Scattered LAPSUS$ Hunters 4.0 Announced That Their Going Dark Permanently
A sudden and definitive statement emerged from the “Scattered LAPSUS$ Hunters 4.0” Telegram channel on September 8, signaling an abrupt end to their public operations.…
Category: CyberSecurityNews
AI-powered Pentesting Tool ‘Villager’ Combines Kali Linux Tools with DeepSeek AI for Automated Attacks
New AI-powered penetration testing framework Villager combines Kali Linux toolsets with DeepSeek AI models to fully automate cyber attack workflows. Initially developed by the Chinese-based…
Sidewinder Hacker Group Weaponizing LNK File to Execute Malicious Scripts
The notorious APT-C-24 threat actor group, commonly known as Sidewinder or Rattlesnake, has evolved its attack methodology by deploying sophisticated LNK file-based phishing campaigns targeting…
New ToneShell Backdoor With New Features Leverage Task Scheduler COM Service for Persistence
Since its first appearance earlier this year, the ToneShell backdoor has demonstrated a remarkable capacity for adaptation, toyed with by the Mustang Panda group to…
Samsung Zero-Day Vulnerability Actively Exploited to Execute Remote Code
Samsung has released its September 2025 security update, addressing a critical zero-day vulnerability that is being actively exploited in the wild. The patch resolves a…
K2 Think AI Model Jailbroken Within Hours After The Release
Within mere hours of its public unveiling, the K2 Think model experienced a critical compromise that has sent ripples throughout the cybersecurity community. The newly…
New HybridPetya Weaponizing UEFI Vulnerability to Bypass Secure Boot on Outdated Systems
In late July 2025, a series of ransomware samples surfaced on VirusTotal under filenames referencing the notorious Petya and NotPetya attacks. Unlike its predecessors, this…
Microsoft Patch for Old Flaw Reveals New Kernel Address Leak Vulnerability in Windows 11/Server 2022 24H2
A new kernel address leak vulnerability has been discovered in the latest versions of Windows 11 (24H2) and Windows Server 2022 (24H2). The flaw, identified…
New Clickfix Attack Promises “Free WiFi” But Delivers Powershell Based Malware
The Cybersecuritynews researcher team uncovered a sophisticated social engineering campaign that is exploiting the public’s need for free internet access, using deceptive Wi-Fi portals to…
New Malware Using Azure Functions For Hosting Command And Control Infrastructure
A new, sophisticated malware campaign has been uncovered that leverages Microsoft’s Azure Functions for its command-and-control (C2) infrastructure, a novel technique that complicates detection and…
Windows Defender Firewall Vulnerabilities Let Attackers Escalate Privileges
Microsoft has addressed four elevation of privilege vulnerabilities in its Windows Defender Firewall service, all rated as “Important” in severity. The security flaws were detailed…
Microsoft To Depreciate VBScript In Windows Warns Developers To Adapt Their Projects
Microsoft has officially announced a multi-phase plan to deprecate VBScript in Windows, a move that signals a significant shift for developers, particularly those working with…