Category: Cyber Attack Article
-
New PoisonSeed Attack Let Attackers Trick Users into Scanning a QR Code with an MFA Authenticator
New PoisonSeed Attack Let Attackers Trick Users into Scanning a QR Code with an MFA Authenticator A sophisticated new attack technique compromises Fast IDentity Online (FIDO) key authentication by exploiting cross-device sign-in features. The PoisonSeed attack group has developed a method to downgrade FIDO key protections through adversary-in-the-middle (AitM) phishing campaigns that trick users into…
-
Researchers Expose Scattered Spider’s Tools, Techniques and Key Indicators
Researchers Expose Scattered Spider’s Tools, Techniques and Key Indicators Scattered Spider’s phishing domain patterns provide actionable insights to proactively counter threats from the notorious cyber group responsible for recent airline attacks. Scattered Spider, a sophisticated cyber threat group known for aggressive social engineering and targeted phishing, is broadening its scope, notably targeting aviation alongside enterprise…
-
Critical HIKVISION applyCT Vulnerability Exposes Devices to Code Execution Attacks
Critical HIKVISION applyCT Vulnerability Exposes Devices to Code Execution Attacks A critical security vulnerability has been discovered in HIKVISION’s applyCT component, part of the HikCentral Integrated Security Management Platform, that allows attackers to execute arbitrary code remotely without authentication. Assigned CVE-2025-34067 with a maximum CVSS score of 10.0, this vulnerability stems from the platform’s use…
-
CISA Warns of Citrix NetScaler ADC and Gateway Vulnerability Actively Exploited in Attacks
CISA Warns of Citrix NetScaler ADC and Gateway Vulnerability Actively Exploited in Attacks CISA has issued an urgent warning regarding a critical buffer overflow vulnerability in Citrix NetScaler ADC and Gateway products, designated as CVE-2025-6543. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on June 30, 2025, threat actors are actively exploiting this high-severity flaw…
-
Record Breaking 7.3 Tbps DDoS Attack Blasting 37.4 Terabytes in Just 45 Seconds
Record Breaking 7.3 Tbps DDoS Attack Blasting 37.4 Terabytes in Just 45 Seconds The largest distributed denial-of-service (DDoS) attack ever documented was successfully stopped by Cloudflare in mid-May 2025, with attackers unleashing a devastating 7.3 terabits per second (Tbps) attack that delivered 37.4 terabytes of malicious traffic in just 45 seconds. Summary 1. Cloudflare blocked…
-
Apache SeaTunnel Vulnerability Allows Unauthorized Users to Perform Deserialization Attack
Apache SeaTunnel Vulnerability Allows Unauthorized Users to Perform Deserialization Attack Apache SeaTunnel, the widely used distributed data integration platform, has disclosed a significant security vulnerability that enables unauthorized users to execute arbitrary file read operations and deserialization attacks through its RESTful API interface. The vulnerability, tracked as CVE-2025-32896 and reported on April 12, 2025, affects…
-
CISA Warns of Linux Kernel Improper Ownership Management Vulnerability Exploited in Attacks
CISA Warns of Linux Kernel Improper Ownership Management Vulnerability Exploited in Attacks CISA has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that CVE-2023-0386 is being actively exploited in real-world attacks. This improper ownership management flaw in the Linux kernel’s OverlayFS subsystem allows local attackers to escalate privileges through…
-
CISA Releases Guide to Protect Network Edge Devices From Hackers
CISA Releases Guide to Protect Network Edge Devices From Hackers CISA and international cybersecurity partners have released a comprehensive suite of guidance documents aimed at protecting critical network edge devices from increasingly sophisticated cyberattacks. This coordinated effort, involving cybersecurity authorities from nine countries, including Australia, Canada, the United Kingdom, and Japan, addresses the growing threat…
-
84,000+ Roundcube Webmail Installation Vulnerable to Remote Code Execution Attacks
84,000+ Roundcube Webmail Installation Vulnerable to Remote Code Execution Attacks A critical security vulnerability affecting Roundcube webmail installations has exposed over 84,000 systems worldwide to remote code execution attacks. The vulnerability, tracked as CVE-2025-49113, allows authenticated users to execute arbitrary code remotely, presenting a significant security risk to organizations relying on this popular open-source webmail…
-
New Malware Attack Via “I’m not a Robot Check” to Trick Users into Running Malware
New Malware Attack Via “I’m not a Robot Check” to Trick Users into Running Malware A sophisticated new malware attack vector that manipulates users through fake browser verification prompts designed to mimic legitimate CAPTCHA systems. This attack leverages social engineering techniques combined with clipboard manipulation and obfuscated PowerShell commands to trick victims into voluntarily executing…
-
New Botnet Hijacks 9,000 ASUS Routers & Enables SSH Access by Injecting Public Key
New Botnet Hijacks 9,000 ASUS Routers & Enables SSH Access by Injecting Public Key A sophisticated botnet campaign dubbed “AyySSHush” has compromised over 9,000 ASUS routers worldwide, establishing persistent backdoor access that survives firmware updates and reboots. The stealthy operation, first detected in March 2025, demonstrates advanced nation-state-level tradecraft by exploiting authentication vulnerabilities and legitimate…
-
PupkinStealer Attacks Windows System to Steal Login Credentials & Desktop Files
PupkinStealer Attacks Windows System to Steal Login Credentials & Desktop Files A new information-stealing malware dubbed “PupkinStealer” has been identified by cybersecurity researchers, targeting sensitive user data through a straightforward yet effective approach. First observed in April 2025, this .NET-based malware written in C# focuses on stealing browser credentials, messaging app sessions, and desktop files,…
-
Hacking Abusing GovDelivery For TxTag ‘Toll Charges’ Phishing Attack
Hacking Abusing GovDelivery For TxTag ‘Toll Charges’ Phishing Attack A sophisticated phishing operation exploiting compromised Indiana government sender accounts to distribute fraudulent TxTag toll collection messages. The campaign, which emerged this week, leverages the GovDelivery communications platform to lend legitimacy to the scam emails targeting unsuspecting recipients nationwide. Sophisticated Phishing Targets Indiana Toll Users The…
-
CrushFTP Vulnerability Exploited in Attacks Following PoC Release
CrushFTP Vulnerability Exploited in Attacks Following PoC Release Security researchers have confirmed active exploitation attempts targeting the critical authentication bypass vulnerability in CrushFTP (CVE-2025-2825) following the public release of proof-of-concept exploit code. Based on Shadowserver Foundation’s most recent monitoring data, approximately 1,512 unpatched instances remain vulnerable globally as of March 30, 2025, with North America…
-
Hackers Exploit Prompt Injection to Tamper with Gemini AI’s Long-Term Memory
Hackers Exploit Prompt Injection to Tamper with Gemini AI’s Long-Term Memory A sophisticated attack targeting Google’s Gemini Advanced chatbot. The exploit leverages indirect prompt injection and delayed tool invocation to corrupt the AI’s long-term memory, allowing attackers to plant false information that persists across user sessions. This vulnerability raises serious concerns about the security of…
-
Authorities Take Down Cracked & Nulled Hacking Forums Used by 10 Million Users
Authorities Take Down Cracked & Nulled Hacking Forums Used by 10 Million Users In a law enforcement operation dubbed “Operation Talent,” an international coalition of law enforcement agencies led by Germany’s Bundeskriminalamt (BKA) and Europol has dismantled two of the world’s largest cybercrime forums: Cracked.io and Nulled.to. These platforms, which collectively hosted over 10 million…