New LNK Malware Uses Windows Binaries to Bypass Security Tools and Execute Malware
A recent wave of attacks leveraging malicious Windows shortcut files (.LNK) has put security teams on high alert. Emerging in late August 2025, this new…
Category: CyberSecurityNews
Living Security Unveils HRMCon 2025 Speakers as Report Finds Firms Detect Just 19% of Human Risk
Living Security, a global leader in Human Risk Management (HRM), today announced the full speaker lineup for the Human Risk Management Conference (HRMCon 2025), taking…
Salesforce AI Agent Vulnerability Allows Let Attackers Exfiltration Sensitive Data
A critical vulnerability chain in Salesforce’s Agentforce AI platform, which could have allowed external attackers to steal sensitive CRM data. The vulnerability, dubbed ForcedLeak by Noma Labs,…
Salesforce AI Agent Vulnerability Allows Let Attackers Exfiltration Sensitive Data
A critical vulnerability chain in Salesforce’s Agentforce AI platform, which could have allowed external attackers to steal sensitive CRM data. The vulnerability, dubbed ForcedLeak by Noma Labs,…
Hackers Leverage GitHub Notifications to Mimic as Y Combinator to Steal Funds from Wallets
Cybercriminals have orchestrated a sophisticated phishing campaign exploiting GitHub’s notification system to impersonate the prestigious startup accelerator Y Combinator, targeting developers’ cryptocurrency wallets through fake…
Cisco IOS and XE Vulnerability Let Remote Attacker Bypass Authentication and Access Sensitive Data
A critical vulnerability in the implementation of the TACACS+ protocol for Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass…
New BRICKSTORM Stealthy Backdoor Attacking Tech and Legal Sectors
BRICKSTORM has surfaced as a highly evasive backdoor targeting organizations within the technology and legal industries, exploiting trust relationships to infiltrate critical networks. First detected…
SetupHijack Tool Exploits Race Conditions and Insecure File Handling in Windows Installer Processes
SetupHijack, an open-source research utility, has emerged as a powerful method for red teaming and security research by targeting race conditions and insecure file handling…
New LockBit 5.0 Ransomware Variant Attacking Windows, Linux, and ESXi Systems
Following a major law enforcement disruption in February 2024, the notorious LockBit ransomware group has resurfaced, marking its sixth anniversary with the release of a…
ZendTo Vulnerability Let Attackers Bypass Security Controls and Access Sensitive Data
A critical path traversal flaw in ZendTo has been assigned CVE-2025-34508 researchers discovered that versions 6.15–7 and prior enable authenticated users to manipulate file paths…
COLDRIVER APT Group Uses ClickFix To Deliver a New PowerShell-Based Backdoor BAITSWITCH
In recent weeks, security researchers have observed a surge in targeted attacks attributed to the COLDRIVER advanced persistent threat (APT) group. This adversary has introduced…
Volvo Group Discloses Data Breach After Ransomware Attack on HR Supplier
Volvo Group North America has begun notifying employees and associates about a data breach that exposed their personal information, including names and Social Security numbers.…