Daily Cyber News

TP-Link Fixes Four Security Bugs in Omada Gateways, Including Two Remote Code Execution Risks

TP-Link has issued security patches to fix four vulnerabilities affecting its Omada gateway devices. Among them are two critical flaws that could allow attackers to execute arbitrary code remotely. Overview of Vulnerabilities The identified vulnerabilities are as follows: According to TP-Link’s advisory published on Tuesday, “Attackers may execute arbitrary commands on the device’s underlying operating […]

TP-Link Fixes Four Security Bugs in Omada Gateways, Including Two Remote Code Execution Risks Read More »

CISA Adds Five Actively Exploited Vulnerabilities to Catalog Targeting Oracle and Microsoft

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. This update officially confirms that a newly disclosed flaw in Oracle E-Business Suite (EBS) has been weaponized in real-world attacks, posing serious risks to organizations using affected systems. Oracle E-Business Suite Flaws Under Attack

CISA Adds Five Actively Exploited Vulnerabilities to Catalog Targeting Oracle and Microsoft Read More »

Hackers Exploit Citrix Flaw and Deploy Snappybee Malware to Breach European Telecom Network

A European telecommunications company has reportedly fallen victim to a cyberattack linked to a China-based espionage group known as Salt Typhoon. The incident, uncovered by Darktrace, occurred in early July 2025 when the attackers exploited a Citrix NetScaler Gateway vulnerability to gain unauthorized access to the organization’s internal network. Salt Typhoon: A Persistent and Evolving

Hackers Exploit Citrix Flaw and Deploy Snappybee Malware to Breach European Telecom Network Read More »

Google Uncovers Three New Russian Malware Families Developed by COLDRIVER Hackers

Google’s Threat Intelligence Group (GTIG) has revealed new details about the Russian-linked hacking group known as COLDRIVER, uncovering three newly developed malware families that reflect the group’s increasing cyber activity since May 2025. According to GTIG’s research, COLDRIVER has significantly expanded its malware arsenal just days after its previously known malware, LOSTKEYS, was publicly exposed.

Google Uncovers Three New Russian Malware Families Developed by COLDRIVER Hackers Read More »

PolarEdge Botnet Expands, Targeting Cisco, ASUS, QNAP, and Synology Routers

Cybersecurity researchers have uncovered the inner workings of a router-focused botnet called PolarEdge, which targets devices from Cisco, ASUS, QNAP, and Synology. First reported by Sekoia in February 2025, PolarEdge uses a TLS-based ELF implant to take control of vulnerable routers and expose them to remote commands, creating a network of compromised devices for purposes

PolarEdge Botnet Expands, Targeting Cisco, ASUS, QNAP, and Synology Routers Read More »

Meta Introduces New Security Tools to Protect WhatsApp and Messenger Users from Scams

Meta has announced a new set of security tools aimed at strengthening protection for WhatsApp and Messenger users against online scams. According to Meta, these new updates are designed to help users identify and prevent fraudulent attempts that target personal data, financial information, and digital identities. Screen-Sharing Warnings on WhatsApp WhatsApp is rolling out new

Meta Introduces New Security Tools to Protect WhatsApp and Messenger Users from Scams Read More »

Canva Faces Global Outage, Millions of Users Unable to Access the Platform

Canva, one of the world’s leading graphic design platforms, is facing a major global outage that has disrupted access for millions of users. The platform’s status page confirms “significantly increased error rates” affecting almost every feature. As of 19:16 AEDT (02:46 IST), Canva remains largely unavailable with no confirmed timeline for full recovery. Widespread Impact

Canva Faces Global Outage, Millions of Users Unable to Access the Platform Read More »

New .NET CAPI Backdoor Targets Russian Automotive and E-Commerce Firms via Phishing ZIPs

Cybersecurity researchers have uncovered a fresh phishing campaign that appears aimed at organizations in Russia’s automotive and e-commerce sectors, using a previously unseen .NET implant, named CAPI Backdoor. According to Seqrite Labs, attackers distributed a ZIP attachment to trigger infection, and the ZIP artifact was uploaded to VirusTotal on October 3, 2025. image import–phishing-zip-sample Attack

New .NET CAPI Backdoor Targets Russian Automotive and E-Commerce Firms via Phishing ZIPs Read More »

North Korean Hackers Merge BeaverTail and OtterCookie into Sophisticated JavaScript Malware

North Korean hackers linked to the Contagious Interview campaign are enhancing their malicious tools by merging two major malware families, BeaverTail and OtterCookie. This evolution, observed by Cisco Talos, shows that the group is actively upgrading its capabilities and refining its JavaScript-based attack methods. Ongoing Campaign and New Findings According to Cisco Talos, the recent

North Korean Hackers Merge BeaverTail and OtterCookie into Sophisticated JavaScript Malware Read More »

Microsoft Revokes 200 Fake Certificates Abused in Rhysida Ransomware Attacks

Microsoft has taken decisive action against a cyber campaign linked to the Rhysida ransomware group by revoking more than 200 fraudulent code-signing certificates. These certificates were misused by a threat actor known as Vanilla Tempest to disguise malicious software as legitimate Microsoft Teams installers. Discovery and Disruption According to the Microsoft Threat Intelligence team, the

Microsoft Revokes 200 Fake Certificates Abused in Rhysida Ransomware Attacks Read More »