North Korean IT Workers Demands Ransomware By Stealing Companies Source Codes
North Korean IT workers masquerading as remote workers have been breaking into Western companies, stealing confidential source codes, and requesting ransoms to prevent their release.
This emerging threat, flagged by the Federal Bureau of Investigation...
Bypassing EDR Detection by Exploiting Hardware Breakpoints at CPU Level
Adversaries continue to innovate methods to bypass Endpoint Detection and Response (EDR) systems. An exceptionally sophisticated approach involves leveraging hardware breakpoints at the CPU level to evade detection mechanisms such as Event Tracing for...
phpMyAdmin Vulnerability Let Hackers Trigger XSS Attack With Malicious Tables
A moderate-severity Cross-Site Scripting (XSS) vulnerability has been identified in phpMyAdmin, a widely used open-source tool for managing MySQL databases.
This flaw, tracked as CVE-2025-24530, affects versions 5.x prior to 5.2.2 and is linked to...
New Ransomware Attacking VMware ESXi Hosts Via SSH Tunneling
New ransomware strains are quietly infiltrating VMware ESXi hosts by setting up SSH tunnels and concealing malicious traffic within legitimate activity.
This stealth tactic allows attackers to access critical virtual machine environments without triggering many...
PoC Exploit Released For Critical Microsoft Outlook (CVE-2025-21298) Zero-Click RCE Vulnerability
A new proof-of-concept (PoC) has been released for Microsoft Outlook zero-click remote code execution (RCE) vulnerability in Windows Object Linking and Embedding (OLE), identified as CVE-2025-21298.
The PoC demonstrates memory corruption, shedding light on the...
Subaru Car Vulnerability Lets Hackers Control Millions of Cars Remotely Using Starlink
A critical vulnerability in Subaru's STARLINK connected vehicle service was discovered late last year, exposing millions of vehicles and customer accounts across the United States, Canada, and Japan to potential cyberattacks.
Subaru is known...
Critical Palo Alto Firewall Vulnerabilities Let Hackers Bypass Secure Boot & Exploit Firmware
A recent cybersecurity report has identified critical vulnerabilities in Palo Alto Networks firewall devices that could enable attackers to bypass Secure Boot protections, exploit firmware-level flaws, and obtain elevated privileges, allowing them to maintain...
Fake Microsoft Teams Page Drops Malware On Windows By Exploiting Bing Ads
Unit 42 researchers Bradley Duncan and Zach Diehl uncovered a malicious campaign exploiting Bing search advertisements to deliver malware through deceptive websites impersonating legitimate software pages.
This alarming discovery highlights the growing trend of...
Tycoon 2FA Phishing Kit Using Specially Crafted Code To Evade Detection
The cybersecurity landscape faces a growing threat with the emergence of the Tycoon 2FA phishing kit, a sophisticated Phishing-as-a-Service (PhaaS) platform designed to bypass MFA and evade detection.
First identified in August 2023, Tycoon 2FA...
GhostGPT – New AI Black Hat Tool Used by Hackers to Generative Malware &...
The development of generative AI offered both opportunities for beneficial productivity transformation and opportunities for malicious exploitation.
GhostGPT, an uncensored AI chatbot created specifically for cybercrime, is the most recent threat in this domain.
GhostGPT, which...