How a Faulty Windows Driver Can Cause a System Crash and Blue Screen of Death
A recent analysis of a Windows kernel-memory dump has provided a detailed look into a DRIVER_POWER_STATE_FAILURE, a critical error that results in a Blue Screen…
Category: CyberSecurityNews
New Malware Attack Leveraging Exposed Docker APIs to Maintain Persistent SSH Root Access
A sophisticated malware strain targeting exposed Docker APIs has emerged with enhanced infection capabilities that go beyond traditional cryptomining operations. The threat, discovered in August…
SAP Security Patch Day September 2025
As part of its scheduled security maintenance, SAP released its September 2025 Patch Day notes, addressing a total of 21 new vulnerabilities and providing updates…
New APT37 Attacking Windows Machines With New Rust and Python Based Malware
APT37, the North Korean-aligned threat actor also known as ScarCruft, Ruby Sleet, and Velvet Chollima, has expanded its arsenal with sophisticated new malware targeting Windows…
Chinese Salt Typhoon and UNC4841 Hackers Teamed Up to Attack Government and Corporate Infrastructure
Cybersecurity researchers began tracking a sophisticated campaign in the closing months of 2024, targeting both government and corporate networks across multiple continents. The threat actors…
New Technique Uncovered To Exploit Linux Kernel Use-After-Free Vulnerability
A new technique to exploit a complex use-after-free (UAF) vulnerability in the Linux kernel successfully bypasses modern security mitigations to gain root privileges. The method targets CVE-2024-50264,…
Hackers Accessed Email Account Contains Valid Credentials
Elastic has disclosed a security incident stemming from a third-party breach at Salesloft Drift, which resulted in unauthorized access to an internal email account containing…
AI-powered Email Attack Tool Used By Hackers To Launch Massive Phishing Attack
A sophisticated new cybercrime toolkit named SpamGPT is enabling hackers to launch massive and highly effective phishing campaigns by combining artificial intelligence with the capabilities…
Hackers Accessed Customer Data From Salesforce
Dynatrace has confirmed it was impacted by a third-party data breach originating from the Salesloft Drift application, resulting in unauthorized access to customer business contact…
Hackers Hijacked 18 Very Popular npm Packages With 2 Billion Weekly Downloads
In the largest supply chain attack, hackers compromised 18 popular npm packages, which together account for over two billion downloads per week. The attack, which…
PgAdmin Vulnerability Lets Attackers Gain Unauthorised Account Access
A significant security flaw has been discovered in pgAdmin, the widely used open-source administration and development platform for PostgreSQL databases. The vulnerability, tracked as CVE-2025-9636,…
Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack
A severe vulnerability in Windows Defender’s update process allows attackers with administrator privileges to disable the security service and manipulate its core files. The technique,…