Threat

Microsoft 365 Outage Blocks Access to Admin Center, Core Services, and Entra ID

A significant service outage has disrupted Microsoft 365, preventing users from accessing key services, including the Admin Center and applications that depend on Microsoft Entra ID for authentication. The issue began on Thursday, October 9, 2025, and is impacting organizations worldwide. Widespread Service Disruption The outage has affected users attempting to log in to the Microsoft 365 […]

Microsoft 365 Outage Blocks Access to Admin Center, Core Services, and Entra ID Read More »

Critical Flaw in WordPress Service Finder Theme Allows Authentication Bypass by Attackers

A serious security flaw has been discovered in the popular Service Finder WordPress theme, which attackers are actively exploiting to gain unauthorized access to websites. This vulnerability allows threat actors to log in as any user, including administrators, and take complete control of affected sites. Details of the Vulnerability The flaw, tracked as CVE-2025-5947 with a

Critical Flaw in WordPress Service Finder Theme Allows Authentication Bypass by Attackers Read More »

AI Emerges as Russia’s Latest Cyber Weapon in Its War on Ukraine

Russian hackers have taken their cyber offensive to a new level by integrating artificial intelligence (AI) into cyber attacks against Ukraine, according to a report published by the State Service for Special Communications and Information Protection of Ukraine (SSSCIP). The report revealed that during the first half of 2025 (H1 2025), hackers began using AI

AI Emerges as Russia’s Latest Cyber Weapon in Its War on Ukraine Read More »

LockBit, Qilin, and DragonForce Collaborate to Strengthen Ransomware Operations

Three leading ransomware groups—DragonForce, LockBit, and Qilin—have officially joined forces, signaling a notable shift in the global cyber threat landscape. This strategic partnership aims to enhance the effectiveness of ransomware operations, according to a report by ReliaQuest shared with The Hacker News. “Following LockBit’s recent return, this alliance is expected to enable the sharing of

LockBit, Qilin, and DragonForce Collaborate to Strengthen Ransomware Operations Read More »

Hackers Compromise WordPress Sites to Fuel Next-Generation ClickFix Phishing Campaigns

Cybersecurity teams have uncovered a coordinated campaign that compromises WordPress websites to inject malicious JavaScript, with the goal of redirecting visitors to fraudulent, malware laden pages. These drive by injections impersonate legitimate checks, tricking users into following steps that ultimately deliver malware or credential theft. What researchers found, and how the injection works Researchers at

Hackers Compromise WordPress Sites to Fuel Next-Generation ClickFix Phishing Campaigns Read More »

Chinese Hackers Use Open-Source Nezha Tool in Latest Cyberattack Campaign

Threat actors believed to be linked to China have repurposed a legitimate open-source monitoring framework, Nezha, to conduct a coordinated cyberattack, researchers found. The campaign, observed in August 2025 by Huntress, used a log poisoning technique to plant a PHP web shell on vulnerable web servers, then leveraged that access to deploy Nezha and ultimately

Chinese Hackers Use Open-Source Nezha Tool in Latest Cyberattack Campaign Read More »

OpenAI Blocks Russian, North Korean, and Chinese Hackers Exploiting ChatGPT for Cyberattacks

OpenAI has announced that it successfully disrupted three major cyber operations that attempted to exploit ChatGPT for malicious activities, including malware creation and phishing campaigns. Russian Threat Actor Used ChatGPT for Malware Development One of the disrupted groups was a Russian-language actor who misused ChatGPT to design and enhance a Remote Access Trojan (RAT) and

OpenAI Blocks Russian, North Korean, and Chinese Hackers Exploiting ChatGPT for Cyberattacks Read More »

BatShadow Group Deploys Go-Based ‘Vampire Bot’ Malware Targeting Job Seekers

Researchers at Aryaka Threat Research Labs, Aditya K Sood and Varadharajan K, report that attackers impersonate recruiters, sending seemingly legitimate job descriptions and corporate documents that conceal malicious payloads. These lures are designed to look authentic, encouraging recipients to open files that initiate a multi-stage infection. How the attack works The campaign commonly uses ZIP

BatShadow Group Deploys Go-Based ‘Vampire Bot’ Malware Targeting Job Seekers Read More »

XWorm 6.0 Resurfaces with Over 35 Plugins, Upgraded Data Theft Features

Cybersecurity experts have closely monitored the development of XWorm malware, evolving it into a highly adaptable tool capable of executing a broad range of malicious operations on infected systems. Trellix researchers Niranjan Hegde and Sijo Jacob explained, “XWorm’s architecture is modular, consisting of a core client and multiple specialized components known as plugins. Each plugin

XWorm 6.0 Resurfaces with Over 35 Plugins, Upgraded Data Theft Features Read More »

Chinese Cybercrime Gang Operates Worldwide SEO Fraud Scheme Through Hacked IIS Servers

A new cybersecurity investigation has revealed a large-scale cyber fraud operation linked to a Chinese-speaking group named UAT-8099. This group is reportedly involved in SEO manipulation, data theft, and unauthorized access to systems via compromised Microsoft IIS servers. The attackers primarily target regions like India, Thailand, Vietnam, Canada, and Brazil, with victims including universities, tech

Chinese Cybercrime Gang Operates Worldwide SEO Fraud Scheme Through Hacked IIS Servers Read More »