Exposed ‘Kim’ Dump Exposes Kimsuky Hackers New Tactics, Techniques, and Infrastructure
A massive data breach in early September 2025 attributed to a cyber actor known simply as “Kim” laid bare an unprecedented view into the operational…
Category: CyberSecurityNews
Venezuela’s Maduro Says Huawei Mate X6 Gift From China is Unhackable by U.S. Spies
In Caracas this week, President Nicolás Maduro unveiled the Huawei Mate X6 gifted by China’s Xi Jinping, declaring the device impervious to U.S. espionage efforts.…
LunaLock Ransomware Attacking Artists to Steal and Encrypt Data
Security researchers first observed LunaLock in early September 2025, a sophisticated ransomware strain targeting independent illustrators and digital artists. Leveraging compromised credentials and social engineering,…
Hackers Weaponizee Amazon Simple Email Service to Send 50,000+ Malicious Emails Per Day
A sophisticated cybercriminal campaign has emerged, exploiting Amazon’s Simple Email Service (SES) to orchestrate large-scale phishing operations capable of delivering over 50,000 malicious emails daily.…
Hackers Weaponizee Amazon Simple Email Service to Send 50,000+ Malicious Emails Per Day
A sophisticated cybercriminal campaign has emerged, exploiting Amazon’s Simple Email Service (SES) to orchestrate large-scale phishing operations capable of delivering over 50,000 malicious emails daily.…
Researchers Bypassed Web Application Firewall With JS Injection with Parameter Pollution
Cybersecurity researchers have demonstrated a sophisticated technique for bypassing Web Application Firewalls (WAFs) using JavaScript injection combined with HTTP parameter pollution, exposing critical vulnerabilities in…
PoC Exploit Released for ImageMagick RCE Vulnerability
A proof-of-concept (PoC) exploit has been released for a critical remote code execution (RCE) vulnerability in ImageMagick 7’s MagickCore subsystem, specifically affecting the blob I/O (BlobStream) implementation.…
Atomic Stealer Disguised as Cracked Software Attacking macOS Users
A sophisticated malware campaign targeting macOS users has emerged, exploiting the widespread desire for free software to deliver the notorious Atomic macOS Stealer (AMOS). This…
Salesloft Drift Cyberattack Linked to GitHub Compromise and OAuth Token Theft
A sophisticated supply-chain attack that impacted over 700 organizations, including major cybersecurity firms, has been traced back to a compromise of Salesloft’s GitHub account that…
Microsoft Azure Cloud Disrupted by Undersea Cable Cuts in Red Sea
Microsoft’s Azure cloud platform is facing significant disruptions after multiple undersea fiber optic cables were severed in the Red Sea. The US technology giant confirmed…
Apache Jackrabbit Exposes Systems To Arbitrary Code Execution Attacks
An important security vulnerability has been discovered in Apache Jackrabbit, a popular open-source content repository used in enterprise content management systems and web applications. This…
How Microsoft Azure Storage Logs Aid Forensics Following a Security Breach
After a security breach, forensic investigators work quickly to follow the attacker’s trail. Security experts have analyzed this situation and found that a key source…