Daily Cyber News

SSHamble, a New Open-Source Tool to Exploit Vulnerabilities in the SSH Protocol

SSHamble – An Advanced Open-Source Tool for Uncovering SSH Vulnerabilities SSHamble is a cutting-edge open-source reconnaissance utility built to detect and exploit security weaknesses in SSH protocol implementations across internet-facing systems. First showcased at DEFCON 33, the tool has already revealed major flaws in enterprise networking equipment and exposed widespread SSH misconfigurations impacting millions of […]

SSHamble, a New Open-Source Tool to Exploit Vulnerabilities in the SSH Protocol Read More »

Hackers Exploit Google Paid Ads with Fake Tesla Websites to Spread Malware

Hackers Exploit Google Paid Ads with Fake Tesla Websites to Spread Malware In recent weeks, several sponsored advertisements began appearing at the top of Google search results, claiming to offer preorders for Tesla’s upcoming Optimus robots. These ads redirected unsuspecting users to fraudulent microsites designed to mimic Tesla’s official branding, tricking them into paying a

Hackers Exploit Google Paid Ads with Fake Tesla Websites to Spread Malware Read More »

Cyberattack on Bouygues Telecom Exposes Data of 6.4 Million Customers

Cyberattack on Bouygues Telecom Exposes Data of 6.4 Million Customers A major cyberattack has hit French telecommunications giant Bouygues Telecom, compromising personal data belonging to 6.4 million customers. The breach, detected on August 4th, has raised serious concerns over data security and customer safety. Details of the Breach Bouygues, which serves nearly 27 million mobile

Cyberattack on Bouygues Telecom Exposes Data of 6.4 Million Customers Read More »

Hackers Can Exploit New Win-DDoS Flaws to Convert Public Domain Controllers into DDoS Botnets

Hackers Can Exploit New Win-DDoS Flaws to Turn Public Domain Controllers into Powerful Botnets A newly discovered attack method could be used to hijack thousands of publicly accessible Domain Controllers (DCs) worldwide, transforming them into a massive botnet capable of delivering high-powered Distributed Denial-of-Service (DDoS) attacks. The technique, named Win-DDoS, was uncovered by SafeBreach researchers

Hackers Can Exploit New Win-DDoS Flaws to Convert Public Domain Controllers into DDoS Botnets Read More »

Researchers Reveal Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

Windows RPC Vulnerability CVE-2025-49760 Enables EPM Poisoning and Privilege Escalation Attacks Cybersecurity experts have revealed fresh details about a now-patched flaw in Microsoft Windows Remote Procedure Call (RPC) that could allow attackers to spoof legitimate services and impersonate trusted servers. The issue, tracked as CVE-2025-49760 with a CVSS score of 3.5, was described by Microsoft as a Windows

Researchers Reveal Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation Read More »

WinRAR Zero-Day Exploited to Deliver Malware During Archive Extraction

WinRAR Vulnerability CVE-2025-8088 Exploited as Zero-Day to Deploy RomCom Malware A critical security flaw in WinRAR, identified as CVE-2025-8088, has been exploited in zero-day phishing campaigns to install the RomCom malware. This vulnerability, a directory traversal bug, was addressed in WinRAR version 7.13. It allows attackers to create malicious archive files that, when extracted, can

WinRAR Zero-Day Exploited to Deliver Malware During Archive Extraction Read More »

Google Confirms Data Breach Exposed Potential Google Ads Customer Information

“Google Confirms Data Breach Exposed Potential Google Ads Customer Information” Google has confirmed a data breach involving one of its corporate Salesforce CRM instances used for communicating with potential Google Ads customers. The incident exposed basic business contact details but did not affect financial or active Ads account data. In a data breach notification sent to affected parties and

Google Confirms Data Breach Exposed Potential Google Ads Customer Information Read More »

Embargo Ransomware Rakes in $34.2 Million in Crypto Since April 2024

Embargo Ransomware Rakes in $34.2 Million in Crypto Since April 2024 A recent report from blockchain intelligence firm TRM Labs reveals that the Embargo ransomware group has generated approximately $34.2 million in cryptocurrency since its emergence in April 2024. Most of the identified victims are based in the United States, particularly within the healthcare, business services, and manufacturing

Embargo Ransomware Rakes in $34.2 Million in Crypto Since April 2024 Read More »

Darknet Market Escrow Systems at Risk of Administrator Exit Scams

Darknet markets operate outside the control of traditional payment processors and legal systems, making escrow systems essential for securing cryptocurrency transactions between buyers and sellers. These systems, often using multisignature (multisig) wallets and automated release mechanisms, are designed to enhance transaction safety and manage disputes. While they offer improved protection compared to direct payments, weaknesses

Darknet Market Escrow Systems at Risk of Administrator Exit Scams Read More »

GPT-5 Jailbreak and Zero-Click AI Agent Exploits Threaten Cloud and IoT Security

Cybersecurity researchers have revealed a new jailbreak method targeting OpenAI’s GPT-5 language model, enabling it to bypass ethical safeguards and produce harmful instructions. The method, developed by NeuralTrust, combines a known exploit called Echo Chamber with a narrative-driven approach to manipulate the AI’s responses. By seeding the conversation with subtle cues and reinforcing them through storytelling, attackers

GPT-5 Jailbreak and Zero-Click AI Agent Exploits Threaten Cloud and IoT Security Read More »