Hackers Using Leverage Tuoni C2 Framework Tool to Stealthly Deliver In-Memory Payloads
A new wave of cyberattacks has emerged using the Tuoni Command and Control (C2) framework, a sophisticated tool that allows threat actors to deploy malicious…
Category: CyberSecurityNews
New Nova Stealer Attacking macOS Users by Swapping Legitimate Apps to Steal Cryptocurrency Wallet Data
A new malware campaign targeting macOS users has emerged with a dangerous focus on cryptocurrency wallet theft. The malware, called Nova Stealer, uses a clever…
Microsoft Investigation Copilot Issue On Processing Files
Microsoft has launched an investigation into a widespread issue affecting Microsoft Copilot in Microsoft 365, where users are experiencing significant limitations when performing actions on…
Destructive Akira Ransomware Attack with a Single Click on CAPTCHA in Malicious Website
A global data storage and infrastructure company fell victim to a severe ransomware attack orchestrated by Howling Scorpius, the group responsible for distributing Akira ransomware.…
New ShadowRay Attack Exploit Ray AI-Framework Vulnerability to Attack AI Systems
Cybersecurity researchers have uncovered an active global hacking campaign leveraging a known flaw in Ray, an open-source AI framework widely used for managing distributed computing…
CISA Warns of Fortinet FortiWeb OS Command Injection Vulnerability Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical vulnerability affecting Fortinet FortiWeb appliances that threat actors are currently…
New .NET Malware Hides Lokibot Malware within PNG/BMP Files to Evade Detection
Cybersecurity threats continue to evolve with sophisticated evasion methods. A new .NET-based malware loader has emerged that demonstrates an advanced approach to concealing the notorious…
New Sneaky 2FA Phishing Kit with BitB Technique Attacking Users to Steal Microsoft Account Credentials
The Sneaky2FA phishing service has recently added a dangerous new capability to its toolkit that makes stealing Microsoft account credentials even easier for attackers. Push…
CredShields Partners with Checkmarx to Bring Smart Contract Security to Enterprise AppSec Programs
Singapore, Singapore, November 19th, 2025, CyberNewsWire The collaboration advances enterprise grade application security into decentralized ecosystems, uniting Checkmarx’s AppSec expertise with Web3 specialization by CredShields.…
Critical SolarWinds Serv-U Vulnerabilities Let Attackers Execute Malicious Code Remotely as Admin
SolarWinds has released security patches addressing three critical remote code execution vulnerabilities in Serv-U that could allow attackers with administrative privileges to execute arbitrary code…
WhatsApp Vulnerability Exposes 3.5 Billion Users’ Phone Numbers
A critical security flaw in WhatsApp has allowed researchers to expose the phone numbers of 3.5 billion users, marking one of the most significant data…
New FortiWeb 0-Day Code Execution Vulnerability Exploited in the Wild
Fortinet has released an urgent security advisory addressing a newly discovered zero-day vulnerability, CVE-2025-58034, in its FortiWeb web application firewall platform, after evidence emerged of…