A critical security flaw in the WordPress Post SMTP plugin has left more than 400,000 websites vulnerable to account takeover attacks. The vulnerability, identified as CVE-2025-11833, enables unauthenticated attackers to access email logs containing sensitive password reset information, potentially compromising administrator accounts and entire websites. The flaw stems from a missing authorization check in the […] The post WordPress Post SMTP Plugin Vulnerability Exposes 400,000 Websites to Account Takeover Attacks appeared first on Cyber Security News.

XLoader remains one of the most challenging malware families confronting cybersecurity researchers. This sophisticated information-stealing loader emerged in 2020 as a rebrand of FormBook and has evolved into an increasingly complex threat. The malware’s code decrypts only at runtime and sits protected behind multiple encryption layers, each locked with different keys hidden throughout the binary. […] The post XLoader Malware Analyzed Using ChatGPT’s, Breaks RC4 Encryption Layers in Hours appeared first on Cyber Security News.

The Tycoon 2FA phishing kit has emerged as one of the most sophisticated Phishing-as-a-Service platforms since its debut in August 2023, specifically engineered to circumvent two-factor authentication and multi-factor authentication protections on Microsoft 365 and Gmail accounts. This advanced threat employs an Adversary-in-the-Middle approach, utilizing reverse proxy servers to host convincing phishing pages that perfectly […] The post Attack Techniques of Tycoon 2FA Phishing Kit Targeting Microsoft 365 and Gmail Accounts Detailed appeared first on Cyber Security News.

A sophisticated evolution of the RondoDox botnet has emerged with a staggering 650% increase in exploitation capabilities, marking a significant escalation in the threat landscape for both enterprise and IoT infrastructure. First documented by FortiGuard Labs in September 2024, the original RondoDox variant focused narrowly on DVR systems with just two exploit vectors. The newly […] The post RondoDox Botnet Updated Their Arsenal with 650% More Exploits Targeting Enterprises appeared first on Cyber Security News.

A sophisticated remote access trojan named SleepyDuck has infiltrated the Open VSX IDE extension marketplace, targeting developers using code editors like Cursor and Windsurf. The malware disguised itself as a legitimate Solidity extension under the identifier juan-bianco.solidity-vlang, exploiting name squatting techniques to deceive unsuspecting users. Initially published on October 31st as version 0.0.7, the extension […] The post New ‘SleepyDuck’ Malware in Open VSX Marketplace Allow Attackers to Control Windows Systems Remotely appeared first on Cyber Security News.

A sophisticated new backdoor named SesameOp has emerged with a novel approach to command-and-control communications that fundamentally challenges traditional security assumptions. Discovered in July 2025 by Microsoft’s Incident Response and Detection and Response Team, this malware represents a significant shift in how threat actors exploit legitimate cloud services for covert operations. Rather than relying on […] The post SesameOp Leveraging OpenAI Assistants API for Stealthy Communication with C2 Servers appeared first on Cyber Security News.

Cybercriminals have shifted their focus to a highly profitable target: the trucking and logistics industry. Over the past several months, a coordinated threat cluster has been actively compromising freight companies through deliberate attack chains designed to facilitate multi-million-dollar cargo theft operations. The emergence of this campaign represents a disturbing intersection of physical crime and digital […] The post Threat Actors Leverage RMM Tools to Hack Trucking Companies and Steal Cargo Freight appeared first on Cyber Security News.