Category: CyberSecurityNews

WordPress Post SMTP Plugin Vulnerability Exposes 400,000 Websites to Account Takeover Attacks
05
Nov
2025

WordPress Post SMTP Plugin Vulnerability Exposes 400,000 Websites to Account Takeover Attacks

A critical security flaw in the WordPress Post SMTP plugin has left more than 400,000 websites vulnerable to account takeover…

5 Actionable Tactics for SOC Analysts
05
Nov
2025

5 Actionable Tactics for SOC Analysts

Security teams drown in alerts but starve for insight. Blocklists catch the obvious. SIEM correlation gives clues. But only context…

RondoDox Botnet Updated Their Arsenal with 650% More Exploits Targeting Enterprises
05
Nov
2025

RondoDox Botnet Updated Their Arsenal with 650% More Exploits Targeting Enterprises

A sophisticated evolution of the RondoDox botnet has emerged with a staggering 650% increase in exploitation capabilities, marking a significant…

Attack Techniques of Tycoon 2FA Phishing Kit Targeting Microsoft 365 and Gmail Accounts Detailed
05
Nov
2025

Attack Techniques of Tycoon 2FA Phishing Kit Targeting Microsoft 365 and Gmail Accounts Detailed

The Tycoon 2FA phishing kit has emerged as one of the most sophisticated Phishing-as-a-Service platforms since its debut in August…

New ‘SleepyDuck’ Malware in Open VSX Marketplace Allow Attackers to Control Windows Systems Remotely
04
Nov
2025

New ‘SleepyDuck’ Malware in Open VSX Marketplace Allow Attackers to Control Windows Systems Remotely

A sophisticated remote access trojan named SleepyDuck has infiltrated the Open VSX IDE extension marketplace, targeting developers using code editors…

SesameOp Leveraging OpenAI Assistants API for Stealthy Communication with C2 Servers
04
Nov
2025

SesameOp Leveraging OpenAI Assistants API for Stealthy Communication with C2 Servers

A sophisticated new backdoor named SesameOp has emerged with a novel approach to command-and-control communications that fundamentally challenges traditional security…

Critical RCE Vulnerability in Popular React Native NPM Package Exposes Developers to Attacks
04
Nov
2025

Critical RCE Vulnerability in Popular React Native NPM Package Exposes Developers to Attacks

A critical remote code execution (RCE) vulnerability tracked as CVE-2025-11953 in the @react-native-community/cli NPM package. With nearly 2 million weekly…

2025 Insider Risk Report Finds Most Organizations Struggle to Detect and Predict Insider Risks
04
Nov
2025

2025 Insider Risk Report Finds Most Organizations Struggle to Detect and Predict Insider Risks

Baltimore, USA, November 4th, 2025, CyberNewsWire The new 2025 Insider Risk Report, produced by Cybersecurity Insiders in collaboration with Cogility,…

Hackers Stolen Over $100 million by Exploiting Balancer DeFi protocol
04
Nov
2025

Hackers Stolen Over $100 million by Exploiting Balancer DeFi protocol

Hackers have successfully stolen more than $100 million by exploiting a critical vulnerability in the Balancer protocol. Balancer, a leading…

Bob Flores, Former CTO of the CIA, Joins Brinker
04
Nov
2025

Bob Flores, Former CTO of the CIA, Joins Brinker

Delaware, United States, November 4th, 2025, CyberNewsWire Brinker, the narrative intelligence company dedicated to combating disinformation and influence campaigns, announced…

Hackers Can Exploit Microsoft Teams Vulnerabilities to Manipulate Messages and Alter Notifications
04
Nov
2025

Hackers Can Exploit Microsoft Teams Vulnerabilities to Manipulate Messages and Alter Notifications

Critical vulnerabilities in Microsoft Teams, a platform central to workplace communication for over 320 million users worldwide, enable attackers to…

Microsoft Entra Credentials in the Authenticator App on Jail-Broken Devices to be Wiped Out
04
Nov
2025

Microsoft Entra Credentials in the Authenticator App on Jail-Broken Devices to be Wiped Out

Microsoft is implementing a significant security enhancement to its Authenticator app, introducing automatic detection of jailbroken and rooted devices for…