CISA adds Wing FTP Server vulnerability to the Known Exploited Vulnerabilities (KEV) catalog.
Posted inCybersecurity News

CISA adds Wing FTP Server vulnerability to the Known Exploited Vulnerabilities (KEV) catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a new critical vulnerability, CVE-2025-47812, affecting Wing FTP Server, to its Known Exploited Vulnerabilities (KEV) Catalog. This action follows confirmed reports of active exploitation in the wild, underscoring the urgent need for organizations to address this security risk immediately.
Computer hacker holding up a bitcoin
Posted inCybersecurity News

Cyberattacker targets VSCode’s Cursor IDE via a fake Solidity language extension to steal $500k in crypto from a blockchain developer.

A sophisticated cyberattack targeted the Cursor IDE—a Visual Studio Code (VSCode) fork popular among developers for its AI-assisted coding features. Attackers published a fake extension called "Solidity Language" in the Open VSX extension marketplace, masquerading as a tool for Ethereum smart contract development. This extension was, in reality, a vehicle for malware distribution and remote access.
Computer hacker holding up cash
Posted inCybersecurity News

Interlock ransomware group has developed a new PHP-based remote access trojan (RAT) designed to evade detection.

Security researchers from The DFIR Report, in collaboration with Proofpoint, have identified a significant new campaign by the Interlock ransomware group. The threat actors are leveraging a newly developed remote access trojan (RAT) to target organizations across multiple sectors, marking a notable evolution in their tactics and tooling.
New Forensic Technique Reveals Hidden Traces Left by Hackers Exploiting Remote Desktop Protocol
Posted inCybersecurity News

New Forensic Technique Reveals Hidden Traces Left by Hackers Exploiting Remote Desktop Protocol

A groundbreaking forensic methodology is revolutionizing the way cybersecurity professionals investigate attacks leveraging Microsoft’s Remote Desktop Protocol (RDP). This innovative approach allows investigators to reconstruct hacker activity—even when conventional evidence has been deleted—by extracting and analyzing overlooked digital artifacts generated during RDP sessions.
India’s CBI dismantles sophisticated cybercrime syndicate responsible for tech support scams targeting United Kingdom and Australia.
Posted inCybersecurity News

India’s CBI dismantles sophisticated cybercrime syndicate responsible for tech support scams targeting United Kingdom and Australia.

In a significant victory against international cybercrime, India’s Central Bureau of Investigation (CBI) has announced the successful dismantling of a sophisticated transnational cybercrime syndicate responsible for orchestrating large-scale tech support scams targeting citizens in the United Kingdom and Australia.
Hackers targeting Southeast Asia are using a previously undocumented Windows backdoor called HazyBeacon.
Posted inCybersecurity News

Hackers targeting Southeast Asia are using a previously undocumented Windows backdoor called HazyBeacon.

Government agencies across Southeast Asia have become the focus of a sophisticated cyber-espionage campaign, according to recent threat intelligence reports. The campaign, attributed to an advanced threat group tracked as CL-STA-1020, employs a previously undocumented Windows backdoor dubbed HazyBeacon and leverages innovative methods to evade detection, raising new concerns about the security of cloud-based infrastructure.
A computer hacking talking on a cellphone
Posted inCybersecurity News

Critical vulnerabilities found in Kigen’s eSIM (embedded SIM) technology, impacting billions of smartphones and IoT devices.

Security researchers have uncovered critical vulnerabilities in Kigen’s eSIM (embedded SIM) technology, raising concerns over the security of more than two billion devices worldwide. The flaws, which impact smartphones and a vast array of Internet of Things (IoT) products, could enable attackers to remotely compromise devices, intercept private communications, and steal sensitive subscriber data.
The official X/Twitter Sesame Street Elmo account was hacked. Elmo starts spewing antisemitic messages and calls Trump a Child F*****R”.
Posted inCybersecurity News

The official X/Twitter Sesame Street Elmo account was hacked. Elmo starts spewing antisemitic messages and calls Trump a Child F*****R”.

The official X (formerly Twitter) account of Elmo, the iconic Sesame Street character, was compromised over the weekend, resulting in the publication of a series of highly offensive and antisemitic messages. The incident has raised serious concerns about social media security and the vulnerability of high-profile accounts.
Newly Discovered SMM Vulnerabilities in Gigabyte motherboard UEFI Firmware
Posted inCybersecurity News

Newly Discovered SMM Vulnerabilities in Gigabyte motherboard UEFI Firmware

Recent security research has revealed a series of critical vulnerabilities in Gigabyte motherboard firmware. Cybersecurity experts disclosed four severe vulnerabilities (CVE-2025-7026 through CVE-2025-7029) within the System Management Mode (SMM) components of Gigabyte’s UEFI firmware. SMM operates at a privilege level beneath the operating system, making it an attractive target for attackers seeking stealthy, persistent access.
Google Gemini can be exploited through indirect prompt injection to allow embedding of malicious content that directs users to phishing sites.
Posted inCybersecurity News

Google Gemini can be exploited through indirect prompt injection to allow embedding of malicious content that directs users to phishing sites.

Google Gemini for Workspace can be exploited through a technique called indirect prompt injection. This allows attackers to manipulate Gemini’s email summaries, making them appear legitimate while embedding malicious instructions or warnings that direct users to phishing sites—without using traditional attachments or direct links.