-
A sophisticated malware campaign has emerged, targeting Indonesia’s most vulnerable digital citizens through a calculated exploitation of trust in the nation’s pension fund system. The malicious operation impersonates PT Dana Tabungan dan Asuransi Pegawai Negeri (TASPEN), the state-owned pension fund managing over $15.9 billion in assets for millions of Indonesian civil servants and retirees. This […] The post New Malware Attack Exploiting TASPEN’s Legacy to Target Indonesian Senior Citizens appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A widespread service disruption is currently affecting Microsoft Teams users across the globe, preventing access to embedded Office documents within the collaboration platform. The issue, which began surfacing, has created significant workflo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day remote code execution (RCE) vulnerability is currently threatening the security of over 28,000 Citrix instances worldwide. The flaw, designated as CVE-2025-7775, is being actively exploited by threat actors, prompting urge…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over the past year, the Underground ransomware gang has emerged as a formidable threat to organizations across diverse industries and geographies. First identified in July 2023, the group resurfaced in May 2024 with a Dedicated Leak Site (DLS), signaling a renewed and more sophisticated operational phase. Their campaigns now span from the United Arab Emirates […] The post Underground Ransomware Gang With New Tactics Against Organizations Worldwide appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
South Korean authorities have successfully extradited a key suspect in a large-scale hacking operation that resulted in the embezzlement of over 38 billion won (approximately $28.5 million USD) from high-profile victims. The individual, identified as M…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Path traversal flaws like Zip Slip, which give hackers the ability to alter file systems while decompressing, remain a serious danger in the ever-changing world of cybersecurity threats. This vulnerability, stemming from inadequate input validation in …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day remote code execution (RCE) vulnerability, tracked as CVE-2025-7775, is affecting over 28,000 Citrix instances worldwide. The flaw is being actively exploited in the wild, prompting the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add it to its Known Exploited Vulnerabilities (KEV) catalog. The Shadowserver Foundation discovered that as of August 26, […] The post 28,000+ Citrix Servers Exposed to Active 0-Day RCE Vulnerability Exploited in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A weaponized proof-of-concept exploit has been publicly released targeting CVE-2025-54309, a severe authentication bypass vulnerability affecting CrushFTP file transfer servers. The flaw enables remote attackers to gain administrative privileges through a race condition in AS2 validation processing, circumventing authentication mechanisms entirely. Key Takeaways1. Race-condition exploit lets attackers bypass CrushFTP authentication.2. Public PoC on GitHub confirms […] The post PoC Exploit Released for CrushFTP 0-day Vulnerability (CVE-2025-54309) appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
August 2025 has marked a significant evolution in cybercrime tactics, with threat actors deploying increasingly sophisticated phishing frameworks and social engineering techniques that are successfully bypassing traditional security defenses. Security researchers at ANY.RUN has identified three major campaign families that represent a fundamental shift in how cybercriminals approach credential theft and system compromise: the multi-stage […] The post How ClickFix and Multi-Stage Phishing Frameworks Are Breaking Enterprise Defenses appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A stored cross-site scripting (XSS) flaw identified in IPFire 2.29’s web-based firewall interface (firewall.cgi). Tracked as CVE-2025-50975, the vulnerability allows any authenticated administrator to inject persistent JavaScript into firewall rule parameters. Once stored, the payload executes automatically when another administrator loads the rules page, potentially resulting in session hijacking, unauthorized actions within the interface, or […] The post IPFire Web-Based Firewall Interface Allows Authenticated Administrator to Inject Persistent JavaScript appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
