Category: CyberSecurityNews

Google Project Zero to Publicly Announce Vulnerabilities Within a Week of Reporting
31
Jul
2025

Google Project Zero to Publicly Announce Vulnerabilities Within a Week of Reporting

Google Project Zero has announced a significant shift in its vulnerability disclosure practices, implementing a new trial policy that will…

OAuth2-Proxy Vulnerability Enables Authentication Bypass by Manipulating Query Parameters
31
Jul
2025

OAuth2-Proxy Vulnerability Enables Authentication Bypass by Manipulating Query Parameters

A critical security vulnerability has been identified in OAuth2-Proxy, a widely-used reverse proxy that provides authentication services for Google, Azure,…

UNC2891 Threat Actors Hacked ATM Networks Using 4G Raspberry Pi Device
31
Jul
2025

UNC2891 Threat Actors Hacked ATM Networks Using 4G Raspberry Pi Device

A financially motivated threat group known as UNC2891 orchestrated a sophisticated attack on banking infrastructure by physically installing a 4G-equipped…

Microsoft SharePoint Server 0-Day Hack Hits African Treasury, Companies, and University
31
Jul
2025

Microsoft SharePoint Server 0-Day Hack Hits African Treasury, Companies, and University

A sophisticated cyberattack exploiting a zero-day vulnerability in Microsoft SharePoint servers has compromised over 400 entities globally, with significant impact…

Bangalore Techie Employee Arrested in Connection With the $44 Million CoinDCX Hack
31
Jul
2025

Bangalore Techie Employee Arrested in Connection With the $44 Million CoinDCX Hack

The Bangalore-based software engineer Rahul Agarwal, employee of prominent crypto exchange CoinDCX, was arrested in connection with a massive $44…

APT Hackers Attacking Maritime and Shipping Industry to Launch Ransomware Attacks
31
Jul
2025

APT Hackers Attacking Maritime and Shipping Industry to Launch Ransomware Attacks

The maritime industry, which facilitates approximately 90% of global trade, has emerged as a critical battleground for advanced persistent threat…

CrushFTP 0-Day RCE Vulnerability Technical Details and PoC Released
31
Jul
2025

CrushFTP 0-Day RCE Vulnerability Technical Details and PoC Released

A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable…

Free Decryptor Released for AI-Assisted FunkSec Ransomware
31
Jul
2025

Free Decryptor Released for AI-Assisted FunkSec Ransomware

Cybersecurity researchers have successfully developed and released a free decryption tool for the FunkSec ransomware, a malicious strain that leveraged…

Gunra Ransomware New Linux Variant Runs Up To 100 Encryption Threads With New Partial Encryption Feature
31
Jul
2025

Gunra Ransomware New Linux Variant Runs Up To 100 Encryption Threads With New Partial Encryption Feature

A sophisticated new Linux variant of Gunra ransomware has emerged, marking a significant escalation in the threat group’s cross-platform capabilities…

Qilin Ransomware Leverages TPwSav.sys Driver to Disable EDR Security Measures
31
Jul
2025

Qilin Ransomware Leverages TPwSav.sys Driver to Disable EDR Security Measures

Cybercriminals have once again demonstrated their evolving sophistication by weaponizing an obscure Toshiba laptop driver to bypass endpoint detection and…

ChatGPT, Gemini, GenAI Tools Vulnerable to Man-in-the-Prompt Attacks
31
Jul
2025

ChatGPT, Gemini, GenAI Tools Vulnerable to Man-in-the-Prompt Attacks

A critical vulnerability affecting popular AI tools, including ChatGPT, Google Gemini, and other generative AI platforms, exposes them to a…

New JSCEAL Attack Targeting Crypto App Users To Steal Credentials and Wallets
31
Jul
2025

New JSCEAL Attack Targeting Crypto App Users To Steal Credentials and Wallets

A sophisticated new malware campaign targeting cryptocurrency application users has emerged, leveraging compiled JavaScript files and Node.js to steal digital…