-
The holiday shopping rush has always been the retail industry’s busiest and riskiest time of year. As e-commerce traffic, in-store digital systems, and supply-chain automation have evolved, so too have attackers. The weeks surrounding Black Frida…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Google Threat Intelligence Group (GTIG) has unveiled a sophisticated three-year cyber espionage campaign orchestrated by APT24, a China-nexus threat actor, targeting organizations primarily in Taiwan through the deployment of BADAUDIO malware and s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have identified a dangerous flaw in the Windows Graphics Component that enables attackers to seize complete control of computers using nothing more than a crafted image file. The vulnerability, tracked as CVE-2025-50165, represents…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The notorious Clop ransomware gang has listed Oracle on its dark web leak site, alleging a successful breach of the tech giant’s internal systems. This development is part of a massive extortion campaign exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS), designated as CVE-2025-61882. The group, tracked as Graceful Spider, claims to have […] The post Oracle Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical remote code execution flaw in Microsoft’s Windows Graphics Component allows attackers to seize control of systems using specially crafted JPEG images. With a CVSS score of 9.8, this vulnerability poses a severe threat to Windows users worldwide, as it requires no user interaction for exploitation. Discovered in May 2025 and patched by Microsoft […] The post Critical Windows Graphics Vulnerability Lets Hackers Seize Control with a Single Image appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Tsundere represents a significant shift in botnet tactics, leveraging the power of legitimate Node.js packages and blockchain technology to distribute malware across multiple operating systems. First identified around mid-2025 by Kaspersky GReAT researchers, this botnet demonstrates the evolving sophistication of supply chain attacks. The threat originates from activity first observed in October 2024, where attackers […] The post Tsundere Botnet Abusing Popular Node.js and Cryptocurrency Packages to Attack Windows, Linux, and macOS Users appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new banking malware called Sturnus has emerged as a significant threat to mobile users across Europe. Security researchers have discovered that this sophisticated Android trojan can capture encrypted messages from popular messaging apps like WhatsApp, Telegram, and Signal by accessing content directly from the device screen after decryption. The malware’s ability to monitor these […] The post Sturnus Banking Malware Steals Communications from Signal and WhatsApp, Gaining Full Control of The Device appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Attorney’s Office, Southern District of New York, has announced the sentencing of Keonne Rodriguez and William Lonergan Hill, co-founders of Samourai Wallet, a cryptocurrency mixing application designed specifically to hide illegal financial transactions. Rodriguez, who served as the Chief Executive Officer, received a five-year prison sentence on November 6, 2025, while Hill, the […] The post Samourai Wallet Cryptocurrency Mixing Founders Jailed for Laundering Over $237 Million appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A Russian-speaking threat actor attributed to the username “koneko” has resurfaced with a sophisticated new botnet named Tsundere, discovered by Kaspersky GReAT around mid-2025. This marks a significant evolution from a previous supply chai…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new wave of ransomware attacks is targeting cloud storage environments, specifically focusing on Amazon Simple Storage Service (S3) buckets that contain critical business data. Unlike traditional ransomware that encrypts files using malicious software, these attacks exploit weak access controls and configuration mistakes in cloud environments to lock organizations out of their own data. As […] The post New Ransomware Variants Targeting Amazon S3 Services Leveraging Misconfigurations and Access Controls appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
