Daily Cyber News

CISA warns of active exploitation of critical CVE-2025-5086 in DELMIA Apriso

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new critical vulnerability, CVE-2025-5086, to its Known Exploited Vulnerabilities (KEV) catalog after confirming evidence of active attacks targeting Dassault Systèmes DELMIA Apriso Manufacturing Operations Management (MOM) software. Details of the Vulnerability The flaw, rated CVSS 9.0 (critical), affects DELMIA Apriso versions from Release 2020 […]

CISA warns of active exploitation of critical CVE-2025-5086 in DELMIA Apriso Read More »

TOR-based cryptojacking attack spreads through misconfigured Docker APIs

Cybersecurity experts have recently uncovered an evolved form of a cryptojacking campaign that leverages the TOR network to target misconfigured Docker APIs. Akamai, which identified this activity in August 2025, reported that the attackers attempt to lock down exposed Docker APIs to prevent other threat actors from gaining access. This development expands on Trend Micro’s

TOR-based cryptojacking attack spreads through misconfigured Docker APIs Read More »

GPUGate Malware Leverages Google Ads and Fake GitHub Commits to Target IT Companies

Cybersecurity experts have uncovered a new malware campaign, codenamed GPUGate, that exploits Google Ads and manipulated GitHub commits to deliver malicious payloads. This operation primarily targets IT and software development companies in Western Europe and has been active since at least December 2024. Unlike typical malvertising attacks, this campaign introduces a unique twist. The attackers

GPUGate Malware Leverages Google Ads and Fake GitHub Commits to Target IT Companies Read More »

GitHub Account Breach Triggers Salesloft Drift Incident Impacting 22 Companies

Salesloft has confirmed that the recent breach impacting its Drift application was triggered by the compromise of its GitHub account, which opened the door for a wider supply chain attack. Breach Details According to Google-owned Mandiant, which is handling the investigation, the attackers, identified as UNC6395, gained unauthorized access to Salesloft’s GitHub account between March

GitHub Account Breach Triggers Salesloft Drift Incident Impacting 22 Companies Read More »

Report Reveals Microsoft Employed China-Based Engineers for SharePoint Support and Bug Fixes

A recent investigation has uncovered that Microsoft relied on engineers located in China to provide support and maintenance for its SharePoint platform, the same collaboration tool that was recently exploited by Chinese state-backed hackers. This finding has triggered serious cybersecurity concerns, especially regarding insider threats in software that is heavily used by both private companies

Report Reveals Microsoft Employed China-Based Engineers for SharePoint Support and Bug Fixes Read More »

SafePay Ransomware Claims Attacks on 73 Organizations Within a Month

SafePay ransomware has rapidly become one of 2025’s most dangerous cyber threats. Reports indicate that the group was responsible for 73 confirmed attacks in June and an additional 42 in July, bringing its total number of victims this year to over 270. Unlike ransomware-as-a-service (RaaS) groups that work with affiliate networks, SafePay functions as a

SafePay Ransomware Claims Attacks on 73 Organizations Within a Month Read More »

TAG-150 Hackers Use Custom-Built Malware Families to Target Organizations

A newly identified cyber threat group known as TAG-150 has quickly established itself as a major security concern. Since March 2025, the group has demonstrated the ability to develop and launch multiple custom-built malware families, showcasing both technical skill and rapid evolution. Their arsenal includes CastleLoader, CastleBot, and the latest addition CastleRAT, a sophisticated Remote

TAG-150 Hackers Use Custom-Built Malware Families to Target Organizations Read More »

CISA Mandates Urgent Patching of Critical Sitecore Vulnerability Under Active Attack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has directed Federal Civilian Executive Branch (FCEB) agencies to urgently patch their Sitecore systems by September 25, 2025, after confirming that a critical flaw is actively being exploited. Details of the Vulnerability The flaw, tracked as CVE-2025-53690, holds a CVSS score of 9.0, marking it as highly

CISA Mandates Urgent Patching of Critical Sitecore Vulnerability Under Active Attack Read More »

SAP S/4HANA Critical Flaw CVE-2025-42957 Actively Exploited in the Wild

A severe security flaw has been discovered in SAP S/4HANA, the widely used Enterprise Resource Planning (ERP) platform. The vulnerability, identified as CVE-2025-42957 with a CVSS score of 9.9, is currently being exploited in real-world attacks. Vulnerability Details This is a command injection vulnerability that affects the function module exposed through Remote Function Calls (RFC).

SAP S/4HANA Critical Flaw CVE-2025-42957 Actively Exploited in the Wild Read More »

VirusTotal Detects 44 SVG Files Abused to Deliver Base64-Encoded Phishing Pages

Cybersecurity researchers have uncovered a sophisticated phishing campaign abusing Scalable Vector Graphics (SVG) files to spread malicious content disguised as official documents from the Colombian judicial system. According to a report from VirusTotal, the attackers distribute the SVG files through email. These files contain hidden JavaScript code that decodes and loads a Base64-encoded phishing page

VirusTotal Detects 44 SVG Files Abused to Deliver Base64-Encoded Phishing Pages Read More »