Daily Cyber News Archives - Page 73 Of 75

Splunk Guide Helps Detect ESXi Ransomware Activity

August 14, 2025

Splunk has released a specialized security guide designed to help cybersecurity teams detect and prevent ransomware attacks targeting VMware ESXi infrastructure before significant damage occurs. This release comes amid rising cyber threats against ESXi hypervisor systems, which have become prime ransomware targets due to their centralized role in virtualization and the lack of sufficient monitoring […]

Splunk Guide Helps Detect ESXi Ransomware Activity Read More »

SmartLoader Malware Spreads via Fake GitHub Projects

August 14, 2025

Cybersecurity researchers have identified a highly sophisticated malware distribution campaign that uses GitHub repositories disguised as legitimate software projects to infiltrate systems globally. The operation leverages GitHub’s reputation as a trusted code-sharing platform, deploying SmartLoader malware across multiple repositories to target unsuspecting users. Targeting Gaming and Software Enthusiasts The malicious campaign specifically focuses on individuals

SmartLoader Malware Spreads via Fake GitHub Projects Read More »

marcsimmons westblock parlimentexterior 1113x800

Canada House of Commons Hit by Microsoft Exploit

August 14, 2025

On August 9, 2025, the Canadian House of Commons experienced a cyberattack in which threat actors exploited a recently disclosed Microsoft vulnerability to gain unauthorized access to sensitive employee data. The incident highlights the persistent cybersecurity challenges facing Canadian government institutions amid a rapidly escalating global threat landscape. Details of the Breach According to an

Canada House of Commons Hit by Microsoft Exploit Read More »

Hackers Use Phishlet for FIDO Downgrade Attacks

August 14, 2025

FIDO Passkeys Face New Downgrade Attack Threat A new and highly sophisticated cyber threat has surfaced, targeting one of the most trusted authentication technologies in modern cybersecurity. FIDO-based passkeys, widely regarded as the gold standard for phishing-resistant authentication, are now vulnerable to an advanced downgrade attack. This technique forces users to abandon strong FIDO authentication

Hackers Use Phishlet for FIDO Downgrade Attacks Read More »

WordPress Plugin Bug Exposes 70K+ Sites to RCE

August 14, 2025

A severe security flaw has been identified in the widely used “Database for Contact Form 7, WPforms, Elementor forms” WordPress plugin, putting more than 70,000 websites at risk of remote code execution (RCE) attacks. The issue, registered as CVE-2025-7384 with a CVSS score of 9.8 (Critical), impacts all plugin versions up to and including 1.4.3.

WordPress Plugin Bug Exposes 70K+ Sites to RCE Read More »

Global Brute-Force Hits Fortinet SSL VPNs Before Shift

August 12, 2025

Cybersecurity researchers have reported a sharp increase in brute-force traffic targeting Fortinet SSL VPN devices, raising concerns over a possible build-up to a broader exploitation campaign. According to threat intelligence firm GreyNoise, the coordinated activity was first detected on August 3, 2025, involving more than 780 unique malicious IP addresses. Within the past 24 hours

Global Brute-Force Hits Fortinet SSL VPNs Before Shift Read More »

Researchers Discover XZ Utils Backdoor in Dozens of Docker Hub Images, Increasing Supply Chain Risks

August 12, 2025

Security researchers have discovered dozens of Docker Hub images infected with the notorious XZ Utils backdoor, more than a year after the incident was first revealed. Even more concerning, several other images have been built on top of these compromised base images, spreading the backdoor indirectly across the Docker ecosystem, according to a Binarly Research

Researchers Discover XZ Utils Backdoor in Dozens of Docker Hub Images, Increasing Supply Chain Risks Read More »

BlackSuit Ransomware Servers Targeting U.S. Critical Infrastructure Dismantled in Major Law Enforcement Operation

August 12, 2025

In a landmark coordinated effort, international law enforcement agencies have taken down critical infrastructure linked to the BlackSuit ransomware group (also known as Royal), marking a significant blow against one of the most persistent cybercriminal operations targeting the United States. The operation, conducted on July 24, 2025, led to the seizure of four servers, nine

BlackSuit Ransomware Servers Targeting U.S. Critical Infrastructure Dismantled in Major Law Enforcement Operation Read More »

SSHamble, a New Open-Source Tool to Exploit Vulnerabilities in the SSH Protocol

August 11, 2025

SSHamble – An Advanced Open-Source Tool for Uncovering SSH Vulnerabilities SSHamble is a cutting-edge open-source reconnaissance utility built to detect and exploit security weaknesses in SSH protocol implementations across internet-facing systems. First showcased at DEFCON 33, the tool has already revealed major flaws in enterprise networking equipment and exposed widespread SSH misconfigurations impacting millions of

SSHamble, a New Open-Source Tool to Exploit Vulnerabilities in the SSH Protocol Read More »

Hackers Exploit Google Paid Ads with Fake Tesla Websites to Spread Malware

August 11, 2025

Hackers Exploit Google Paid Ads with Fake Tesla Websites to Spread Malware In recent weeks, several sponsored advertisements began appearing at the top of Google search results, claiming to offer preorders for Tesla’s upcoming Optimus robots. These ads redirected unsuspecting users to fraudulent microsites designed to mimic Tesla’s official branding, tricking them into paying a

Hackers Exploit Google Paid Ads with Fake Tesla Websites to Spread Malware Read More »