Category: CyberSecurityNews

Leveraging dMSAs for Credential Acquisition and Lateral Movement in Active Directory
28
Aug
2025

Leveraging dMSAs for Credential Acquisition and Lateral Movement in Active Directory

Microsoft’s recent patch for the BadSuccessor vulnerability (CVE-2025-53779) has successfully closed the direct privilege escalation path, but security researchers warn…

Hackers Abuse Microsoft Teams to Gain Remote Access With PowerShell-based Malware
28
Aug
2025

Hackers Abuse Microsoft Teams to Gain Remote Access With PowerShell-based Malware

Cybercriminals are increasingly weaponizing Microsoft Teams, exploiting the platform’s trusted role in corporate communications to deploy malware and seize control…

MathWorks Confirms Cyberattack, User Personal Information Stolen
28
Aug
2025

MathWorks Confirms Cyberattack, User Personal Information Stolen

MathWorks, Inc., the developer of the popular MATLAB and Simulink software, confirmed today that it was the target of a…

Threat Actors Abuse Velociraptor Incident Response Tool to Gain Remote Access
28
Aug
2025

Threat Actors Abuse Velociraptor Incident Response Tool to Gain Remote Access

A sophisticated intrusion in which threat actors co-opted the legitimate, open-source Velociraptor digital forensics and incident response (DFIR) tool to…

28
Aug
2025

Hackers Attempted to Misuse Claude AI to Launch Cyber Attacks

Anthropic has thwarted multiple sophisticated attempts by cybercriminals to misuse its Claude AI platform, according to a newly released Threat…

ShadowSilk Leveraging Penetration-Testing Tools, Public Exploits to Attack Organizations
28
Aug
2025

ShadowSilk Leveraging Penetration-Testing Tools, Public Exploits to Attack Organizations

ShadowSilk first surfaced in late 2023 as a sophisticated threat cluster targeting government entities across Central Asia and the broader…

New TamperedChef Attack With Weaponized PDF Editor Steals Sensitive Data and Login Credentials
28
Aug
2025

New TamperedChef Attack With Weaponized PDF Editor Steals Sensitive Data and Login Credentials

A sophisticated malware campaign that weaponizes a seemingly legitimate PDF editor to steal sensitive data and login credentials from unsuspecting…

FreePBX Servers Hacked in 0-day Attack
28
Aug
2025

FreePBX Servers Hacked in 0-day Attack

A critical zero-day exploit targeting exposed FreePBX 16 and 17 systems. Threat actors are abusing an unauthenticated privilege escalation vulnerability…

CISA Publish Hunting and Mitigation Guide to Defend Networks from Chinese State-Sponsored Actors
28
Aug
2025

CISA Publish Hunting and Mitigation Guide to Defend Networks from Chinese State-Sponsored Actors

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), alongside the NSA, FBI, and a broad coalition of international partners, has…

CrowdStrike Set to Acquire Onum in $290 Million Deal to Enhance Falcon Next-Gen SIEM
28
Aug
2025

CrowdStrike Set to Acquire Onum in $290 Million Deal to Enhance Falcon Next-Gen SIEM

Global cybersecurity leader CrowdStrike announced its intention to acquire Onum, a pioneer in real-time telemetry pipeline management, in a deal…

NX Build Tool Hacked with Malware That Checks for Claude or Gemini to Find Wallets and Secrets
28
Aug
2025

NX Build Tool Hacked with Malware That Checks for Claude or Gemini to Find Wallets and Secrets

Over 1,400 developers discovered today that a malicious post-install script in the popular NX build kit silently created a repository…

TAG-144 Actors Attacking Government Entities With New Tactics, Techniques, and Procedures
28
Aug
2025

TAG-144 Actors Attacking Government Entities With New Tactics, Techniques, and Procedures

Over the past year, a shadowy threat actor known as TAG-144—also tracked under aliases Blind Eagle and APT-C-36—has intensified operations…