-
In August 2025, a new ransomware threat emerged with capabilities that fundamentally changed how organizations should approach enterprise security. Kraken, a Russian-speaking cybercriminal group, began executing sophisticated attacks targeting large organizations across multiple continents. What makes Kraken particularly dangerous is its ability to attack Windows, Linux, and VMware ESXi systems with platform-specific tools, making it […] The post Kraken Cross-Platform Ransomware Attacking Windows, Linux, and VMware ESXi Systems in Enterprise Environments appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A growing social engineering technique called ClickFix has emerged as one of the most successful methods for distributing malware in recent months. This attack tricks users into copying and running commands directly into their operating systems command line interface, ultimately installing dangerous information-stealing software. The technique has proven remarkably effective because it bypasses traditional email […] The post New ClickFix Attack Targeting Windows and macOS Users to Deploy Infostealer Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Digital photo frames have become a standard household device for displaying family memories, and most users assume these simple gadgets prioritize simplicity over complexity. However, a troubling discovery reveals that specific Android photo frames running the Uhale app automatically download and execute malware as soon as they boot. Quokka security analysts noted or identified this […] The post Android Photo Frames App Downloads Malware, Giving Hackers Control of The Device Without User Interaction appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly updated cybersecurity advisory from federal agencies reveals that the Akira ransomware operation has significantly escalated its campaign, compromising organizations worldwide and accumulating massive ransom proceeds through sophisticated attac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Palo Alto Networks has disclosed a denial-of-service vulnerability in its PAN-OS software that allows attackers to force firewalls into unexpected reboots using specially crafted network packets. The flaw, tracked as CVE-2025-4619, affects multiple ver…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Following the doxxing of Lumma Stealer’s alleged core members last month, the notorious infostealer initially experienced a significant decline in activity as customers migrated to rival platforms like Vidar and StealC. However, recent telemetry …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day vulnerability in Fortinet FortiWeb has been actively exploited in the wild, allowing attackers to gain complete administrator access without any prior authentication. The flaw affects Fortinet’s Web Application Firewall, which…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The rise of cryptocurrency has created new opportunities for cybercriminals to exploit unsuspecting users. Attackers are now disguising the notorious DarkComet remote access trojan as Bitcoin-related applications, targeting cryptocurrency enthusiasts who download tools from unverified sources. This malware campaign demonstrates how old threats continue to resurface with modern social engineering techniques. DarkComet RAT is a […] The post Beware of Fake Bitcoin Tool That Hides DarkComet RAT Malware With it appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF) is being actively exploited by threat actors, potentially as a zero-day attack vector. The flaw, which enables unauthenticated attackers to gain administrator-level access to the FortiWeb Manager panel and WebSocket command-line interface, was first highlighted through a proof-of-concept (PoC) exploit shared by cyber deception firm […] The post Critical Fortinet FortiWeb Vulnerability Exploited in the Wild to Create Admin Accounts appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are actively exploiting a critical authentication bypass vulnerability in Fortinet’s FortiWeb web application firewall (WAF) worldwide, prompting defenders to heighten vigilance. Researchers at watchTowr Labs have responded by releasing a Detection Artefact Generator script, designed to help organizations scan their environments for vulnerable FortiWeb appliances and mitigate risks swiftly. The vulnerability, tracked as […] The post FortiWeb Authentication Bypass Vulnerability Exploited – Script to Detect Vulnerable Appliances appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
