-
Samsung has released its September 2025 security update, addressing a critical zero-day vulnerability that is being actively exploited in the wild. The patch resolves a total of 25 Samsung Vulnerabilities and Exposures (SVEs), alongside fixes from Google and Samsung Semiconductor, to safeguard Galaxy devices against a range of security threats. Users are strongly urged to […] The post Samsung Patches Actively Exploited Zero-Day Vulnerability Enabling Remote Code Execution appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Within mere hours of its public unveiling, the K2 Think model experienced a critical compromise that has sent ripples throughout the cybersecurity community. The newly launched reasoning system, developed by MBZUAI in partnership with G42, was designed to offer unprecedented transparency by exposing its internal decision-making process for compliance and audit purposes. However, this very […] The post K2 Think AI Model Jailbroken Within Hours After The Release appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ESET Research has uncovered a sophisticated new ransomware variant called HybridPetya, discovered on the VirusTotal sample sharing platform. This malware represents a dangerous evolution of the infamous Petya/NotPetya ransomware family, incorporating a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In late July 2025, a series of ransomware samples surfaced on VirusTotal under filenames referencing the notorious Petya and NotPetya attacks. Unlike its predecessors, this new threat—dubbed HybridPetya by ESET analysts—exhibited capabilities that extended beyond conventional userland execution, directly targeting UEFI firmware on vulnerable systems. Through a specially crafted cloak.dat archive and the exploitation of […] The post New HybridPetya Weaponizing UEFI Vulnerability to Bypass Secure Boot on Outdated Systems appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released security advisories for four newly discovered vulnerabilities in its Windows Defender Firewall Service that could enable attackers to elevate privileges on affected Windows systems. The flaws, tracked as CVE-2025-53808, CVE-2025-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
EvilAI, a new malware family tracked by Trend™ Research, has emerged in recent weeks disguised as legitimate AI-driven utilities. These trojans sport professional user interfaces, valid code signatures, and functional features, allowing them to slip pa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In 2025, the cybersecurity landscape is defined by its complexity and the speed of modern threats. Security teams are overwhelmed by a fragmented array of security controls and a lack of clear visibility into what’s actually working. Breach and A…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecuritynews researcher team uncovered a sophisticated social engineering campaign that is exploiting the public’s need for free internet access, using deceptive Wi-Fi portals to trick users into downloading and executing PowerShell-based malware. Dubbed the “Clickfix” attack, this method turns a user’s own browser actions against them to compromise their system under the guise of […] The post New Clickfix Attack Promises “Free WiFi” But Delivers Powershell-Based Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A malicious ISO image named Servicenow-BNM-Verify.iso was uploaded to VirusTotal from Malaysia with almost no detections. The image contains four files—two openly visible and two hidden. The visible files include a Windows shortcut, servicenow-bnm-veri…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malvertising campaign has been uncovered targeting unsuspecting users through “dangling commits” in a legitimate GitHub repository. Attackers are injecting promotional content for a counterfeit GitHub Desktop installer into popular deve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
