Google Warns 2.5B Gmail Users to Reset Passwords Following Salesforce Data Breach
Google has issued a broad security alert to its 2.5 billion Gmail users, advising them to enhance their account security in the wake of a…
Category: CyberSecurityNews
U.S. Government Seizes Online Marketplaces Used to Sell Fraudulent Identity Documents to Cybercriminals
The U.S. Attorney’s Office for the District of New Mexico announced Thursday that federal authorities have executed a court-authorized seizure of two domain names and…
Threat Actors Leveraging Windows and Linux Vulnerabilities in Real-world Attacks to Gain System Access
Cybersecurity teams worldwide have observed a surge in sophisticated campaigns exploiting both Windows and Linux vulnerabilities in recent months to achieve unauthorized system access. These…
Cyber Attacks Targeting Education Sector Surges Following Back-to-School Season
As students and staff returned to campuses this August, a stark rise in cyber attacks against educational institutions has been observed worldwide. From January to…
Hackers Weaponize PDF Along With a Malicious LNK File to Compromise Windows Systems
Attackers have begun leveraging a seemingly innocuous PDF newsletter alongside a malicious Windows shortcut (LNK) file to infiltrate enterprise environments. The attack surfaced in late…
AppSuite PDF Editor Hacked to Execute Arbitrary Commands on The Infected System
A sophisticated malware campaign has emerged targeting users seeking free PDF editing software, with cybercriminals distributing a malicious application masquerading as the legitimate “AppSuite PDF…
WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users
A sophisticated attack campaign has leveraged a previously unknown zero-day vulnerability in WhatsApp on Apple devices to target specific users, the company has confirmed. The…
Citrix Netscaler 0-day RCE Vulnerability Patched
A significant global effort to patch a critical zero-day remote code execution (RCE) vulnerability in Citrix NetScaler devices has seen the number of exposed systems…
NodeBB Vulnerability Let Attackers Inject Boolean-Based Blind and PostgreSQL Error-Based Payloads
NodeBB, a popular open-source forum platform, has been found vulnerable to a critical SQL injection flaw in version 4.3.0. The flaw, tracked as CVE-2025-50979, resides…
NightSpire Ransomware Group Claims to Exploit The Vulnerabilities of Orgs to Infiltrate Their Systems
Since its emergence in February 2025, the NightSpire ransomware group has rapidly distinguished itself through a sophisticated double-extortion strategy that combines targeted encryption with public…
New TAOTH Campaign Exploits End-of-Support Software to Distribute Malware and Collect Sensitive Data
In June 2025, a previously undocumented campaign leveraging end-of-support software began surfacing in telemetry data gathered across Eastern Asia. Dubbed TAOTH, the operation exploits an…
Hackers Leverage Compromised Third-Party SonicWall SSL VPN Credentials to Deploy Sinobi Ransomware
A sophisticated ransomware attack has emerged targeting organizations through compromised third-party managed service provider (MSP) credentials, showcasing the evolving tactics of cybercriminals in 2025. The…