A sophisticated threat actor known as NoisyBear has emerged as a significant concern for Kazakhstan’s energy sector, employing advanced tactics to infiltrate critical infrastructure through weaponized ZIP files and PowerShell-based attack chains. This newly identified group has been orchestrating targeted…
Category: Cyber Security News
Hackers Leverage X’s Grok AI To Amplify Malicious Links Via Promoted Posts
A new cyber-attack, dubbed “Grokking,” is exploiting features on the social media platform X to spread malicious links on a massive scale. Scammers are manipulating the platform’s advertising system and its generative AI, Grok, to bypass security measures and amplify…
US Offers $10M Bounty For FSB Hackers Who Exploited Cisco Vulnerability To Attack Critical Infrastructure
The United States government has announced a reward of up to $10 million for information leading to the identification or location of three Russian intelligence officers. The bounty, offered through the Department of State’s Rewards for Justice program, targets members…
Django Critical Vulnerability Let attackers Execute Malicious SQL Code on Web Servers
The Django development team has issued critical security updates to address a high-severity vulnerability that could allow attackers to execute malicious SQL code on web servers using the popular framework. The flaw, identified as CVE-2025-57833, affects multiple versions of Django,…
Threat Actors Using Stealerium Malware to Attack Educational Organizations
Educational institutions have become prime targets in the escalating battle against commodity information stealers. First emerging in 2022 as an open-source project on GitHub, Stealerium was initially released “for educational purposes” but rapidly attracted illicit interest. Adversaries adapted and enhanced…
Microsoft Confirms UAC Bug Breaks App Install On Windows 11 And 10 Versions
Microsoft has officially acknowledged a significant bug in recent Windows security updates that is causing application installation and repair failures across multiple versions of Windows 10, Windows 11, and Windows Server. The issue stems from a security enhancement in the…
Google Services Down For Most Of The Users In US, Turkey And Eastern Europe
A significant outage of Google services, including its search engine, Gmail, and YouTube, has affected users across Turkey and several countries in Eastern Europe. The disruption, which began on Thursday morning, also impacted other popular platforms such as Google Maps,…
XWorm Malware With New Infection Chain Evade Detection Exploiting User and System Trust
Emerging quietly in mid-2025, the XWorm backdoor has evolved into a deceptively sophisticated threat that preys on both user confidence and system conventions. Initial reports surfaced when organizations noted a sudden uptick in obscure .lnk-based phishing emails masquerading as benign…
Threat Actors Attack PayPal Users in New Account Profile Set up Scam
A sophisticated phishing campaign targeting PayPal’s massive user base has emerged, utilizing deceptive “Set up your account profile” emails to compromise user accounts through an ingenious secondary user addition scheme. The attack leverages advanced email spoofing techniques and psychological manipulation…
Chinese APT Hackers Exploit Router Vulnerabilities to Infiltrate Enterprise Environments
Over the past several years, a concerted campaign by Chinese state-sponsored Advanced Persistent Threat (APT) groups has exploited critical vulnerabilities in enterprise-grade routers to establish long-term footholds within global telecommunications and government networks. These actors, often identified under monikers such…