New ‘Win-DoS’ Zero-Click Vulnerabilities Turns Windows Domain Controllers into DDOS Botnet
LAS VEGAS — At the DEF CON 33 security conference, researchers Yair and Shahak Morag of SafeBreach Labs unveiled a new class of denial-of-service (DoS)…
Category: CyberSecurityNews
Google Confirms Data Breach – Notifying Users Affected By the Cyberattack
Tech giant Google has officially acknowledged a significant data breach affecting its corporate Salesforce database, with the company completing email notifications to affected users as…
Darknet Market Escrow Systems is Vulnerable to Administrator Exit Scams
Darknet markets, operating beyond the reach of traditional payment processors and legal systems, rely on escrow systems to secure cryptocurrency transactions between buyers and vendors. …
Darknet Market Escrow Systems is Vulnerable to Administrator Exit Scams
Darknet markets, operating beyond the reach of traditional payment processors and legal systems, rely on escrow systems to secure cryptocurrency transactions between buyers and vendors. …
ChatGPT “0-Click” Vulnerability in Connectors Exposed Sensitive Google Drive Data
A critical vulnerability in OpenAI’s ChatGPT Connectors feature allows attackers to exfiltrate sensitive data from connected Google Drive accounts without any user interaction beyond the…
New Linux Kernel Vulnerability Directly Exploited from Chrome Renderer Sandbox
August 9, 2025 — A critical vulnerability in the Linux kernel, identified as CVE-2025-38236, has exposed a flaw that could allow attackers to escalate privileges…
5,000+ Fake Online Pharmacies Websites Selling Counterfeit Medicines
A sophisticated cybercriminal enterprise operating over 5,000 fraudulent online pharmacy websites has been exposed in a comprehensive investigation, revealing one of the largest pharmaceutical fraud…
Threat Actors Using Typosquatted PyPI Packages to Steal Cryptocurrency from Bittensor Wallets
A sophisticated cryptocurrency theft campaign has emerged targeting the Bittensor ecosystem through malicious Python packages distributed via the Python Package Index (PyPI). The attack leverages…
Huge Wave of Malicious Efimer Malicious Script Attack Users via WordPress Sites, Malicious Torrents, and Email
A sophisticated malware campaign dubbed “Efimer” has emerged as a significant threat to cryptocurrency users worldwide, employing a multi-vector approach that combines compromised WordPress websites,…
DarkCloud Stealer Employs New Infection Chain and ConfuserEx-Based Obfuscation
A sophisticated information-stealing malware campaign has emerged, utilizing advanced obfuscation techniques and multiple infection vectors to evade traditional security controls. The DarkCloud Stealer, first documented…
Multiple 0-days to Bypass BitLocker and Extract All Protected Data
Researchers have disclosed a series of critical zero-day vulnerabilities that completely bypass Windows BitLocker encryption, allowing attackers with physical access to extract all protected data…
28,000 Microsoft Exchange Servers Vulnerable to CVE-2025-53786 Exposed Online
Over 28,000 unpatched Microsoft Exchange servers are exposed on the public internet and remain vulnerable to a critical security flaw designated CVE-2025-53786, according to new…