Daily Cyber News

Cisco Alerts Users to New Firewall Attack Exploiting CVE 2025 20333 and CVE 2025 20362

Cisco has issued a critical security alert, warning users of a new attack variant targeting its Secure Firewall appliances. This campaign exploits two specific vulnerabilities, CVE-2025-20333 and CVE-2025-20362, which can cause unpatched devices to crash and create a denial-of-service (DoS) condition, disrupting network operations. Exploited Vulnerabilities in Firewall Software The networking giant disclosed that it […]

Cisco Alerts Users to New Firewall Attack Exploiting CVE 2025 20333 and CVE 2025 20362 Read More »

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine

A previously unidentified threat actor, aligned with Russian interests, has been discovered impersonating the cybersecurity firm ESET in a sophisticated phishing campaign against Ukrainian targets. The attacks, detected in May 2025, involved distributing malicious software installers that deployed a stealthy backdoor known as Kalambur. Deceptive Phishing Lures and Communication Channels The group, tracked by ESET

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine Read More »

SonicWall Confirms State Sponsored Hackers Behind September Cloud Backup Breach

Network security giant SonicWall has officially confirmed that a sophisticated state-sponsored threat actor was responsible for a September security incident. The breach resulted in the unauthorized access of firewall configuration backup files from a specific cloud environment, though the company has assured customers that its core products and firmware remain unaffected. Isolated Breach in a

SonicWall Confirms State Sponsored Hackers Behind September Cloud Backup Breach Read More »

Mysterious ‘SmudgedSerpent’ Hackers Target U.S. Policy Experts Amid Rising Iran–Israel Tensions

A previously unknown hacking group, codenamed “SmudgedSerpent,” has been uncovered targeting American academics and foreign policy specialists. This cyber espionage campaign, which occurred between June and August 2025, aligns with a period of significantly heightened tensions between Iran and Israel, pointing to a clear intelligence-gathering motive. Deceptive Lures and Established Playbooks The threat actor, identified

Mysterious ‘SmudgedSerpent’ Hackers Target U.S. Policy Experts Amid Rising Iran–Israel Tensions Read More »

U.S. Imposes Sanctions on 10 North Korean Entities for Laundering $12.7 Million Through Crypto and IT Fraud

In a significant move to disrupt North Korea’s illicit financing activities, the U.S. Treasury Department has sanctioned a network of ten individuals and entities. This action targets those accused of laundering millions of dollars generated through cybercrime and a global IT worker fraud scheme, directly channeling funds into the regime’s prohibited weapons development programs. Targeting

U.S. Imposes Sanctions on 10 North Korean Entities for Laundering $12.7 Million Through Crypto and IT Fraud Read More »

Unprecedented Cybercrime Alliance: Scattered Spider, LAPSUS$, and ShinyHunters Join Forces

A new and alarming cyber alliance has surfaced, merging three of the most infamous hacker groups — Scattered Spider, LAPSUS$, and ShinyHunters. Together, they have formed a unified collective called Scattered LAPSUS$ Hunters (SLH), signaling a new phase of organized cybercrime that blends extortion, social engineering, and brand manipulation. A New Wave of Cyber Collaboration

Unprecedented Cybercrime Alliance: Scattered Spider, LAPSUS$, and ShinyHunters Join Forces Read More »

Critical React Native CLI Vulnerability Exposed Millions of Developers to Remote Attacks

A critical security vulnerability, tracked as CVE-2025-11953, has been discovered and patched in the widely used @react-native-community/cli npm package. This flaw could have allowed remote, unauthenticated attackers to execute arbitrary operating system commands on a developer’s machine, posing a severe risk to the software development ecosystem. Vulnerability Overview and Severity The vulnerability received the highest severity rating with

Critical React Native CLI Vulnerability Exposed Millions of Developers to Remote Attacks Read More »

Europol and Eurojust Dismantle 600 Million Euro Crypto Fraud Network in Global Operation

In a major international law enforcement operation, nine individuals have been arrested for their alleged roles in a sophisticated cryptocurrency money laundering network that defrauded victims of an estimated €600 million (approximately $688 million). The coordinated takedown highlights the global fight against increasingly professionalized crypto-enabled financial crimes. A Coordinated Cross-Border Takedown The operation, which took place between

Europol and Eurojust Dismantle 600 Million Euro Crypto Fraud Network in Global Operation Read More »

Operation SkyCloak Uses Tor-Enabled OpenSSH Backdoor to Target Defense Organizations

A sophisticated cyber espionage campaign, dubbed Operation SkyCloak, is using weaponized phishing emails to deploy a highly stealthy backdoor on target systems. The malware establishes persistent remote access by combining a customized OpenSSH server with a Tor hidden service, creating a covert channel that is extremely difficult to trace. The Lure: Phishing with Military Documents The

Operation SkyCloak Uses Tor-Enabled OpenSSH Backdoor to Target Defense Organizations Read More »

Microsoft Teams Vulnerabilities Allow Attackers to Impersonate Colleagues and Edit Messages Undetected

Security researchers have uncovered a set of critical vulnerabilities within Microsoft Teams that could have allowed attackers to manipulate conversations, impersonate trusted colleagues, and exploit notifications to launch sophisticated social engineering attacks. These flaws fundamentally undermined the trust users place in the platform’s communication integrity. The Core Vulnerabilities: A Breakdown of the Threats Discovered by

Microsoft Teams Vulnerabilities Allow Attackers to Impersonate Colleagues and Edit Messages Undetected Read More »