-
Cloud Software Group has issued an emergency security bulletin warning of active exploitation targeting three critical vulnerabilities in NetScaler ADC and NetScaler Gateway products. The vulnerabilities, tracked as CVE-2025-7775, CVE-2025-77…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
China-based threat actor Mustang Panda has emerged as one of the most sophisticated cyber espionage groups operating in the current threat landscape, with operations dating back to at least 2014. This advanced persistent threat (APT) group has systematically targeted government entities, nonprofit organizations, religious institutions, and NGOs across the United States, Europe, Mongolia, Myanmar, Pakistan, […] The post China-based Threat Actor Mustang Panda’s Tactics, Techniques, and Procedures Unveiled appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have uncovered a critical security flaw in Securden Unified PAM that allows attackers to completely bypass authentication mechanisms and gain unauthorized access to sensitive credentials and system functions. The vulnerability, designated as CVE-2025-53118 with a CVSS score of 9.4, represents one of four serious security issues discovered in the privileged access management solution […] The post Securden Unified PAM Vulnerability Let Attackers Bypass Authentication appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new variant of the Hook Android banking trojan has emerged with unprecedented capabilities that position it among the most advanced mobile malware families observed to date. This latest version, designated Hook Version 3, represents a significant evolution in Android banking malware sophistication, introducing a comprehensive arsenal of 107 remote commands with 38 newly […] The post New Hook Android Banking Malware With New Advanced Capabilities and Supports 107 Remote Commands appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Check Point Research has uncovered a highly persistent phishing operation dubbed ZipLine, which reverses traditional attack vectors by exploiting victims’ own “Contact Us” web forms to initiate seemingly legitimate business communicat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers have unveiled ONEFLIP, a novel inference-time backdoor attack that compromises full-precision deep neural networks (DNNs) by flipping just one bit in the model’s weights, marking a significant escalation in the practicality of hardwar…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity landscapes are undergoing a paradigm shift as threat actors increasingly deploy agentic AI systems to orchestrate sophisticated social engineering attacks. Unlike reactive generative AI models that merely produce content such as deepfakes…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A significant milestone for cybersecurity experts is the disclosure of specific tactics, methods, and procedures (TTPs) used by Mustang Panda, an advanced persistent threat (APT) group based in China, which has illuminated their intricate activities. F…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Securden Unified PAM is a comprehensive privileged access management platform that is used to store, manage, and monitor credentials across human, machine, and AI identities in a variety of environments. Security researchers discovered four critical vu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new ransomware has been identified, which is believed to be the first-ever ransomware strain that leverages a local AI model to generate its malicious components. Dubbed “PromptLock” by the ESET Research team that discovered it, the malware uses OpenAI’s gpt-oss:20b model via the Ollama API to create custom, cross-platform Lua scripts for its attack […] The post First AI Ransomware ‘PromptLock’ Uses OpenAI gpt-oss-20b Model for Encryption appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
