-
Apple has announced that the upcoming iPhone 17 and iPhone Air will feature a groundbreaking security capability called Memory Integrity Enforcement (MIE), designed to thwart sophisticated mercenary spyware attacks. This new feature, the result of a five-year engineering initiative, integrates Apple silicon hardware with advanced operating system security to provide what the company calls “industry-first, […] The post Apple iPhone 17 With New Memory Integrity Enforcement Feature to Block Mercenary Spyware Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have observed a sophisticated campaign in recent weeks targeting critical infrastructure and government entities across South Asia. Dubbed the DarkSamural operation, this attack chain leverages deceptively crafted LNK and PDF files to infiltrate networks, establish persistence, and exfiltrate sensitive information. Initial reconnaissance indicates that the adversaries disguise malicious MSC (Microsoft Management Console) files […] The post DarkSamural APT Group Malicious LNK and PDF Files to Steal Critical Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CyberVolk ransomware, which first emerged in May 2024, has escalated its operations against government agencies, critical infrastructure, and scientific institutions across Japan, France, and the United Kingdom. Operating with pro-Russian leanings, Cyb…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The North Korea-backed APT group Kimsuky has escalated its cyber operations by weaponizing GitHub repositories for malware delivery and data exfiltration, marking a sophisticated evolution in their attack methodology. This latest campaign demonstrates the group’s growing expertise in abusing legitimate cloud infrastructure to evade traditional security measures while maintaining persistent access to compromised systems. The […] The post Kimsuky Hackers Via Weaponized LNK File Abuses GitHub for Malware Delivery appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
At the recent DefCon security conference, researchers demonstrated a critical exploit chain that allows attackers to gain root access on vehicle infotainment systems by targeting Apple CarPlay. The multi-stage attack, named “Pwn My Ride,” leverages a series of vulnerabilities in the protocols that underpin wireless CarPlay, culminating in remote code execution on the car’s multimedia […] The post Apple CarPlay Exploited To Gain Root Access By Executing Remote Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has released critical security updates across multiple versions to address six significant vulnerabilities that could enable denial-of-service attacks, server-side request forgery, and information disclosure. The company released versions 18.3.2…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent months, security researchers have observed a surge in activity by a previously undocumented ransomware group known as The Gentlemen. This threat actor has rapidly distinguished itself through the deployment of highly specialized tools and meticulous reconnaissance tactics, targeting critical infrastructure across multiple sectors and regions. Leveraging legitimate Windows drivers and nuanced Group Policy […] The post New Gentlemen Ransomware Leverages Legitimate Drivers, Group Policies to Infiltrate Organizations appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fileless malware has become a formidable adversary for security teams, operating entirely in memory and evading disk-based detection. A recent incident demonstrates how attackers leveraged a multi-stage fileless loader to deploy AsyncRAT, a powerful Re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has released urgent security patches for its Community (CE) and Enterprise (EE) editions, addressing multiple vulnerabilities, including two high-severity flaws that could lead to Server-Side Request Forgery (SSRF) and Denial of Service (DoS) attacks. The company is strongly advising all administrators of self-managed GitLab installations to upgrade immediately to the newly released versions: 18.3.2, […] The post GitLab Patches Multiple Vulnerabilities That Enables Denial Of Service and SSRF Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-quality mobile application penetration testing company is essential for businesses that want to safeguard their digital assets and user data. These specialized firms employ ethical hackers who simulate real-world cyberattacks to identify and exploit vulnerabilities within mobile apps. The insights from these tests enable developers to fix security flaws before they can be leveraged […] The post Top 10 Best Mobile Application Penetration Testing Companies in 2025 appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
