Apache Tomcat Coyote Vulnerability Let Attackers Trigger DoS Attack
A newly disclosed flaw in Apache Tomcat’s Coyote engine—tracked as CVE-2025-53506—has surfaced in the latest round of HTTP/2 security advisories. First noted in the National…
Author: Cybernoz
North Korean Hackers Exploit 67 Malicious npm Packages to Spread XORIndex Malware
The Socket Threat Research Team has discovered a new software supply chain attack that uses a malware loader called XORIndex that had not been previously…
Authorities Arrested 14 Hackers in Connection With Large-Scale Tax Fraud Operation
Fourteen individuals have been arrested in a coordinated international operation targeting a sophisticated cybercriminal network responsible for large-scale tax fraud through phishing attacks and fraudulent…
GLOBAL GROUP RaaS Adds AI-Powered Negotiation Feature for Ransom Demands
A newly surfaced Ransomware-as-a-Service operation, dubbed GLOBAL GROUP, has begun deploying an AI‐driven negotiation tool that elevates the psychological pressure on victims and streamlines extortion…
Current approaches to patching unsustainable, report says
Cyber security professionals tasked with vulnerability patch management and roll-out duties say they are struggling to effectively prioritise critical updates and tend to fall back…
North Korean XORIndex malware hidden in 67 malicious npm packages
North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer…
AsyncRAT New Forks Uncovered With New Features Ranging From Screamer to a USB Malware Spreader
A comprehensive analysis of AsyncRAT’s expanding ecosystem, revealing a labyrinthine network of malware variants that have evolved far beyond the original remote access trojan’s capabilities. …
Kafbat UI Vulnerabilities Allow Arbitrary Code Execution via JMX Services
A critical security vulnerability has been discovered in Kafbat UI, a popular web-based interface for managing Apache Kafka clusters, allowing unauthenticated attackers to execute arbitrary…
Attackers Hide JavaScript in SVG Images to Lure Users to Malicious Sites
A new form of cyberattack is on the rise, with hackers now using seemingly harmless Scalable Vector Graphics (SVG) image files to sneak malicious code…
Hyper-Volumetric DDoS Attacks Reach Record 7.3 Tbps, Targeting Key Global Sectors
Jul 15, 2025Ravie LakshmananBotnet / Network Security Cloudflare on Tuesday said it mitigated 7.3 million distributed denial-of-service (DDoS) attacks in the second quarter of 2025,…
MoD cyber breach put thousands of Afghan lives at risk
A serious data breach at the UK’s Ministry of Defence, revealed for the first time today after the lifting of a superinjunction preventing the media…
Android Malware Konfety evolves with ZIP manipulation and dynamic loading
Android Malware Konfety evolves with ZIP manipulation and dynamic loading Pierluigi Paganini July 15, 2025 A new Konfety Android malware variant uses a malformed ZIP…