-
A decade-old Unicode vulnerability known as BiDi Swap allows attackers to spoof URLs for sophisticated phishing attacks. By exploiting how browsers render mixed Right-to-Left (RTL) and Left-to-Right (LTR) language scripts, threat actors can craft URLs that appear legitimate but secretly redirect users to malicious sites. The BiDi Swap attack builds on prior Unicode manipulation methods […] The post Hackers Exploit RTL/LTR Scripts and Browser Gaps to Hide Malicious URLs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Since mid-2024, cybercriminals have leveraged a subscription-based phishing platform known as RaccoonO365 to harvest Microsoft 365 credentials at scale. Emerging as an off-the-shelf service, RaccoonO365 requires minimal technical skill, allowing threat actors to deploy convincing phishing campaigns by impersonating official Microsoft communications. These kits replicate Microsoft branding, email templates, and login portals to trick recipients […] The post Microsoft Dismantles 300+ Websites Used to Distribute RaccoonO365 Phishing Service appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The digital advertising ecosystem has become a prime hunting ground for cybercriminals, who are increasingly exploiting advertising technology companies to distribute malware and conduct malicious campaigns. Rather than simply abusing legitimate platforms, threat actors are now operating as the platforms themselves, creating a sophisticated web of deception that leverages the inherent complexity and fragmentation of […] The post Threat Actors Abuse Adtech Companies to Target Users With Malicious Ads appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The PureHVNC remote administration tool (RAT) has emerged as a sophisticated component of the Pure malware family, gaining prominence in mid-2025 amid an uptick in targeted intrusion campaigns. Originating from underground forums and Telegram channels, PureHVNC is marketed by its author, known as PureCoder, alongside companion tools such as PureCrypter, PureLogs, and PureMiner. Its adoption […] The post PureHVNC RAT Developers Leverage GitHub Host Source Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw has been discovered in Greenshot, a popular open-source screenshot utility for Windows. The vulnerability allows a local attacker to execute arbitrary code within the Greenshot process, potentially enabling them to bypass security measures and carry out further attacks. A proof-of-concept (PoC) exploit has been released, demonstrating the severity of the issue. […] The post Windows Screenshot Utility Greenshot Vulnerability Enable Malicious code execution – PoC Released appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In the face of an ever-increasing volume of security alerts, a critical shortage of skilled cybersecurity professionals, and the growing sophistication of cyber threats, Security Operations Centers (SOCs) are often overwhelmed. This is where Security Orchestration, Automation, and Response (SOAR) tools become a game-changer. A SOAR platform centralizes security alerts, orchestrates security tools to work […] The post Top 10 Best Security Orchestration, Automation, And Response (SOAR) Tools in 2025 appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability has been discovered in WatchGuard’s Firebox firewalls, which could allow a remote, unauthenticated attacker to execute arbitrary code on affected devices. The flaw, tracked as CVE-2025-9242, has been assigned a critical severity rating with a CVSS score of 9.3 out of 10. WatchGuard disclosed the issue in an advisory, WGSA-2025-00015, released on […] The post Critical WatchGuard Vulnerability Allows Unauthenticated Attacker to Execute Arbitrary Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent weeks, cybersecurity researchers have observed the emergence of XillenStealer, a Python-based information stealer publicly hosted on GitHub and rapidly adopted by threat actors. First reported in mid-September 2025, the stealer leverages a user-friendly builder GUI to lower the bar for malicious deployment. Operators can configure exfiltration channels, such as a Telegram bot, and […] The post Python Based XillenStealer Attacking Windows Users to Steal Sensitive Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Since early 2025, cybersecurity analysts have witnessed a marked evolution in the tactics and tooling of MuddyWater, the Iranian state-sponsored Advanced Persistent Threat (APT) group. Historically known for broad Remote Monitoring and Management (RMM)…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new report from Entro Labs reveals that one in five exposed secrets in large organizations can be traced back to SharePoint. Rather than a flaw in SharePoint itself, the real culprit is a simple convenience feature: OneDrive’s default auto-sync. When…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
