Hackers Actively Exploiting ArrayOS AG VPN Vulnerability to Deploy Webshells
Attackers are actively exploiting a serious vulnerability in Array Networks’ ArrayOS AG series to gain unauthorized access to enterprise networks. The flaw exists in the…
Category: CyberSecurityNews
Cloudflare Outage Hits Internet with 500 Internal Server Error
Cloudflare has confirmed that it is currently experiencing a significant outage that is affecting the Cloudflare Dashboard and several Cloudflare API services. The issue began…
ClayRat Android Malware Steals SMS Messages, Call Logs and Capture Victim Photos
A dangerous new Android spyware variant called ClayRat has emerged as a significant threat to mobile device security worldwide. First identified in October by the…
Beware of Solana Phishing Attacks That Let Hackers Initiate Unauthorized Account Transfer
A dangerous new wave of phishing attacks is targeting Solana users by changing wallet ownership permissions rather than stealing private keys. A victim lost more…
Splunk Enterprise Vulnerabilities Allows Privileges Escalation Via Incorrect File Permissions
A high-severity vulnerability has been disclosed in Splunk affecting its Enterprise and Universal Forwarder products for Windows, stemming from incorrect file permissions during installation and…
SEEDSNATCHER Android Malware Attacking Users to Exfiltrate Sensitive Data and Execute Malicious Commands
SeedSnatcher represents a significant threat to cryptocurrency users worldwide. Packaged under the seemingly innocent name “Coin” and distributed through Telegram, this Android malware has emerged…
New Stealthy Linux Malware Combines Mirai-Derived DDoS Botnet and Fileless Cryptominer
Security researchers have uncovered a sophisticated Linux malware campaign that merges Mirai-derived DDoS botnet capabilities with a stealthy fileless cryptominer, representing a significant evolution in…
China-Nexus Hackers Actively Exploiting React2Shell Vulnerability in The Wild
China-nexus threat groups are racing to weaponize the new React2Shell bug, tracked as CVE-2025-55182, only hours after its public disclosure. The flaw sits in React…
PoC Exploit Released for Critical React, Next.js RCE Vulnerability (CVE-2025-55182)
A proof-of-concept (PoC) exploit for CVE-2025-55182, a maximum-severity remote code execution (RCE) flaw in React Server Components, surfaced publicly this week, heightening alarms for developers…
Corporate Users 3x More Likely Targeted by Phishing Than Malware – SpyCloud Report
Austin, TX, USA, December 4th, 2025, CyberNewsWire Phishing has surged 400% year-over-year, highlighting need for real-time visibility into identity exposures. SpyCloud, the leader in identity…
CISA and NSA Warns of BRICKSTORM Malware Attacking VMware ESXi and Windows Environments
The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Canadian Centre for Cyber Security (Cyber Centre) issued a joint advisory…
Prompt Injection Vulnerability in GitHub Actions Hits Fortune 500 Firms
A new class of prompt injection vulnerabilities, dubbed “PromptPwnd,” has been uncovered by cybersecurity firm Aikido Security. The flaws affect GitHub Actions and GitLab CI/CD…