-
In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group—also known as APT-C-24 or “Rattlesnake”—has adopted a novel delivery mechanism leveraging Windows shortcut (LNK) files to orchestrate complex, multi-stage int…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in the popular Axios HTTP client library that allows attackers to crash Node.js applications through malicious data URL handling. The flaw, tracked as CVE-2025-58754, affects all versions of Axios b…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apple has issued a warning regarding highly sophisticated “mercenary spyware” attacks targeting a select group of its users. The company’s threat notification system is designed to alert and support individuals who may have been targeted due to their profession or public profile, such as journalists, activists, politicians, and diplomats, CERT-FR said. These attacks are far […] The post Apple Warns Of Series Mercenary Spyware Attacks Targeting Users Devices appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a startling development on September 8, the Telegram channel “scattered LAPSUS$ hunters 4.0” declared its intention to “go dark” after taunting law enforcement for repeated missteps. With an audacious message aimed squarely at the FBI and French aut…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft announced the phased deprecation of VBScript in Windows, significantly impacting VBA developers who rely on VBScript libraries for regular expressions and external script execution. The company outlined a comprehensive timeline and provided m…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apple has issued urgent warnings about sophisticated spyware attacks targeting specific users worldwide, including journalists, activists, politicians, and diplomats. Mercenary spyware attacks differ significantly from regular cybercriminal activity. T…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A groundbreaking vulnerability has emerged in the newly released K2 Think AI model from UAE’s Mohamed bin Zayed University of Artificial Intelligence (MBZUAI) in collaboration with G42. Security researchers have successfully jailbroken the advanc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The latest ToneShell variant introduces a notable advancement in its persistence strategy by leveraging the Windows Task Scheduler COM service. This lightweight backdoor, traditionally delivered through DLL sideloading techniques, now incorporates enha…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Oracle has released VirtualBox 7.2.2, a critical maintenance update that addresses multiple GUI crashes and stability issues affecting users across Windows, Linux, and macOS platforms. Released on September 10, 2025, this update represents a significan…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw in Daikin Security Gateway systems has been discovered that could enable attackers to bypass authentication and gain unauthorized access to industrial control systems. The vulnerability, tracked as CVE-2025-10127, affects …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
