A sophisticated Linux ransomware variant targeting VMware ESXi infrastructure has emerged as a significant threat to enterprise virtualization environments. The Lockbit Linux ESXi ransomware represents a concerning evolution in the ransomware landscape, specifically engineered to compromise and encrypt virtual machine…
Category: Cyber Security News
PyPI to Block Domains Resurrection Attacks by Blocking Access to 1800 Expired Domains
The Python Package Index (PyPI) has deployed a significant security enhancement to combat domain resurrection attacks, a sophisticated supply-chain attack vector that exploits expired domain names to compromise user accounts. Since early June 2025, the platform has proactively unverified over…
New Exploit for SAP 0-Day Vulnerability Allegedly Released in the Wild by ShinyHunters Hackers
Key Takeaways1. ShinyHunters publicly released exploits for critical SAP vulnerabilities.2. Unauthenticated attackers can achieve complete system takeover and remote code execution.3. Immediately apply SAP Security Notes 3594142 and 3604119. A working exploit targeting critical SAP vulnerabilities CVE-2025-31324 and CVE-2025-42999 has…
1.1 Million Users Data Exposed in Massive Allianz Life Data Breach
Allianz Life, a primary insurance provider, has fallen victim to a sophisticated social engineering attack that compromised the personal data of approximately 1.1 million customers in July 2025. The breach, which targeted the company’s Salesforce CRM platform, represents one of…
New Sni5Gect 5G Attack Sniffs Messages in Real-time and Injects Malicious Payloads
Cybersecurity researchers from Singapore University of Technology and Design have developed a new framework called Sni5Gect that can intercept and manipulate 5G network communications in real-time, posing significant new security risks to commercial mobile devices worldwide. The framework, presented at…
Palo Alto Networks Founder and CTO Retires After 20-Year Tenure
Palo Alto Networks announced a significant leadership transition as founder and Chief Technology Officer Nir Zuk steps down after two decades of pioneering cybersecurity innovation. The global cybersecurity leader has appointed longtime executive Lee Klarich as the new CTO and…
New Blue Locker Ransomware Attacking Oil & Gas Sector in Pakistan
Pakistan’s National Cyber Emergency Response Team (NCERT) has issued urgent warnings to 39 government ministries following a sophisticated ransomware campaign targeting the country’s critical infrastructure. The Blue Locker ransomware has successfully compromised Pakistan Petroleum Limited (PPL), the nation’s second-largest oil…
Threat Actors Weaponized Pirated Games to Bypass Microsoft Defender SmartScreen and Adblockers
Cybercriminals have successfully weaponized pirated gaming content to distribute sophisticated malware while bypassing popular security measures, including Microsoft Defender SmartScreen and widely-used adblockers. The campaign leverages trusted piracy platforms to deliver HijackLoader, a modular malware framework that has become increasingly…
Microsoft Confirms August Update Broken Reset and Recovery Options in Windows 11, 22H2, 23H2, and Others
Microsoft has officially confirmed that its August 2025 security update, known as KB5063709, is causing failures in key reset and recovery features across multiple versions of Windows. This issue, which emerged shortly after the update’s release on August 12, 2025,…
SSH Keys Are Crucial for Secure Remote Access but Often Remain a Blind Spot in Enterprise Security
Enterprise security strategies have evolved dramatically to address modern threats, yet SSH keys—critical cryptographic credentials that provide direct access to mission-critical systems—remain largely ungoverned and poorly managed across organizations. Despite their fundamental role in securing remote access to servers, cloud…