Daily Cyber News

TAG-150 Hackers Use Custom-Built Malware Families to Target Organizations

A newly identified cyber threat group known as TAG-150 has quickly established itself as a major security concern. Since March 2025, the group has demonstrated the ability to develop and launch multiple custom-built malware families, showcasing both technical skill and rapid evolution. Their arsenal includes CastleLoader, CastleBot, and the latest addition CastleRAT, a sophisticated Remote […]

TAG-150 Hackers Use Custom-Built Malware Families to Target Organizations Read More »

CISA Mandates Urgent Patching of Critical Sitecore Vulnerability Under Active Attack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has directed Federal Civilian Executive Branch (FCEB) agencies to urgently patch their Sitecore systems by September 25, 2025, after confirming that a critical flaw is actively being exploited. Details of the Vulnerability The flaw, tracked as CVE-2025-53690, holds a CVSS score of 9.0, marking it as highly

CISA Mandates Urgent Patching of Critical Sitecore Vulnerability Under Active Attack Read More »

SAP S/4HANA Critical Flaw CVE-2025-42957 Actively Exploited in the Wild

A severe security flaw has been discovered in SAP S/4HANA, the widely used Enterprise Resource Planning (ERP) platform. The vulnerability, identified as CVE-2025-42957 with a CVSS score of 9.9, is currently being exploited in real-world attacks. Vulnerability Details This is a command injection vulnerability that affects the function module exposed through Remote Function Calls (RFC).

SAP S/4HANA Critical Flaw CVE-2025-42957 Actively Exploited in the Wild Read More »

VirusTotal Detects 44 SVG Files Abused to Deliver Base64-Encoded Phishing Pages

Cybersecurity researchers have uncovered a sophisticated phishing campaign abusing Scalable Vector Graphics (SVG) files to spread malicious content disguised as official documents from the Colombian judicial system. According to a report from VirusTotal, the attackers distribute the SVG files through email. These files contain hidden JavaScript code that decodes and loads a Base64-encoded phishing page

VirusTotal Detects 44 SVG Files Abused to Deliver Base64-Encoded Phishing Pages Read More »

XWorm Malware Uses New Infection Chain to Evade Detection by Exploiting User and System Trust

Emerging quietly in mid-2025, XWorm has transformed into a highly sophisticated backdoor malware that manipulates both user trust and system conventions to infiltrate networks. Early indications appeared when several organizations reported a surge in phishing emails containing .lnk shortcut files disguised as ordinary documents. Security analysts quickly noticed that opening these shortcuts triggered hidden PowerShell

XWorm Malware Uses New Infection Chain to Evade Detection by Exploiting User and System Trust Read More »

Threat Actors Target PayPal Users with New Account Profile Setup Scam

A new and sophisticated phishing campaign is currently targeting PayPal users, exploiting deceptive emails titled “Set up your account profile” to compromise accounts through a clever secondary user addition scheme. This scam uses advanced email spoofing and psychological manipulation to bypass traditional security measures, marking a notable evolution in online financial fraud. The fraudulent emails

Threat Actors Target PayPal Users with New Account Profile Setup Scam Read More »

Chinese APT Hackers Exploit Router Vulnerabilities to Infiltrate Enterprise Networks

Over recent years, Chinese state-backed Advanced Persistent Threat (APT) groups have actively targeted critical flaws in enterprise routers, enabling long-term access to global telecom and government networks. Groups known by names like Salt Typhoon and OPERATOR PANDA have systematically attacked provider edge (PE) and customer edge (CE) devices from top vendors, leveraging publicly disclosed Common

Chinese APT Hackers Exploit Router Vulnerabilities to Infiltrate Enterprise Networks Read More »

Massive IPTV Operation Spans 1,000 Domains and 10,000 IP Addresses

A large-scale Internet Protocol Television (IPTV) piracy infrastructure has been uncovered, spreading over more than 1,100 domains and more than 10,000 IP addresses. This illegal ecosystem has been running for several years, offering unauthorized streams of premium digital content. The pirated material includes international sports leagues, paid subscription services, and on-demand platforms, all distributed without

Massive IPTV Operation Spans 1,000 Domains and 10,000 IP Addresses Read More »

Apache DolphinScheduler Default Permissions Vulnerability Patched, Update Immediately

A serious security flaw has been patched in Apache DolphinScheduler, a widely used open-source workflow scheduling platform. The Apache Software Foundation is urging all users to update immediately, as the vulnerability exposes systems to unauthorized access and data compromise. Nature of the Vulnerability The issue stems from overly permissive default settings in DolphinScheduler. During the

Apache DolphinScheduler Default Permissions Vulnerability Patched, Update Immediately Read More »

New NotDoor Malware Targets Outlook Users to Steal Data and Compromise Systems

A newly discovered backdoor, linked to the infamous Russian cyber-espionage group APT28 (Fancy Bear), is targeting Microsoft Outlook users. The malware enables attackers to steal sensitive information, upload malicious files, and execute commands to take full control of compromised devices. What is NotDoor? Researchers at LAB52, the threat intelligence division of Spanish cybersecurity firm S2

New NotDoor Malware Targets Outlook Users to Steal Data and Compromise Systems Read More »