-
A new threat has emerged in the ransomware landscape with the discovery of Yurei ransomware, first publicly identified in early September 2025. This Go-based malware follows a typical ransomware operation model by infiltrating corporate networks, encrypting critical data, deleting backups, and demanding ransom for stolen information. The group operates through a dedicated dark web site […] The post Yurei Ransomware File Encryption, Operation Model and Data Transfer Methods Uncovered appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Pig-butchering scams have grown into one of the most damaging global cybercrime threats, causing billions of dollars in losses every year. These long-term investment fraud schemes work by building trust through emotional grooming and fake trading platforms before draining victims of their life savings. The scams now operate at an industrial scale, and criminal groups […] The post Pig-Butchering Scams Operators Scaled Their Operations with The Support of AI-Assistants appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new open-source security tool, TaskHound, helps penetration testers and security professionals identify high-risk Windows scheduled tasks that could expose systems to attacks. The tool automatically discovers tasks running with privileged accounts and stored credentials, making it a valuable addition to security assessments. What Makes TaskHound Different? TaskHound stands out by automating the discovery of dangerous […] The post TaskHound Tool – Detects Windows Scheduled Tasks Running with Elevated Privileges and Stored Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical logic flaw discovered in the widely used mPDF PHP library could expose internal networks and sensitive services on approximately 70 million devices worldwide. The vulnerability stems from improper regular expression parsing, which allows att…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cyber threats don’t always come with warning signs. Sometimes, they arrive as sponsored ads. Since mid-2023, a financially motivated network has been quietly hijacking payroll systems, credit unions, and trading platforms across the United States…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new phishing campaign has emerged that weaponizes Microsoft Entra guest user invitations to deceive recipients into making phone calls to attackers posing as Microsoft support. The attack leverages a critical security gap in how Microsoft Entra communicates with external users, turning a legitimate collaboration feature into a delivery mechanism for sophisticated social engineering attacks. […] The post Hackers Leverages Microsoft Entra Tenant Invitations to Launch TOAD Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued an urgent alert about a critical vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF), actively exploited by threat actors to seize administrative control of affected systems. Tracked as CVE-2025-64446, the flaw stems from a relative path traversal issue (CWE-23) that enables unauthenticated attackers to execute arbitrary administrative commands through specially crafted HTTP […] The post CISA Warns of Fortinet FortiWeb WAF Vulnerability Exploited in the Wild to Gain Admin Access appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding multiple vulnerabilities affecting General Industrial Controls’ Lynx+ Gateway device. Released on November 13, 2025, under alert code ICSA-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In November 2025, a new malware campaign emerged that combines social engineering tricks with advanced stealing tools. The attack starts when criminals trick users into running commands through the Windows Run window, a technique known as ClickFix. Once users follow these instructions, their computers become infected with Amatera Stealer, an advanced piece of malware designed […] The post EVALUSION Campaign Using ClickFix Technique to deploy Amatera Stealer and NetSupport RAT appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly identified ransomware group, Yurei, has emerged as a significant threat to organizations worldwide, with confirmed attacks targeting entities in Sri Lanka and Nigeria across multiple critical industries. First publicly identified in early Septe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
