Phishing Breaks More Defenses Than Ever. Here’s the Fix
If your tools say a link is clean, do you fully trust it? Most SOC leaders don’t anymore, and for good reason. Phishing has become polished, quiet,…
Category: CyberSecurityNews
North Korean Kimsuky and Lazarus Join Forces to Exploit Zero-Day Vulnerabilities Targeting Critical Sectors Worldwide
Two of North Korea’s most dangerous hacking groups have joined forces to launch a coordinated attack campaign that threatens organizations worldwide. The Kimsuky and Lazarus…
Hackers Using New Matrix Push C2 to Deliver Malware and Phishing Attacks via Web Browser
A new command-and-control platform called Matrix Push C2 has emerged as a serious threat to web users across all operating systems. This browser-based attack framework…
Ransomware Actors Primarily Targeting Retailers This Holiday Season to Deploy Malicious Payloads
Retailers are facing a sharp rise in targeted ransomware activity as the holiday shopping season begins. Threat groups are timing their attacks to peak sales…
Critical Grafana Vulnerability Let Attackers Escalate Privilege
Grafana Labs has disclosed a critical security vulnerability affecting Grafana Enterprise that could allow attackers to escalate privileges and impersonate users. The flaw, tracked as CVE-2025-41115,…
China-linked APT24 Hackers New BadAudio Compromised Legitimate Public Websites to Attack Users
APT24, a sophisticated cyber espionage group linked to China’s People’s Republic, has launched a relentless three-year campaign delivering BadAudio, a highly obfuscated first-stage downloader that…
Broadcom Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack
The Cl0p ransomware group has claimed responsibility for infiltrating Broadcom’s internal systems as part of an ongoing exploitation campaign targeting Oracle E-Business Suite vulnerabilities. The…
Critical ASUSTOR Vulnerability Let Attackers Execute Malicious Code with Elevated Privileges
A critical security vulnerability has been discovered in ASUSTOR backup and synchronization software, allowing attackers to execute malicious code with elevated system privileges. The flaw,…
Windows 11 to Hide BSOD Crash Errors on Public Displays
Microsoft has introduced a practical new feature in Windows 11 designed specifically for public-facing monitors and signage. This new mode ensures that the dreaded Blue…
OpenAI Releases GPT-5.1-Codex-Max that Performs Coding Tasks Independently
OpenAI has launched GPT-5.1-Codex-Max, a specialized coding model designed to handle complex development tasks autonomously. The new system represents a significant leap in agentic AI capabilities,…
SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely
SonicWall has disclosed a critical stack-based buffer overflow vulnerability in its SonicOS SSLVPN service. That allows remote unauthenticated attackers to crash firewalls through denial-of-service attacks.…
Authorities Sanctioned Russia-based Bulletproof Hosting Provider for Supporting Ransomware Operations
The U.S. Department of the Treasury, Australia, and the United Kingdom have announced coordinated sanctions against Media Land. This Russia-based bulletproof hosting company provides infrastructure…