Latest Cybersecurity News and Articles

LameHug malware uses AI LLM to craft Windows data-theft commands in real-time

A newly discovered malware family named LameHug is leveraging artificial intelligence to dynamically generate Windows data-theft commands in real-time. LameHug is the first malware to integrate LLM for operational command generation.

Microsoft Teams voice calls abused to push Matanbuchus malware

Matanbuchus is a malware-as-a-service (MaaS) operation first advertised on the dark web in early 2021 for $2,500. It is designed to execute malicious payloads directly in memory, enabling it to evade traditional detection mechanisms.

VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin

VMware has patched four zero-day vulnerabilities in ESXi, Workstation, Fusion, and Tools. Three of these flaws (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238) are critical, allowing guest-to-host code execution.

Threat hunting case study: Lumma infostealer

Between April and June 2024, Lumma's marketplace listed over 21,000 stolen data logs. In May 2025, a coordinated law enforcement operation led by Microsoft, DOJ, Europol, and J3C disrupted Lumma’s infrastructure.

Hacker steals $27 million in BigONE exchange crypto breach

A significant security breach at the BigONE cryptocurrency exchange has resulted in the theft of approximately $27 million in digital assets. The attack was identified as a supply-chain compromise targeting the platform’s hot wallet infrastructure.

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

Cisco has disclosed and patched a critical vulnerability, CVE-2025-20337 (CVSS 10), in its ISE and ISE-PIC. This flaw allows unauthenticated remote attackers to execute arbitrary code with root privileges.

MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities

A sophisticated Malware-as-a-Service (MaaS) operation has been identified leveraging the Emmenhtal loader and Amadey malware to distribute a variety of payloads. The campaign targets Ukrainian entities and utilizes public GitHub repositories.

GhostContainer backdoor for Exchange servers

A newly discovered backdoor malware dubbed GhostContainer is targeting Microsoft Exchange servers in high-value organizations across Asia. The malware is a .NET-based PE32 executable that leverages open-source tools and exploits CVE-2020-0688.

Over 5.4 Million Affected in Healthcare Data Breach at Episource

A major data breach at Episource has compromised the personal and health information of over 5.4 million individuals across the United States. The breach exposed sensitive data including names, contact details, SSNs, insurance information, and PHI.

Ryuk ransomware operator extradited to US, faces five years in federal prison

Karen Serobovich Vardanyan, a 33-year-old Armenian national, has been extradited to the United States and charged for his alleged involvement in Ryuk ransomware attacks that occurred between March 2019 and September 2020.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags