As students return to campus and online learning platforms, cybercriminals are increasingly leveraging artificial intelligence to create sophisticated scams targeting the education sector. These AI-enhanced attacks have become more convincing and harder to detect, making them particularly dangerous for students,…
Category: Cyber Security News
Beware of Website Mimicking Google Play Store Pages to Deliver Android Malware
A sophisticated Android malware campaign has resurfaced, exploiting deceptive websites that perfectly mimic legitimate Google Play Store application pages to distribute the notorious SpyNote Remote Access Trojan (RAT). This malicious operation targets unsuspecting users by creating static HTML clones of…
Kimsuky APT Data Leak – GPKI Certificates, Rootkits and Cobalt Strike Personal Uncovered
In late June 2025, a significant operational dump from North Korea’s Kimsuky APT group surfaced on a dark-web forum, exposing virtual machine images, VPS infrastructure, customized malware and thousands of stolen credentials. This leak offers an unprecedented window into the…
Multiple vtenext Vulnerabilities Let Attackers Bypass Authentication and Execute Remote Codes
A comprehensive security analysis of vtenext CRM version 25.02 has revealed multiple critical vulnerabilities that allow unauthenticated attackers to bypass authentication mechanisms through three distinct attack vectors, ultimately leading to remote code execution on target systems. The Italian CRM solution,…
EDR vs MDR – What is the Difference and Which Solution Right for Your Organization?
As cybersecurity threats continue to evolve in complexity and sophistication, organizations face critical decisions about their security infrastructure. Two prominent approaches have emerged as frontrunners in enterprise security: Endpoint Detection and Response (EDR) and Managed Detection and Response (MDR). While both solutions aim…
Hackers Can Exploit (eval) or (exec) Python Calls to Execute Malicious Code
A sophisticated obfuscation technique that threat actors are using to bypass detection systems and exploit Python’s eval() and exec() functions for malicious code execution. With over 100 supply chain attacks reported on PyPI in the past five years, these techniques…
Chinese Hacker Jailed for Deploying Kill Switch on Ohio-based Key Company’s Global Network
A Chinese national has been sentenced to four years in federal prison for orchestrating a sophisticated insider cyberattack against his former employer’s global network infrastructure. Davis Lu, 55, utilized his privileged access as a software developer to deploy destructive malware…
Arch Linux Confirms Week-Long DDoS Attack Disrupted its Website, Repository, and Forums
The Arch Linux Project has officially confirmed that its primary infrastructure services have been subjected to an ongoing distributed denial-of-service (DDoS) attack that has persisted for over a week. The attack severely impacted user access to critical resources, including the…
Threat Actors Weaponizing Windows Scheduled Tasks to Establish Persistence Without Requiring Extra Tools
Over the past year, security teams have observed an uptick in adversaries leveraging native Windows Scheduled Tasks to maintain footholds in compromised environments. Unlike elaborate rootkits or zero-day exploits, these techniques exploit built-in system functionality, enabling threat actors to persist…
Microsoft Copilot Agent Policy Let Any Users Access AI Agents
Shortly after the May 2025 rollout of 107 Copilot Agents in Microsoft 365 tenants, security specialists discovered that the “Data Access” restriction meant to block agent availability is being ignored. Key Takeaways1. The “NoUsersCanAccessAgent” policy is bypassed, leaving some Copilot…