New VMScape Spectre-BTI Attack Exploits Isolation Gaps in AMD and Intel CPUs
A novel speculative execution attack named VMSCAPE allows a malicious virtual machine (VM) to breach its security boundaries and steal...
Read more →Category: CyberSecurityNews
What You Need to Pay Attention to Right Now
Cyber attackers constantly refine their evasion methods. That’s what makes threats, including phishing, increasingly hard to detect and investigate. Kits...
Read more →
Threat Actors Leveraging Open-Source AdaptixC2 in Real-World Attacks
In early May 2025, security teams began observing a sudden rise in post-exploitation activity leveraging an open-source command-and-control framework known...
Read more →
L7 DDoS Botnet Hijacked 5.76M Devices to Launch Massive Attacks
In early March 2025, security teams first observed an unprecedented L7 DDoS botnet targeting web applications across multiple sectors. The...
Read more →
New EggStreme Malware With Fileless Capabilities Leverages DLL Sideloading to Execute Payloads
A previously unknown advanced persistent threat (APT) group has unleashed a new fileless malware framework, dubbed EggStreme, in a highly...
Read more →
Cornwell Quality Tools Data Breach
Cornwell Quality Tools has disclosed a significant data breach that compromised the sensitive information of nearly 104,000 individuals. The incident...
Read more →
ChillyHell macOS Malware Profiles Compromised Machines and Maintain Persistence with 3 Methods
ChillyHell first surfaced on public malware repositories in early May 2025, although its developer-signed notarization dates back to 2021. This...
Read more →
Malicious Chrome Extension Attacking Users to Steal Meta Login Credentials
A novel malicious Chrome extension has been uncovered targeting digital marketers by masquerading as a productivity tool for Meta ad...
Read more →
Hackers Booked Very Little Profit with Widespread npm Supply Chain Attack
A sophisticated npm supply chain attack that surfaced in late August targeted thousands of downstream projects by injecting malicious payloads...
Read more →
NVIDIA NVDebug Tool Vulnerability Let Attackers Escalate Privileges
NVIDIA has released a security update for its NVDebug tool to address three high-severity vulnerabilities that could allow an attacker...
Read more →
Senator Calls for FTC Investigation into Microsoft’s Use of Outdated RC4 Encryption and Kerberoasting Vulnerabilities
U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to investigate Microsoft for what he terms “gross...
Read more →
1.5 Billion Packets Per Second DDoS Attack Detected with FastNetMon
FastNetMon today announced that it detected a record-scale distributed denial-of-service (DDoS) attack targeting the website of a leading DDoS scrubbing vendor in...
Read more →