Daily Cyber News

LockBit, Qilin, and DragonForce Collaborate to Strengthen Ransomware Operations

Three leading ransomware groups—DragonForce, LockBit, and Qilin—have officially joined forces, signaling a notable shift in the global cyber threat landscape. This strategic partnership aims to enhance the effectiveness of ransomware operations, according to a report by ReliaQuest shared with The Hacker News. “Following LockBit’s recent return, this alliance is expected to enable the sharing of […]

LockBit, Qilin, and DragonForce Collaborate to Strengthen Ransomware Operations Read More »

Hackers Compromise WordPress Sites to Fuel Next-Generation ClickFix Phishing Campaigns

Cybersecurity teams have uncovered a coordinated campaign that compromises WordPress websites to inject malicious JavaScript, with the goal of redirecting visitors to fraudulent, malware laden pages. These drive by injections impersonate legitimate checks, tricking users into following steps that ultimately deliver malware or credential theft. What researchers found, and how the injection works Researchers at

Hackers Compromise WordPress Sites to Fuel Next-Generation ClickFix Phishing Campaigns Read More »

Chinese Hackers Use Open-Source Nezha Tool in Latest Cyberattack Campaign

Threat actors believed to be linked to China have repurposed a legitimate open-source monitoring framework, Nezha, to conduct a coordinated cyberattack, researchers found. The campaign, observed in August 2025 by Huntress, used a log poisoning technique to plant a PHP web shell on vulnerable web servers, then leveraged that access to deploy Nezha and ultimately

Chinese Hackers Use Open-Source Nezha Tool in Latest Cyberattack Campaign Read More »

OpenAI Blocks Russian, North Korean, and Chinese Hackers Exploiting ChatGPT for Cyberattacks

OpenAI has announced that it successfully disrupted three major cyber operations that attempted to exploit ChatGPT for malicious activities, including malware creation and phishing campaigns. Russian Threat Actor Used ChatGPT for Malware Development One of the disrupted groups was a Russian-language actor who misused ChatGPT to design and enhance a Remote Access Trojan (RAT) and

OpenAI Blocks Russian, North Korean, and Chinese Hackers Exploiting ChatGPT for Cyberattacks Read More »

Google’s New AI Not Only Detects Vulnerabilities but Also Automatically Patches Code

Google’s DeepMind has introduced a groundbreaking AI agent named CodeMender, designed to automatically identify, fix, and rewrite vulnerable code to prevent future exploits. This development strengthens Google’s ongoing efforts in AI-driven vulnerability detection, complementing tools such as Big Sleep and OSS-Fuzz. How CodeMender Works CodeMender operates both reactively and proactively, meaning it not only fixes

Google’s New AI Not Only Detects Vulnerabilities but Also Automatically Patches Code Read More »

BatShadow Group Deploys Go-Based ‘Vampire Bot’ Malware Targeting Job Seekers

Researchers at Aryaka Threat Research Labs, Aditya K Sood and Varadharajan K, report that attackers impersonate recruiters, sending seemingly legitimate job descriptions and corporate documents that conceal malicious payloads. These lures are designed to look authentic, encouraging recipients to open files that initiate a multi-stage infection. How the attack works The campaign commonly uses ZIP

BatShadow Group Deploys Go-Based ‘Vampire Bot’ Malware Targeting Job Seekers Read More »

XWorm 6.0 Resurfaces with Over 35 Plugins, Upgraded Data Theft Features

Cybersecurity experts have closely monitored the development of XWorm malware, evolving it into a highly adaptable tool capable of executing a broad range of malicious operations on infected systems. Trellix researchers Niranjan Hegde and Sijo Jacob explained, “XWorm’s architecture is modular, consisting of a core client and multiple specialized components known as plugins. Each plugin

XWorm 6.0 Resurfaces with Over 35 Plugins, Upgraded Data Theft Features Read More »

Microsoft Links Storm-1175 to GoAnywhere Exploit, Medusa Ransomware Deployment

Microsoft has attributed a recent wave of cyberattacks to a threat group identified as Storm-1175, linking it to the exploitation of a critical flaw in Fortra’s GoAnywhere MFT software. The attacks ultimately led to the deployment of Medusa ransomware, affecting several organizations globally. The vulnerability, tracked as CVE-2025-10035 with a CVSS score of 10.0, is

Microsoft Links Storm-1175 to GoAnywhere Exploit, Medusa Ransomware Deployment Read More »

13-Year-Old Critical Redis RCE Flaw Allowed Attackers Full Host Access

A newly uncovered remote code execution (RCE) flaw in Redis, known as RediShell, has revealed that attackers could gain complete control over the host system. The issue, tracked as CVE-2025-49844, was discovered by Wiz Research and carries the maximum CVSS score of 10.0, placing it among the most critical security threats identified to date. The

13-Year-Old Critical Redis RCE Flaw Allowed Attackers Full Host Access Read More »

Google Chrome RCE Flaw Disclosed, Exploit Code Published

Researchers have published full technical details and proof-of-concept exploit code for a critical remote code execution, RCE, vulnerability in Google Chrome’s V8 JavaScript engine. The bug stems from a WebAssembly type canonicalization regression that creates nullability confusion, and a separate JavaScript Promise Integration, JSPI, state-switching weakness that enables a novel sandbox bypass. This article explains

Google Chrome RCE Flaw Disclosed, Exploit Code Published Read More »