Evasive Panda APT Using AitM Attack and DNS Poisoning to Deliver Malware
The Evasive Panda APT group, also known as Bronze Highland, Daggerfly, and StormBamboo, has been running targeted campaigns since November 2022, using advanced techniques to…
Category: CyberSecurityNews
Threat Actors Using Weaponized AV-themed Word and PDF Documents to Attack Israeli Organizations
Security researchers at Seqrite Labs have identified a campaign called Operation IconCat, targeting Israeli organizations with weaponized documents designed to look like legitimate security tools.…
Threat Actors Advertised NtKiller Malware on Dark Web Claiming Terminate Antivirus and EDR Bypass
A malicious actor known as AlphaGhoul has begun promoting a tool called NtKiller, designed to silently shut down antivirus software and endpoint detection tools. The…
Critical MongoDB Vulnerability Exposes Sensitive Data via Zlib Compression
A critical security vulnerability, tracked as CVE-2025-14847, that could allow attackers to extract uninitialized heap memory from database servers without authentication. The flaw resides in MongoDB’s…
What 2025 Taught Us About Modern Malware
The year 2025 represents a pivotal moment in cybersecurity, showcasing a remarkable evolution in zero-click exploitation techniques that significantly challenges our understanding of digital security.…
WebRAT Malware via GitHub Repositories Claim as Proof-of-concept Exploits to Attack Users
A new malware campaign has surfaced that uses GitHub repositories to spread the WebRAT malware by disguising it as proof-of-concept exploits and gaming utilities. The…
Interpol Taken Down 6 Ransomware Variants and Arrested 500+ Suspects
Law enforcement agencies across 19 African nations have achieved a landmark victory against cybercrime. Arresting 574 suspects and dismantling six ransomware variants during Operation Sentinel,…
Ransomware Attack on Romanian Waters Authority
Romania’s National Administration “Apele Române” (Romanian Waters) disclosed a severe ransomware attack on December 20, 2025. That compromised approximately 1,000 IT systems across the agency…
Operation PCPcat Hacked 59,000+ Next.js/React Servers Within 48 Hours
A massive credential-theft campaign dubbed PCPcat compromised 59,128 Next.js servers in under 48 hours. The operation exploits critical vulnerabilities CVE-2025-29927 and CVE-2025-66478, achieving a 64.6%…
Microsoft Teams to Enforce Messaging Safety Defaults Starting January 2026
Microsoft is strengthening the security posture of enterprise collaboration by automatically enabling critical messaging safety features in Microsoft Teams. According to a new administrative update,…
PoC Exploit Released HPE OneView Vulnerability that Enables Remote Code Execution
Security researchers have released a Proof-of-Concept (PoC) exploit for a critical vulnerability in HPE OneView, a popular IT infrastructure management platform. The flaw, tracked as CVE-2025-37164,…
Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack Scenarios
A comprehensive analysis of CVE-2025-50165, a critical Windows vulnerability affecting the Windows Imaging Component (WIC). That could potentially enable remote code execution through specially crafted…