What You Need to Pay Attention to Right Now
Cyber attackers constantly refine their evasion methods. That’s what makes threats, including phishing, increasingly hard to detect and investigate. Kits like Tycoon 2FA regularly evolve…
Category: CyberSecurityNews
Threat Actors Leveraging Open-Source AdaptixC2 in Real-World Attacks
In early May 2025, security teams began observing a sudden rise in post-exploitation activity leveraging an open-source command-and-control framework known as AdaptixC2. Originally developed to…
L7 DDoS Botnet Hijacked 5.76M Devices to Launch Massive Attacks
In early March 2025, security teams first observed an unprecedented L7 DDoS botnet targeting web applications across multiple sectors. The botnet, rapidly expanding from an…
New EggStreme Malware With Fileless Capabilities Leverages DLL Sideloading to Execute Payloads
A previously unknown advanced persistent threat (APT) group has unleashed a new fileless malware framework, dubbed EggStreme, in a highly targeted espionage campaign against strategic…
Cornwell Quality Tools Data Breach
Cornwell Quality Tools has disclosed a significant data breach that compromised the sensitive information of nearly 104,000 individuals. The incident involved unauthorized access to the…
ChillyHell macOS Malware Profiles Compromised Machines and Maintain Persistence with 3 Methods
ChillyHell first surfaced on public malware repositories in early May 2025, although its developer-signed notarization dates back to 2021. This modular backdoor has eluded detection…
Malicious Chrome Extension Attacking Users to Steal Meta Login Credentials
A novel malicious Chrome extension has been uncovered targeting digital marketers by masquerading as a productivity tool for Meta ad campaigns. Dubbed “Madgicx Plus,” this…
Hackers Booked Very Little Profit with Widespread npm Supply Chain Attack
A sophisticated npm supply chain attack that surfaced in late August targeted thousands of downstream projects by injecting malicious payloads into popular JavaScript libraries. Initial…
NVIDIA NVDebug Tool Vulnerability Let Attackers Escalate Privileges
NVIDIA has released a security update for its NVDebug tool to address three high-severity vulnerabilities that could allow an attacker to escalate privileges, execute code,…
Senator Calls for FTC Investigation into Microsoft’s Use of Outdated RC4 Encryption and Kerberoasting Vulnerabilities
U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to investigate Microsoft for what he terms “gross cybersecurity negligence,” accusing the tech…
DDoS Mitigation Provider targeted In 1.5 Gpps 1.5 Billion Packets per Second DDoS Attack
FastNetMon, a prominent provider of DDoS detection solutions, announced this week that it had identified and helped mitigate a record-breaking distributed denial-of-service (DDoS) attack. The…
ACSC Warns Of Sonicwall Access Control Vulnerability Actively Exploited In Attacks
The Australian Cyber Security Centre (ACSC) has issued a critical alert regarding a severe access control vulnerability in SonicWall products that is being actively exploited…