New Black-Hat AI Tool Used by Hackers to Launch Cyberattacks
KawaiiGPT, a free malicious large language model (LLM) first spotted in July 2025 and now at version 2.5, empowers novice cybercriminals with tools for phishing…
Category: CyberSecurityNews
Critical FluentBit Vulnerabilities Let Attackers to Cloud Environments Remotely
A new chain of five critical vulnerabilities discovered in Fluent Bit has exposed billions of containerized environments to remote compromise. Fluent Bit, an open-source logging…
Threat Actors Leverage Blender Foundation Files to Deliver Notorious StealC V2 Infostealer
Cybercriminals have discovered a new attack vector targeting the creative design community by exploiting Blender, a widely used open-source 3D modeling application. Threat actors are…
Threat Actors Exploiting Black Friday Shopping Hype
The 2025 Black Friday shopping season has become a prime hunting ground for cybercriminals, with threat actors recording over 2 million phishing attacks targeting online…
Canon Allegedly Breached by Clop Ransomware via Oracle E-Business Suite 0-Day Hack
Canon has officially confirmed that it was targeted during the widespread hacking campaign exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack,…
Microsoft’s Update Health Tools Configuration Vulnerability Let Attackers Execute Arbitrary Code Remotely
A critical remote code execution (RCE) vulnerability in Microsoft’s Update Health Tools (KB4023057). A widely deployed Windows component designed to expedite security updates through Intune. The flaw…
HashiCorp Vault Vulnerability Allow Attackers to Authenticate to Vault Without Valid Credentials
A critical security flaw has been discovered in HashiCorp’s Vault Terraform Provider that could allow attackers to bypass authentication and access Vault without valid credentials.…
ClickFix Attack Uses Steganography to Hide Malicious Code in Fake Windows Security Update Screen
A new wave of ClickFix attacks is abusing highly realistic fake Windows Update screens and PNG image steganography to secretly deploy infostealing malware such as…
NVIDIA’s Isaac-GROOT Robotics Platform Vulnerability Let Attackers Inject Malicious Codes
NVIDIA has disclosed two critical code injection vulnerabilities affecting its Isaac-GR00T robotics platform. The vulnerabilities, tracked as CVE-2025-33183 and CVE-2025-33184, exist within Python components and…
Hackers Leverage Malicious PyPI Package to Attack Users and Steal Cryptocurrency Details
A dangerous malware campaign has surfaced targeting cryptocurrency users through a deceptive Python package hosted on the PyPI repository. The threat actors disguised their malicious…
LLMs Tools Like GPT-3.5-Turbo and GPT-4 Fuels the Development of Fully Autonomous Malware
Large language models like GPT-3.5-Turbo and GPT-4 are transforming how we work, but they are also opening doors for cybercriminals to create a new generation…
Hackers Leveraging WhatsApp That Silently Harvest Logs and Contact Details
A new malware campaign targeting Brazilian users has emerged, using WhatsApp as its primary distribution channel to spread banking trojans and harvest sensitive information. This…