Latest Cybersecurity News and Articles

Targeted attacks leverage accounts on popular online platforms as C2 servers

A sophisticated cyberattack campaign active from late 2024 to April 2025 targeted Russian IT firms and international entities using Cobalt Strike Beacon. The attackers employed spear phishing, DLL hijacking, and social media-based payload delivery.

US Tops Hit List as 396 SharePoint Systems Compromised Globally

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770/53771 and exploited via the ToolShell exploit, has led to the compromise of 396 systems across 41 countries.

Palo Alto Networks in talks to acquire CyberArk for over $20bn

Palo Alto Networks is reportedly negotiating to acquire CyberArk Software, an Israeli publicly traded IT company, in a deal potentially exceeding $20bn. This potential acquisition of CyberArk would mark Palo Alto Networks’ largest deal to date.

Cybercriminals Attack Seychelles – Offshore Banking as a Target

A cyberattack targeting Seychelles Commercial Bank (SCB) has resulted in the exfiltration of 2.2GB of sensitive customer and government data. The attacker, operating under the alias "ByteToBreach," exploited a vulnerability in Oracle WebLogic Server.

Auto-Color Backdoor Malware Exploits SAP Vulnerability

A new malware campaign has been identified targeting Linux systems via a critical SAP NetWeaver vulnerability (CVE-2025-31324). The malware, dubbed Auto-Color, was deployed in a targeted intrusion against a US-based chemicals company in April 2025.

New Choicejacking Attack Steals Data from Phones via Public Chargers

A newly identified USB-based attack technique, dubbed Choicejacking, enables cybercriminals to steal data from smartphones via public charging stations. This method bypasses traditional security prompts.

Scattered Spider is targeting victims' Snowflake data storage for quick exfiltration

An updated joint advisory from U.S., U.K., Canadian, and Australian cybersecurity agencies warns of ongoing campaigns by Scattered Spider. This group is targeting Snowflake data storage environments to exfiltrate large volumes of sensitive data.

Minnesota activates National Guard after St. Paul cyberattack

The City of Saint Paul, Minnesota, has experienced a significant cyberattack that disrupted critical municipal services, prompting the activation of the Minnesota National Guard to provide cyber protection support.

Cybercriminals give Indiana megachurch 7 days to pay $600K ransom after data breach

Rhysida ransomware group has claimed responsibility for a cyberattack on the First Baptist Church of Hammond, Indiana. The attackers demanded a ransom of 5 BTC (~$594,000) and threatened to sell stolen data if unpaid.

Critical Authentication Flaw Identified in Base44 Vibe Coding Platform

A critical authentication vulnerability was discovered in Base44’s AI-driven "vibe coding" platform. The flaw allowed unauthorized users to bypass authentication mechanisms, including Single Sign-On (SSO), and gain access to private applications.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags