Latest Cybersecurity News and Articles

Hackers Spoof Microsoft ADFS Login Pages to Steal Credentials

A help desk phishing campaign targets an organization's Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA) protections.

DDoS Attacks Reportedly Behind DayZ and Arma Network Outages

An ongoing distributed denial of service (DDoS) attack targets Bohemia Interactive's infrastructure, preventing players of DayZ and Arma Reforger from playing the games online.

Researcher Outsmarts, Jailbreaks OpenAI's New o3-mini

Despite its improvements, a CyberArk researcher found a way to exploit o3-mini by pretending to be a historian seeking knowledge. While engaging with it, he eventually led it to produce steps that could be used to exploit a critical Windows process.

Critical RCE Flaw in Microsoft Outlook Now Exploited in Attacks

Discovered by Check Point vulnerability researcher Haifei Li and tracked as CVE-2024-21413, the flaw is caused by improper input validation when opening emails with malicious links using vulnerable Outlook versions.

Basket of Bank Trojans Defraud Citizens of East India

Victims receive WhatsApp messages containing malicious Android Package Kit (APK) files. Once downloaded, these APKs appear as fake apps of major banks like HDFC Bank and ICICI Bank.

CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks

The US Cybersecurity & Infrastructure Security Agency (CISA) has added four vulnerabilities to its Known Exploited Vulnerabilities catalog, urging federal agencies and large organizations to apply the available security updates as soon as possible.

Robocallers Posing as FCC Fraud Prevention Team Call FCC Staff

The FCC has proposed a $4,492,500 fine against VoIP service provider Telnyx for allegedly allowing customers to make robocalls posing as fictitious FCC "Fraud Prevention Team," by failing to comply with Know Your Customer (KYC) rules.

Update: Hackers Exploit SimpleHelp RMM Flaws to Deploy Sliver malware

The attack started with the threat actors exploiting the vulnerabilities in the SimpleHelp RMM client, tracked as CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, to establish an unauthorized connection to a target endpoint.

Attackers Use NOVA Stealer to Target Russian Organizations

The BI.ZONE Threat Intelligence team has reported a significant ongoing campaign distributing the NOVA stealer, a new commercial variant of the SnakeLogger malware. This campaign is primarily targeting Russian organizations across various sectors.

Cisco Addressed Two Critical Flaws in its Identity Services Engine

Cisco addressed multiple vulnerabilities, including two critical remote code execution flaws, tracked as CVE-2025-20124 (CVSS score of 9.9) and CVE-2025-20125 (CVSS score of 9.1), in Identity Services Engine (ISE).

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags