-
Maryland’s transit network experienced widespread disruption this week after a sophisticated cyberattack targeted critical information systems, forcing the Maryland Transit Administration (MTA) and the Department of Information Technology (DoIT) to scr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A malvertising campaign using sponsored results on Microsoft’s search platform delivered a weaponized PuTTY that established persistence, enabled hands-on keyboard control, and executed Kerberoasting to target Active Directory service accounts. According to an investigation published by LevelBlue’s MDR SOC and corroborated by independent research tracking Oyster/Broomstick backdoor activity tied to trojanized admin tools distributed via […] The post Weaponized PuTTY Via Bing Ads Exploit Kerberos and Attack Active Directory Services appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A comprehensive study examining the location data practices of the top 10 social media platforms has uncovered concerning patterns of user tracking that extend far beyond what most users realize. The research, which analyzed App Store disclosures from …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Android droppers have evolved from niche installers for heavyweight banking Trojans into universal delivery frameworks, capable of deploying even rudimentary spyware or SMS stealers. Initially, droppers served banking malware families that required elevated Accessibility permissions to harvest credentials. These small applications appeared innocuous at first glance, often masquerading as utility or government apps in high-risk […] The post Threat Actors Adapting Android Droppers Even to Deploy Simple Malware to Stay Future-Proof appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A stealthy espionage campaign emerged in early 2025 targeting diplomats and government entities in Southeast Asia and beyond. At the heart of this operation lies STATICPLUGIN, a downloader meticulously disguised as a legitimate Adobe plugin update. Victims encountered a captive portal hijack that redirected browsers to malicious domains, where an HTTPS-secured landing page prompted users […] The post Chinese UNC6384 Hackers Leverages Valid Code Signing Certificates to Evade Detection appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued a critical alert regarding three newly identified vulnerabilities being actively exploited by threat actors. On August 25, 2025, CISA added these high-risk Common Vulnerabilities and Exposures (CVEs) to its Known Exploited Vulnerabilities (KEV) Catalog, signaling immediate concern for federal agencies and private organizations alike. Key Takeaways1. CISA added two Citrix Session Recording […] The post CISA Warns of Citrix RCE and Privilege Escalation Vulnerabilities Exploited in Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
French retail giant Auchan announced on August 21 that it fell victim to a cyberattack that resulted in the theft of loyalty account information belonging to several hundred thousand customers. The company revealed in an official st…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A massive coordinated scanning campaign targeting Microsoft Remote Desktop Protocol (RDP) services, with threat actors deploying over 30,000 unique IP addresses to probe for vulnerabilities in Microsoft RD Web Access and RDP Web Client authentication portals. The campaign represents one of the largest coordinated RDP reconnaissance operations observed in recent years, signaling potential preparation for […] The post Hackers Actively Scanning to Exploit Microsoft Remote Desktop Protocol Services From 30,000+ IPs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated scanning campaign has escalated dramatically, with threat intelligence firm GreyNoise detecting over 30,000 unique IP addresses simultaneously probing Microsoft Remote Desktop Protocol (RDP) services on August 24, 2024. This r…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert after adding three critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog on August 25, 2025. The alert highlights active exploitatio…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
