Category: CyberSecurityNews

CISA and NSA Warns of BRICKSTORM Malware Attacking VMware ESXi and Windows Environments
04
Dec
2025

CISA and NSA Warns of BRICKSTORM Malware Attacking VMware ESXi and Windows Environments

The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Canadian Centre for Cyber Security (Cyber…

Prompt Injection Vulnerability in GitHub Actions Hits Fortune 500 Firms
04
Dec
2025

Prompt Injection Vulnerability in GitHub Actions Hits Fortune 500 Firms

A new class of prompt injection vulnerabilities, dubbed “PromptPwnd,” has been uncovered by cybersecurity firm Aikido Security. The flaws affect…

New SVG Clickjacking Attack Let Attackers Create Interactive Clickjacking Attacks
04
Dec
2025

New SVG Clickjacking Attack Let Attackers Create Interactive Clickjacking Attacks

Clickjacking has long been considered a “dumb” attack in the cybersecurity world. Traditionally, it involves placing an invisible frame over…

CISA Warns of OpenPLC ScadaBR File Upload Vulnerability Exploited in Attacks
04
Dec
2025

CISA Warns of OpenPLC ScadaBR File Upload Vulnerability Exploited in Attacks

Critical vulnerability has been added to CISA’s Known Exploited Vulnerabilities list, warning organizations about a dangerous file-upload flaw in OpenPLC…

New Phishing Attack Mimic as Income Tax Department of India Delivers AsyncRAT
04
Dec
2025

New Phishing Attack Mimic as Income Tax Department of India Delivers AsyncRAT

A comprehensive phishing operation began targeting Indian companies in November 2025 by impersonating the Income Tax Department of India. The…

Threat Actors Leveraging Foxit PDF Reader to Gain System Control and Steal Sensitive Data
04
Dec
2025

Threat Actors Leveraging Foxit PDF Reader to Gain System Control and Steal Sensitive Data

Cybercriminals have discovered a clever way to slip malware onto job seekers’ computers by disguising malicious files as legitimate recruitment…

Arizona Attorney General Suses Chinese E-commerce Retailer Temu Over Data Theft Claims
04
Dec
2025

Arizona Attorney General Suses Chinese E-commerce Retailer Temu Over Data Theft Claims

Arizona Attorney General Kris Mayes has announced a lawsuit against the popular Chinese e-commerce retailer Temu, accusing the company of…

Lazarus Group’s IT Workers Scheme Hacker Group Caught Live On Camera
04
Dec
2025

Lazarus Group’s IT Workers Scheme Hacker Group Caught Live On Camera

Lazarus Group’s Famous Chollima unit has been caught “live on camera” running its remote IT worker scheme, after researchers funneled…

PickleScan 0-Day Vulnerabilities Enable Arbitrary Code Execution via Malicious PyTorch Models
04
Dec
2025

PickleScan 0-Day Vulnerabilities Enable Arbitrary Code Execution via Malicious PyTorch Models

Multiple critical zero‑day vulnerabilities in PickleScan, a popular open‑source tool used to scan machine learning models for malicious code. PickleScan is…

Akamai Patches HTTP Request Smuggling Vulnerability in Edge Servers
04
Dec
2025

Akamai Patches HTTP Request Smuggling Vulnerability in Edge Servers

A critical HTTP request smuggling vulnerability in Akamai’s edge server infrastructure has been successfully fixed. The vulnerability, identified as CVE-2025-66373,…

New 'Sryxen' Stealer Bypasses Chrome Encryption via Headless Browser Technique
04
Dec
2025

New ‘Sryxen’ Stealer Bypasses Chrome Encryption via Headless Browser Technique

A new information stealer called Sryxen has emerged in the underground malware market, targeting Windows systems with advanced techniques to…

Hackers Using Evilginx to Steal Session Cookies and Bypass Multi-Factor Authentication Tokens
04
Dec
2025

Hackers Using Evilginx to Steal Session Cookies and Bypass Multi-Factor Authentication Tokens

A sophisticated phishing toolkit known as Evilginx is empowering attackers to execute advanced attacker-in-the-middle (AiTM) campaigns with alarming success. These…