On November 3, 2025, blockchain security monitoring systems detected a sophisticated exploit targeting Balancer V2’s ComposableStablePool contracts. An attacker executed a precision loss vulnerability to drain $128.64 million across six blockchain networks in under 30 minutes. The attack leveraged a rounding error in the _upscaleArray function combined with carefully crafted batchSwap operations, allowing the attacker […] The post Checkpoint Details on How Attackers Drained $128M from Balancer Pools Within 30 Minutes appeared first on Cyber Security News.

Cl0p, a prominent ransomware group operating since early 2019, has emerged as one of the most dangerous threats in the cybersecurity landscape. With over 1,025 confirmed victims and more than $500 million in extorted funds, this Russian-linked group has consistently targeted corporate and private networks worldwide while strategically avoiding CIS countries. The group earned its […] The post Clop Ransomware Actors Exploiting the Latest 0-Day Exploits in the Wild appeared first on Cyber Security News.

Three well-known threat groups have consolidated into a unified cybercriminal entity that represents a significant shift in underground tactics. Scattered LAPSUS$ Hunters (SLH) emerged in early August 2025 as a federated alliance combining Scattered Spider, ShinyHunters, and LAPSUS$, creating what researchers describe as the first consolidated alliance among mature cybercriminal clusters. This consolidation marks a […] The post Three Infamous Cybercriminal Groups Form a New Alliance Dubbed ‘Scattered LAPSUS$ Hunters’ appeared first on Cyber Security News.

The cybersecurity landscape stands at a critical inflection point as organizations prepare for unprecedented challenges in 2026. Google Cloud researchers have released their annual Cybersecurity Forecast, revealing a stark reality: threat actors are transitioning from experimenting with advanced technologies to embedding them as standard operational tools. This shift represents a fundamental change in how attacks […] The post Cybersecurity Forecast 2026 – Google Warns Threat Actors Use AI to Enhance Speed and Effectiveness appeared first on Cyber Security News.

A sophisticated Android-based NFC relay attack dubbed NGate has emerged as a serious threat to banking security across Poland, targeting financial institutions and their customers through coordinated social engineering and technical exploitation. Cert.PL analysts identified new malware samples in recent months that orchestrate unauthorized ATM cash withdrawals without requiring physical theft of payment cards. Rather […] The post NGate Malware Enables Unauthorized Cash Withdrawals at ATMs Using Victims’ Payment Cards appeared first on Cyber Security News.

A sophisticated espionage campaign targeting recruitment professionals has emerged, with the APT-C-60 threat group weaponizing VHDX files to compromise organizations. The threat actors impersonate job seekers in spear-phishing emails sent to recruitment staff, exploiting trust relationships to deliver malicious payloads. While earlier campaigns directed victims to download VHDX files from Google Drive, recent attacks have […] The post APT-C-60 Attacking Job Seekers to Download Weaponized VHDX File from Google Drive to Steal Sensitive Data appeared first on Cyber Security News.

European organizations are facing an unprecedented wave of ransomware attacks as cybercriminals increasingly integrate artificial intelligence tools into their operations. Since January 2024, big game hunting threat actors have named approximately 2,100 Europe-based victims on more than 100 dedicated leak sites, representing a 13% year-over-year increase in attacks. The region now accounts for nearly 22% […] The post Ransomware Attack on European Organizations Surge as Hackers Leveraging AI-Tools for Attacks appeared first on Cyber Security News.

A critical security vulnerability in the AI Engine WordPress plugin has put more than 100,000 active installations at risk of privilege escalation attacks. The flaw, tracked as CVE-2025-11749 with a CVSS score of 9.8, allows unauthenticated attackers to extract bearer tokens and gain complete administrative control over vulnerable WordPress sites. Security researcher Emiliano Versini discovered […] The post AI Engine WordPress Plugin Exposes 100,000 WordPress Sites to Privilege Escalation Attacks appeared first on Cyber Security News.