MITRE Releases Top 25 Most Dangerous Software Weaknesses of 2025
MITRE has unveiled its 2025 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list, highlighting the root causes behind 39,080 Common Vulnerability and…
Category: CyberSecurityNews
New BlackForce Phishing Kit Lets Attackers Steal Credentials Using MitB Attacks and Bypass MFA
A sophisticated phishing tool called BlackForce has emerged as a serious threat to organizations worldwide. First observed in August 2025, this professional-grade kit allows criminals…
Beware of Fake Leonardo DiCaprio Movie Torrent File Drops Agent Tesla Malware
A new threat is targeting movie lovers who search for the latest films online. Cybercriminals are now using the popularity of Leonardo DiCaprio’s new film,…
Ashen Lepus Hacker Group Attacks Eastern Diplomatic Entities With New AshTag Malware
A Hamas‑affiliated threat group known as Ashen Lepus, also tracked as WIRTE, has launched a new espionage campaign against governmental and diplomatic entities across the…
Windows Remote Access Connection Manager Vulnerabilities Let Attackers Escalate Privileges
Two critical privilege escalation flaws were disclosed in the Windows Remote Access Connection Manager on December 9, 2025. The vulnerabilities, tracked as CVE-2025-62472 and CVE-2025-62474,…
CISA Warns of OSGeo GeoServer 0-Day Vulnerability Exploited in Attacks
An urgent warning about a critical security flaw in OSGeo GeoServer, a widely used open-source geographic data-sharing server. CISA has added the vulnerability to its…
New Vulnerabilities in React Server Components Allow DoS Attacks and Source Code Leaks
Less than a week after addressing a critical Remote Code Execution (RCE) vulnerability, the React team has disclosed three additional security flaws affecting React Server…
New ClickFix Attacks as macOS Infostealer Leverages Official ChatGPT Website by Piggybacking
A new malicious campaign is targeting macOS users via a novel attack that exploits ChatGPT’s official website. The attackers are using a technique called ClickFix…
New DroidLock Malware Locks Android Devices and Demands a Ransom
A dangerous new malware called DroidLock is targeting Android users, particularly in Spanish-speaking regions, through phishing websites. This threat combines ransomware tactics with remote-control capabilities,…
1inch Named Exclusive Swap Provider at Launch for Ledger Multisig
Road Town, British Virgin Islands, December 11th, 2025, CyberNewsWire 1inch, the leading DeFi ecosystem, has been selected as the exclusive swap provider at launch for…
Developers Frustrated by ‘No Server Available’ Message
GitHub is experiencing user-reported outages, with many developers greeted by a prominent error featuring the platform’s unicorn mascot and the message “No server is currently…
Notepad++ Vulnerability Let Attackers Hijack Network Traffic to Install Malware via Updates
The popular text editor Notepad++ has addressed a severe security weakness in its update mechanism that could allow attackers to hijack network traffic and push…