Here’s How to Spot Them Early
Phishing has moved far beyond suspicious links. Today, attackers hide inside the files employees trust most; PDFs. On the surface, they look like invoices, contracts,…
Category: CyberSecurityNews
New Stealthy Python Malware Leverages Discord to Steal Data From Windows Machines
A sophisticated new Python-based information stealer has emerged in the cybersecurity landscape, demonstrating advanced capabilities for data exfiltration through Discord channels. The malware, identified as…
RapperBot Hijacking Devices to Launch DDoS Attack In a Split Second
Cybersecurity researchers began detecting an alarming surge in early April 2025 in UDP flood traffic emanating from compromised network video recorders (NVRs) and other edge…
PagerDuty Confirms Data Breach After Third-Party App Vulnerability Exposes Salesforce Data
PagerDuty, a leader in digital operations management, has confirmed a security incident that resulted in unauthorized access to some of its data stored in Salesforce.…
OpenAI Set to Acquire Analytics Platform Statsig in $1.1 Billion Agreement
OpenAI announced today its definitive agreement to acquire Statsig, a product experimentation and analytics platform, for $1.1 billion. The acquisition is a key move by…
Chrome 140 Released With Fix For Six Vulnerabilities that Enable Remote Code Execution Attacks
Google has officially promoted Chrome 140 to the stable channel, initiating a multi-platform rollout for Windows, Mac, Linux, Android, and iOS. The update brings the…
PoC Exploit Released for IIS WebDeploy Remote Code Execution Vulnerability
A proof-of-concept exploit for CVE-2025-53772, a critical remote code execution vulnerability in Microsoft’s IIS Web Deploy (msdeploy) tool, was published this week, raising urgent alarms across the .NET…
Android Security Update – Patch for 0-Day Vulnerabilities Actively Exploited in Attack
In response to the discovery of actively exploited 0-day vulnerabilities, Google has released its September 2025 Android Security Bulletin, rolling out patch level 2025-09-05 to…
CISA Warns of WhatsApp 0-Day Vulnerability Exploited in Attacks
CISA has issued an urgent advisory concerning a newly disclosed zero-day vulnerability in Meta Platforms’ WhatsApp messaging service (CVE-2025-55177). This flaw, categorized under CWE-863: Incorrect…
New TinyLoader Malware Attacking Windows Users Via Network Shares and Fake Shortcuts Files
A stealthy new malware loader dubbed TinyLoader has begun proliferating across Windows environments, exploiting network shares and deceptive shortcut files to compromise systems worldwide. First…
Hackers Leverage Hexstrike-AI Tool to Exploit Zero Day Vulnerabilities Within 10 Minutes
Threat actors are rapidly weaponizing Hexstrike-AI, a recently released AI-powered offensive security framework, to scan for and exploit zero-day CVEs in under ten minutes. Originally…
AI-Powered Cybersecurity Tools Can Be Turned Against Themselves Through Prompt Injection Attacks
AI-powered cybersecurity tools can be turned against themselves through prompt injection attacks, allowing adversaries to hijack automated agents and gain unauthorized system access. Security researchers…