New TorNet backdoor Abusing Windows Schedule Task to Deliver Malware
A financially motivated threat actor has been linked to a sophisticated cyber campaign that has been targeting users in Poland and Germany since July 2024. …
Category: CyberSecurityNews
PowerSchool Starts Notifying Students Following Massive Breach
PowerSchool, a leading U.S.-based education technology provider, has begun notifying students, teachers, and other affected individuals following a massive data breach that occurred in December…
How SOC/DFIR Teams Prevent Ransomware Threats in Healthcare
Ransomware attacks targeting the healthcare sector have become increasingly challenging to manage due to financial losses and the risks posed to patient safety and operational…
VMware Avi Load Balancer Vulnerability Let Attackers Gain Database Access
Broadcom disclosed a critical vulnerability affecting its Avi Load Balancer product. The vulnerability, identified as CVE-2025-22217, is an unauthenticated blind SQL injection vulnerability that could…
Akira’s New Linux Ransomware Attacking VMware ESXi Servers
The Akira ransomware group, a prominent player in the Ransomware-as-a-Service (RaaS) domain since March 2023, has intensified its operations with a new Linux variant targeting…
One Identity Manager Vulnerability Let Attackers Escalate Privileges
A critical Insecure Direct Object Reference (IDOR) vulnerability has been identified in One Identity Manager, a widely used identity and access management solution. This vulnerability,…
New Phishing Campaign Mimic Amazon Prime Membership To Steal Credit Card Data
A sophisticated phishing campaign targeting Amazon Prime members has been uncovered, aiming to steal credit card information and other sensitive data. Cybersecurity experts have identified…
Chrome Security Update – Memory Corruption & Access Vulnerabilities Patched
Google has rolled out a new Stable Channel Update for its Chrome browser, addressing critical security vulnerabilities that posed significant risks to users. The update,…
CISA Releases Six ICS Advisories Highlighting Critical Security Vulnerabilities
U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories to address significant vulnerabilities in critical systems used across various industries.…
PayPal Hit With $2 Million Fine For Cybersecurity Failures
The New York State Department of Financial Services (NYDFS) has imposed a $2 million fine on PayPal, Inc. for violations of its stringent cybersecurity regulations.…
New Ransomware Attacking VMware ESXi Hosts Via SSH Tunneling to Evade Detection
New ransomware strains are quietly infiltrating VMware ESXi hosts by setting up SSH tunnels and concealing malicious traffic within legitimate activity. This stealth tactic allows…
phpMyAdmin Vulnerability Let Hackers Trigger XSS Attack With Malicious Tables
A moderate-severity Cross-Site Scripting (XSS) vulnerability has been identified in phpMyAdmin, a widely used open-source tool for managing MySQL databases. This flaw, tracked as CVE-2025-24530,…