-
The digital landscape in 2025 is characterized by unprecedented connectivity and an equally sophisticated array of cyber threats. Organizations face a constant barrage of attacks targeting their data, infrastructure, and reputation. Selecting the right…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
JFrog’s security research team has identified a malicious PyPI package named SoopSocks that masquerades as a legitimate SOCKS5 proxy utility while stealthily implanting a backdoor on Windows systems. This package leverages automated installation, advan…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WestJet Airlines has confirmed that a recent cybersecurity incident exposed certain personal information belonging to its customers. The Canadian carrier says the breach took place in mid-June and was discovered on June 13, 2025. Company officials stre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Since mid-2025, cybersecurity researchers have tracked a resurgence of Patchwork Advanced Persistent Threat (APT) campaigns targeting government and telecommunications sectors across Asia and Eastern Europe. Initially leveraging spear-phishing emails containing malicious Office document attachments, this latest wave of activity has evolved into a multi-stage infection chain employing sophisticated persistence and payload retrieval tactics. The initial […] The post Patchwork APT Using PowerShell Commands to Create Scheduled Task and Downloads Final Payload appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NVIDIA has issued a critical security bulletin revealing multiple vulnerabilities in its NVIDIA App software that can enable attackers to escalate privileges on Windows systems. The flaws, addressed in the September 2025 update, stem from improper file…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A novel rootkit hooking method dubbed FlipSwitch has emerged, circumventing the latest Linux 6.9 kernel dispatch safeguards and reigniting concerns over kernel-level compromise. By manipulating the machine code of the new syscall dispatcher rather than…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Red Hat published security advisory CVE-2025-10725, detailing an Important severity flaw in the OpenShift AI Service that could enable low-privileged attackers to elevate their permissions to full cluster administrator and compromise the entire platform. With a CVSS v3 base score of 9.9, this vulnerability poses a critical risk for organizations leveraging Red Hat OpenShift AI […] The post Red Hat Openshift AI Service Vulnerability Allow Attackers to Take Control of the Infrastructure appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Confidential computing promised to protect sensitive workloads in the public cloud. Yet a new low-cost hardware attack, Battering RAM, demonstrates that even up-to-date memory-encryption schemes on Intel and AMD processors can be defeated with a simple interposer costing under 50 dollars. Modern servers use DDR4 DRAM with hardware-backed encryption, such as Intel SGX’s Total Memory Encryption (TME) […] The post New Battering RAM Attack Bypasses Latest Defenses on Intel and AMD Cloud Processors appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Detour Dog, a stealthy website malware campaign tracked since August 2023, has evolved from redirecting victims to tech-support scams into a sophisticated DNS-based command-and-control (C2) distribution system that delivers the Strela Stealer informati…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent weeks, security teams worldwide have observed a surge in covert operations orchestrated by a clandestine group known colloquially as the “Chinese Nexus” APT. This actor has been tailoring highly targeted campaigns against organizations in the finance, telecommunication, and manufacturing sectors, exploiting spear-phishing emails and compromised VPN credentials to gain initial footholds. Victims report […] The post New Chinese Nexus APT Hackers Attacking Organizations to Deliver NET-STAR Malware Suite appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
