-
A critical pre-handshake vulnerability in the LSQUIC QUIC implementation that allows remote attackers to crash servers through memory exhaustion attacks. The vulnerability, designated CVE-2025-54939 and dubbed “QUIC-LEAK,” affects the second most widely used QUIC implementation globally, potentially impacting over 34% of HTTP/3-enabled websites that rely on LiteSpeed technologies. Key Takeaways1. CVE-2025-54939 allows remote DoS via […] The post New QUIC-LEAK Vulnerability Let Attackers Exhaust Server Memory and Trigger DoS Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft announced on August 20, 2025, a significant enhancement to its Microsoft 365 administrative capabilities with the introduction of new tenant-level controls for managing org-wide sharing links for user-built Copilot agents. This feature, sched…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Static Tundra, a Russian state-sponsored threat actor connected to the FSB’s Center 16 unit, has been responsible for a sustained cyber espionage effort, according to information released by Cisco Talos. Operating for over a decade, this group sp…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have uncovered a sophisticated new threat campaign that leverages a seemingly legitimate PDF editor application to transform infected devices into residential proxies. The malicious software, distributed under the guise of productivity tools, represents an evolving approach by threat actors who are increasingly exploiting trusted software categories to establish persistent network access and monetize […] The post Threat Actors Weaponize PDF Editor With New Torjan to Turn Device Into Proxy appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Kali Linux team has announced a significant overhaul of its Vagrant image build process, streamlining development and simplifying deployment for users. In a move to unify its infrastructure, the team has transitioned from HashiCorp’s Packer to DebOS for generating its pre-configured Vagrant virtual machines. The release also includes a handy cheat sheet to get […] The post Kali Vagrant Rebuilt Released – Pre-configured VMs Interacted via Command Line appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Federal Bureau of Investigation has issued a critical security alert regarding sophisticated cyber operations conducted by Russian Federal Security Service (FSB) Center 16, targeting networking infrastructure across the United States and globally. The threat actors have been exploiting vulnerable networking devices to gain unauthorized access to critical infrastructure systems, demonstrating a calculated approach to […] The post FBI Warns of Russian Government Hackers Attacking Networking Devices of Critical Infrastructure appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at CrowdStrike identified and thwarted a sophisticated malware campaign deploying SHAMOS, an advanced variant of the Atomic macOS Stealer (AMOS) malware, orchestrated by the cybercriminal group COOKIE SPIDER. Operating under a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A 20-year-old Florida man, identified as a key member of the prolific cybercrime group “Scattered Spider,” was sentenced to 10 years in federal prison today. Noah Michael Urban of Palm Coast, Fla., was also ordered to pay approximately $13 million in restitution to the victims of his schemes. In April 2025, Urban pleaded guilty to […] The post First Member of ‘Scattered Spider’ Hackers Group Sentenced to 10 Years appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated cybercrime operation has emerged, targeting unsuspecting internet users through a deceptive social engineering technique that exploits one of the web’s most trusted security mechanisms. Since June 2024, the financially motivated threat group UNC5518 has been systematically compromising legitimate websites to inject malicious fake CAPTCHA verification pages, tricking visitors into unknowingly executing malware on […] The post UNC5518 Group Hacks Legitimate Websites to Inject Fake Captcha That Tricks Users to Execute Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DragonForce represents a sophisticated and rapidly evolving ransomware operation that has emerged as a significant threat in the cybersecurity landscape since late 2023. Operating under a Ransomware-as-a-Service (RaaS) model, this group has demonstrated exceptional adaptability by leveraging leaked ransomware builders from notorious families like LockBit 3.0 and Conti to create customized attack variants. The organization […] The post DragonForce Ransomware Attack Analysis – Targets, TTPs and IoCs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
