Category: CyberSecurityNews

Laravel APP_KEY Vulnerability Allows Remote Code Execution
11
Jul
2025

Laravel APP_KEY Vulnerability Allows Remote Code Execution

A critical vulnerability in Laravel applications exposes APP_KEY configuration values, enabling attackers to achieve remote code execution (RCE).  Collaborative research…

Windows 11’s New Black Screen of Death is Rolling Out for Users
11
Jul
2025

Windows 11’s New Black Screen of Death is Rolling Out for Users

Microsoft has begun rolling out a redesigned error screen interface as part of Windows 11 Build 26100.4762, introducing what users…

New ZuRu Malware Variant Attacking macOS Users Via Weaponized Termius App
11
Jul
2025

New ZuRu Malware Variant Attacking macOS Users Via Weaponized Termius App

A sophisticated new variant of the macOS.ZuRu malware has emerged, targeting macOS users through a weaponized version of the popular…

Hackers Stolen $500,000 in Crypto Assets by Weaponizing AI Extension
11
Jul
2025

Hackers Stolen $500,000 in Crypto Assets by Weaponizing AI Extension

A sophisticated cybercrime operation has successfully stolen $500,000 in cryptocurrency assets from a Russian blockchain developer through a malicious extension…

Android Packer Ducex Employs Serious Obfuscation Techniques and Detects Analysis Tools Presence
10
Jul
2025

Android Packer Ducex Employs Serious Obfuscation Techniques and Detects Analysis Tools Presence

The cybersecurity landscape continues to evolve with increasingly sophisticated malware variants, and a recent discovery highlights the persistent threat posed…

SafePay Ransomware Leverages RDP and VPN for Intruding Into Organizations Network
10
Jul
2025

SafePay Ransomware Leverages RDP and VPN for Intruding Into Organizations Network

A new ransomware threat has emerged as one of the most formidable adversaries in the cybersecurity landscape, demonstrating unprecedented growth…

Multiple Schneider Electric Vulnerabilities Let Attackers Inject OS Commands
10
Jul
2025

Multiple Schneider Electric Vulnerabilities Let Attackers Inject OS Commands

Schneider Electric has disclosed a critical set of six vulnerabilities affecting its EcoStruxure IT Data Center Expert software that could…

US Sanction Key Threat Actors Linked With North Korea's Remote IT Worker Scheme
10
Jul
2025

US Sanction Key Threat Actors Linked With North Korea’s Remote IT Worker Scheme

The U.S. Treasury’s July 8 action against Song Kum Hyok and four Russia-based entities pulled back the curtain on a…

Microsoft Exchange Online Service Down
10
Jul
2025

Microsoft Exchange Online Service Down

Microsoft Exchange Online experienced a major global outage on July 10, 2025, preventing millions of users from accessing their mailboxes…

Four Hackers Arrested by UK Police for Attacks on M&S, Co-op and Harrods Stores
10
Jul
2025

Four Hackers Arrested by UK Police for Attacks on M&S, Co-op and Harrods Stores

The National Crime Agency (NCA) has made significant progress in combating retail cybercrime with the arrest of four individuals suspected…

Palo Alto Networks GlobalProtect Vulnerability Allows Root User Privilege Escalation
10
Jul
2025

Palo Alto Networks GlobalProtect Vulnerability Allows Root User Privilege Escalation

Palo Alto Networks has disclosed a critical security vulnerability in its GlobalProtect VPN application that enables locally authenticated users to…

ServiceNow Platform Vulnerability Let Attackers Exfiltrate Sensitive Data
10
Jul
2025

ServiceNow Platform Vulnerability Let Attackers Exfiltrate Sensitive Data

A significant vulnerability in ServiceNow’s platform, designated CVE-2025-3648 and dubbed “Count(er) Strike,” enables attackers to exfiltrate sensitive data, including PII,…