A new Rowhammer attack variant named Phoenix can bypass the latest protections in modern DDR5 memory chips, researchers have revealed. The attack is the first to demonstrate a practical privilege escalation exploit on a commodity system equipped with DDR5 RAM,…
Category: Cyber Security News
0-Click Linux Kernel KSMBD RCE Exploit From N-Day Vulnerabilities
A 0-Click Linux Kernel KSMBD RCE Exploit From N-Day Vulnerabilities, achieving remote code execution on a two-year-out-of-date Linux 6.1.45 instance running the kernelspace SMB3 daemon, ksmbd. By chaining two authenticated N-day flaws, CVE-2023-52440 and CVE-2023-4130, the exploit attains an unauthenticated…
New Maranhão Stealer Via Pirated Software Leveraging Cloud-Hosted Platforms to Steal Login Credentials
Since May 2025, a novel credential stealer dubbed Maranhão Stealer has emerged as a significant threat to users of pirated gaming software. Distributed through deceptive websites hosting cracked launchers and cheats, the malware leverages cloud-hosted platforms to deliver trojanized installers…
Open Source CyberSOCEval Sets New Standards for AI in Malware Analysis and Threat Intelligence
A groundbreaking open-source benchmark suite called CyberSOCEval has emerged as the first comprehensive evaluation framework for Large Language Models (LLMs) in Security Operations Center (SOC) environments. Released as part of CyberSecEval 4, this innovative benchmark addresses critical gaps in cybersecurity…
Massive Supply Chain Attack Hijacks ctrl/tinycolor With 2 Million Downloads and Other 40 NPM Packages
A sophisticated and widespread supply chain attack has struck the NPM ecosystem, compromising the popular @ctrl/tinycolor package, which is downloaded over 2 million times per week. The attack also affected more than 40 other packages from various maintainers, introducing a…
Pro-Russian Hackers Attacking Key Industries in Major Countries Around The World
A sophisticated pro-Russian cybercriminal group known as SectorJ149 (also identified as UAC-0050) has emerged as a significant threat to critical infrastructure worldwide, conducting targeted attacks against manufacturing, energy, and semiconductor companies across multiple nations. The group’s activities represent a strategic…
Threat Actors Leverage Several RMM Tools in Phishing Attack to Maintain Remote Access
Cybercriminals are increasingly exploiting legitimate remote monitoring and management (RMM) tools to establish persistent access to compromised systems through sophisticated phishing campaigns. Joint research conducted by Red Canary Intelligence and Zscaler threat hunters has identified multiple malicious campaigns utilizing ITarian…
Sidewinder APT Hackers Leverage Nepal Protests to Push Mobile and Windows Malware
The eruption of widespread protests across Nepal in early September 2025 provided fertile ground for a sophisticated campaign orchestrated by the Sidewinder APT group. As demonstrators mobilized against government policies and social media restrictions, threat actors exploited the turbulence to…
Hackers Using Generative AI ‘ChatGPT’ to Evade Anti-virus Defenses
In mid-July 2025, a novel campaign emerged in which cybercriminals weaponized generative AI to fabricate deepfake images of government IDs, embedding them within spear-phishing messages that bypassed traditional antivirus safeguards. These emails impersonated military and security institutions, complete with convincing…
Burger King Uses DMCA Complaint to Take Down Blog Post Detailing Security Flaws on Drive-Thru Systems
Burger King has invoked the U.S. Digital Millennium Copyright Act (DMCA) to force the removal of a security researcher’s blog post that exposed critical vulnerabilities in its drive-thru “Assistant” system. The move has caused a debate over the use of…