRedirector” by cybersecurity researchers, has compromised at least 65 Windows servers across the globe, deploying custom malware designed to manipulate search engine results for financial gain. According to a new report from ESET, the threat actor utilizes a malicious module for Microsoft’s Internet Information Services (IIS) to conduct a […] The post GhostRedirector Hackers Compromise Windows Servers With Malicious IIS Module To Manipulate Search Results appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Armis Labs has uncovered ten critical security flaws collectively named “Frostbyte10” in Copeland’s E2 and E3 building management controllers. These devices, which handle refrigeration, HVAC, lighting, and other essential functions, could allow remote…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new cyber-attack, dubbed “Grokking,” is exploiting features on the social media platform X to spread malicious links on a massive scale. Scammers are manipulating the platform’s advertising system and its generative AI, Grok, to bypass security measures and amplify harmful domains. This technique turns X’s own tools into unwilling accomplices in a widespread malvertising […] The post Hackers Leverage X’s Grok AI To Amplify Malicious Links Via Promoted Posts appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has officially acknowledged a significant User Account Control (UAC) bug that is causing widespread installation issues across Windows 10 and Windows 11 systems. The problem stems from a security update released in August 2025 and affects mil…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Educational institutions have become prime targets in the escalating battle against commodity information stealers. First emerging in 2022 as an open-source project on GitHub, Stealerium was initially released “for educational purposes” but rapidly attracted illicit interest. Adversaries adapted and enhanced the code to create variants—such as Phantom Stealer and Warp Stealer—resulting in a family of […] The post Threat Actors Using Stealerium Malware to Attack Educational Organizations appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Django development team has issued critical security updates to address a high-severity vulnerability that could allow attackers to execute malicious SQL code on web servers using the popular framework. The flaw, identified as CVE-2025-57833, affects multiple versions of Django, prompting an urgent call for all users to upgrade their installations as soon as possible. […] The post Django Critical Vulnerability Let attackers Execute Malicious SQL Code on Web Servers appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The United States government has announced a reward of up to $10 million for information leading to the identification or location of three Russian intelligence officers. The bounty, offered through the Department of State’s Rewards for Justice program, targets members of the Russian Federal Security Service (FSB) accused of conducting widespread malicious cyber campaigns against […] The post US Offers $10M Bounty For FSB Hackers Who Exploited Cisco Vulnerability To Attack Critical Infrastructure appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day vulnerability in several Sitecore products could allow attackers to execute code remotely. The vulnerability, identified as CVE-2025-53690, stems from a ViewState deserialization flaw and is being actively exploited in the wild. The investigation by Mandiant revealed that attackers are leveraging exposed ASP.NET machine keys that were included in Sitecore deployment guides from […] The post Google Warns of Zero-Day Vulnerability in Sitecore Products Allowing Remote Code Execution appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. government has unveiled a $10 million reward for information leading to the arrest of three Russian FSB officers. The officers are accused of carrying out cyberattacks on U.S. critical infrastructure and exploiting Cisco network equipment. Th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
