A new malware campaign using multiple attack stages has been discovered that delivers NetSupport RAT through hidden web-based redirects and obfuscated code. The attack unfolds…
Over 565 internet-exposed Apache Tika Server instances are vulnerable to a critical XML External Entity (XXE) injection flaw. That could enable attackers to steal sensitive…
PortSwigger has enhanced Burp Suite’s scanning arsenal with the latest update to its ActiveScan++ extension, introducing detection for the critical React2Shell vulnerabilities (CVE-2025-55182 and CVE-2025-66478).…
The Indian government is currently evaluating a controversial proposal from the telecom industry that would mandate smartphone manufacturers to enable “always-on” satellite location tracking. This…
A critical vulnerability affecting Meta React Server Components has been added to the Known Exploited Vulnerabilities catalog, signalling widespread active exploitation by CISA. Tracked as…
Security researchers have exposed a critical privacy flaw dubbed “Careless Whisper” that lets attackers monitor user activity on WhatsApp and Signal through silent delivery receipts,…
A new alert warns people about a growing scam that uses altered photos to trick families into paying fake ransom demands. In a notice titled…
Cary, North Carolina, USA, December 4th, 2025, CyberNewsWire Cybersecurity and IT training platform maintains Leader and Momentum Leader positions while expanding regional excellence INE has…
A deceptive Android application lurking in the Google Play Store, disguised as a document reader and file manager, but delivering the Anatsa banking trojan to…
A critical persistence technique in AWS Identity and Access Management (IAM) stemming from its eventual consistency model, allowing attackers to retain access even after defenders…
A sophisticated new phishing kit called GhostFrame has already been used to launch over 1 million attacks. First discovered in September 2025 by Security researchers…
QuasarRAT, initially surfacing in 2014 under the alias xRAT, began its lifecycle as a legitimate remote administration tool for Windows environments. Over the last decade,…
