Category: CyberSecurityNews

Scaling SOC Team Expertise With AI-powered Insights for Faster, Easier Understanding of Threats
26
Nov
2025

Scaling SOC Team Expertise With AI-powered Insights for Faster, Easier Understanding of Threats

Building analyst expertise is a race against time that many Security Operations Centers (SOCs) are losing. New hires often require…

Water Gamayun APT Hackers Exploit MSC EvilTwin Vulnerability to Inject Malicious Code
26
Nov
2025

Water Gamayun APT Hackers Exploit MSC EvilTwin Vulnerability to Inject Malicious Code

Water Gamayun, a persistent threat group, has recently intensified its efforts by exploiting a newly identified MSC EvilTwin vulnerability (CVE-2025-26633)…

Microsoft Security Keys May Require PIN After Recent Windows Updates
26
Nov
2025

Microsoft Security Keys May Require PIN After Recent Windows Updates

Microsoft has confirmed that FIDO2 security keys on Windows 11 may now prompt users to set up a PIN during…

INE Expands Cross-Skilling Innovations
26
Nov
2025

INE Expands Cross-Skilling Innovations

Cary, North Carolina, USA, November 26th, 2025, CyberNewsWire New courses, certifications, and hands-on training strengthen workforce readiness. INE, the leading…

Malicious Prettier Extension on VSCode Marketplace Delivers Anivia Stealer Malware to Exfiltrate Login Credentials
26
Nov
2025

Malicious Prettier Extension on VSCode Marketplace Delivers Anivia Stealer Malware to Exfiltrate Login Credentials

A dangerous malware campaign has targeted thousands of developers through a fake extension on the Visual Studio Code Marketplace. On…

Akira Ransomware Uses SonicWall VPN Exploit to Exfiltrate Sensitive Data
26
Nov
2025

Akira Ransomware Uses SonicWall VPN Exploit to Exfiltrate Sensitive Data

The Akira ransomware group has begun weaponizing vulnerabilities in SonicWall SSL VPN devices, turning merger-and-acquisition (M&A) processes into high-speed launchpads…

Hackers Exploit NTLM Authentication Flaws to Target Windows Systems
26
Nov
2025

Hackers Exploit NTLM Authentication Flaws to Target Windows Systems

More than two decades after its initial discovery, the NTLM authentication protocol continues to plague Windows systems worldwide. What started…

Indirect-Shellcode-Executor Tool Exploits Windows API Vulnerability to Evade AV and EDR
26
Nov
2025

Indirect-Shellcode-Executor Tool Exploits Windows API Vulnerability to Evade AV and EDR

A new offensive security tool developed in Rust is demonstrating a novel method for bypassing modern Endpoint Detection and Response…

Microsoft Details Security Risks of New Agentic AI Feature
26
Nov
2025

Microsoft Details Security Risks of New Agentic AI Feature

In recent weeks, discussions have centered on Microsoft’s experimental agentic AI feature, which has introduced both advanced task automation and…

Developers Expose Passwords and API Keys via Online Tools like JSONFormatter
26
Nov
2025

Developers Expose Passwords and API Keys via Online Tools like JSONFormatter

Developers are unintentionally exposing passwords, API keys, and sensitive data by pasting production information into online formatting tools such as…

New Attack Technique Tricks AI Browsers Using a Simple ‘#’
26
Nov
2025

New Attack Technique Tricks AI Browsers Using a Simple ‘#’

Security researchers at Cato CTRL have discovered a new indirect prompt injection technique called HashJack, which weaponises legitimate websites to manipulate…

Tor Adopts Galois Onion Encryption to Strengthen Defense Against Online Attacks
26
Nov
2025

Tor Adopts Galois Onion Encryption to Strengthen Defense Against Online Attacks

The Tor Project has announced a significant cryptographic overhaul, retiring its legacy relay encryption algorithm after decades of service and…