Daily Cyber News

Cyberattack on Bouygues Telecom Exposes Data of 6.4 Million Customers

Cyberattack on Bouygues Telecom Exposes Data of 6.4 Million Customers A major cyberattack has hit French telecommunications giant Bouygues Telecom, compromising personal data belonging to 6.4 million customers. The breach, detected on August 4th, has raised serious concerns over data security and customer safety. Details of the Breach Bouygues, which serves nearly 27 million mobile […]

Cyberattack on Bouygues Telecom Exposes Data of 6.4 Million Customers Read More »

Hackers Can Exploit New Win-DDoS Flaws to Convert Public Domain Controllers into DDoS Botnets

Hackers Can Exploit New Win-DDoS Flaws to Turn Public Domain Controllers into Powerful Botnets A newly discovered attack method could be used to hijack thousands of publicly accessible Domain Controllers (DCs) worldwide, transforming them into a massive botnet capable of delivering high-powered Distributed Denial-of-Service (DDoS) attacks. The technique, named Win-DDoS, was uncovered by SafeBreach researchers

Hackers Can Exploit New Win-DDoS Flaws to Convert Public Domain Controllers into DDoS Botnets Read More »

Researchers Reveal Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

Windows RPC Vulnerability CVE-2025-49760 Enables EPM Poisoning and Privilege Escalation Attacks Cybersecurity experts have revealed fresh details about a now-patched flaw in Microsoft Windows Remote Procedure Call (RPC) that could allow attackers to spoof legitimate services and impersonate trusted servers. The issue, tracked as CVE-2025-49760 with a CVSS score of 3.5, was described by Microsoft as a Windows

Researchers Reveal Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation Read More »

WinRAR Zero-Day Exploited to Deliver Malware During Archive Extraction

WinRAR Vulnerability CVE-2025-8088 Exploited as Zero-Day to Deploy RomCom Malware A critical security flaw in WinRAR, identified as CVE-2025-8088, has been exploited in zero-day phishing campaigns to install the RomCom malware. This vulnerability, a directory traversal bug, was addressed in WinRAR version 7.13. It allows attackers to create malicious archive files that, when extracted, can

WinRAR Zero-Day Exploited to Deliver Malware During Archive Extraction Read More »

Google Confirms Data Breach Exposed Potential Google Ads Customer Information

“Google Confirms Data Breach Exposed Potential Google Ads Customer Information” Google has confirmed a data breach involving one of its corporate Salesforce CRM instances used for communicating with potential Google Ads customers. The incident exposed basic business contact details but did not affect financial or active Ads account data. In a data breach notification sent to affected parties and

Google Confirms Data Breach Exposed Potential Google Ads Customer Information Read More »

Embargo Ransomware Rakes in $34.2 Million in Crypto Since April 2024

Embargo Ransomware Rakes in $34.2 Million in Crypto Since April 2024 A recent report from blockchain intelligence firm TRM Labs reveals that the Embargo ransomware group has generated approximately $34.2 million in cryptocurrency since its emergence in April 2024. Most of the identified victims are based in the United States, particularly within the healthcare, business services, and manufacturing

Embargo Ransomware Rakes in $34.2 Million in Crypto Since April 2024 Read More »

Darknet Market Escrow Systems at Risk of Administrator Exit Scams

Darknet markets operate outside the control of traditional payment processors and legal systems, making escrow systems essential for securing cryptocurrency transactions between buyers and sellers. These systems, often using multisignature (multisig) wallets and automated release mechanisms, are designed to enhance transaction safety and manage disputes. While they offer improved protection compared to direct payments, weaknesses

Darknet Market Escrow Systems at Risk of Administrator Exit Scams Read More »

GPT-5 Jailbreak and Zero-Click AI Agent Exploits Threaten Cloud and IoT Security

Cybersecurity researchers have revealed a new jailbreak method targeting OpenAI’s GPT-5 language model, enabling it to bypass ethical safeguards and produce harmful instructions. The method, developed by NeuralTrust, combines a known exploit called Echo Chamber with a narrative-driven approach to manipulate the AI’s responses. By seeding the conversation with subtle cues and reinforcing them through storytelling, attackers

GPT-5 Jailbreak and Zero-Click AI Agent Exploits Threaten Cloud and IoT Security Read More »

Cisco Reports CRM Data Breach From Vishing Attack, No Sensitive Data Exposed

Cisco has confirmed a security breach involving a third-party cloud-based Customer Relationship Management (CRM) system. This breach exposed limited profile details of users registered on Cisco.com, such as names, email addresses, and phone numbers. The incident came to light on July 24, 2025, when a vishing (voice phishing) attack targeted one of Cisco’s representatives. This

Cisco Reports CRM Data Breach From Vishing Attack, No Sensitive Data Exposed Read More »

CISA Issues Alert on Actively Exploited D-Link Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert, adding three critical D-Link vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, confirming they are being actively exploited in real-world cyberattacks. These vulnerabilities pose serious risks to both federal and non-federal networks by exposing IP cameras and video recorders to remote exploitation.

CISA Issues Alert on Actively Exploited D-Link Vulnerabilities Read More »