-
There’s a moment, right after a new alert hits, when the room holds its breath. Everyone waits for context; is it real, is it noise, is it already too late? In those seconds, the difference between an average SOC and a great one is obvious. Some scramble for answers; others move in sync, sharing context […] The post 5 Must-Follow Rules of Every Elite SOC: CISO’s Checklist appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
F5 Networks confirmed that a sophisticated nation-state threat actor infiltrated its systems, exfiltrating proprietary BIG-IP source code and confidential vulnerability information. The incident, which began in August 2025, targeted F5’s product develo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In mid-2025, Lab539 researchers observed an unexpected surge in a novel browser-based malware campaign dubbed “ClickFix.” Emerging quietly in July, the threat quickly expanded its reach by registering over 13,000 unique domains designed to lure users into executing malicious commands on their own devices. The attack leverages compromised or low-cost hosting infrastructure, including a significant […] The post Hackers Registered 13,000+ Unique Domains and Leverages Cloudflare to Launch Clickfix Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
F5, a leading provider of application security and delivery solutions, disclosed a major security incident. The company revealed that a sophisticated nation-state threat actor had gained long-term access to internal systems, exfiltrating sensitive files including BIG-IP source code and details on undisclosed vulnerabilities. While F5 emphasized that no critical exploits or active attacks on customers […] The post F5 Breached – Hackers Stole BIG-IP Source Code and Undisclosed Vulnerabilities Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The GhostBat RAT campaign has emerged as a sophisticated threat targeting Indian Android users through counterfeit Regional Transport Office (RTO) applications. First observed in mid-2025, these malicious APKs masquerade as the official “mParivahan” app, exploiting user trust in government services. Distribution occurs primarily via smishing—WhatsApp messages and SMS containing shortened URLs redirecting victims to GitHub-hosted […] The post GhostBat RAT Android Malware With Fake RTO Apps Steals Targeting Indian Users to Steal Banking Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated attack campaign dubbed “Operation Zero Disco,” where threat actors are actively exploiting a critical Cisco Simple Network Management Protocol (SNMP) vulnerability to install Linux rootkits on vulnerable network devices. Trend Micro observed an operation exploiting CVE-2025-20352, which allows remote code execution (RCE) and grants persistent unauthorized access, primarily targeting older Cisco switches that […] The post Cisco SNMP 0-Day Vulnerability Actively Exploited To Deploy Linux Rootkits appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert on October 14, 2025, highlighting a critical vulnerability in Rapid7’s Velociraptor endpoint detection and response (EDR) tool. This flaw, stemming from incorrect default permissions, has already been weaponized by threat actors to execute arbitrary commands and seize control of infected endpoints, amplifying risks for […] The post CISA Warns Of Rapid7 Velociraptor Vulnerability Exploited in Ransomware Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A major manufacturing company fell victim to a swift and devastating ransomware attack after threat actors gained access using just one set of stolen VPN credentials. The attack, carried out by the cybercrime group Ignoble Scorpius, culminated in wides…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency has added a critical vulnerability in Rapid7 Velociraptor to its Known Exploited Vulnerabilities catalogue, warning that threat actors are actively exploiting the flaw in ransomware attacks. The vuln…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered zero-day vulnerability in the Windows Agere Modem driver has been actively exploited by threat actors to elevate privileges on affected systems. Tracked as CVE-2025-24052 and CVE-2025-24990, these flaws allow a low-privileged user to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
