To ensure the security of sensitive internet data, it takes more than encryption; it requires clear principles, careful design, and evidential support. Naman Jain is a Senior Software Development Engineer and a leading practitioner in secure systems for fintech and…
Category: Cyber Security News
New VMScape Spectre-BTI Attack Exploits Isolation Gaps in AMD and Intel CPUs
A novel speculative execution attack named VMSCAPE allows a malicious virtual machine (VM) to breach its security boundaries and steal sensitive data, like cryptographic keys, directly from its host system. The vulnerability, identified as CVE-2025-40300, affects a wide range of…
PhishKit Evasion Tactics: What You Need to Pay Attention to Right Now
Cyber attackers constantly refine their evasion methods. That’s what makes threats, including phishing, increasingly hard to detect and investigate. Kits like Tycoon 2FA regularly evolve with new tricks added to their arsenal. They slip past defenses and compromise companies, demonstrating…
New EggStreme Malware With Fileless Capabilities Leverages DLL Sideloading to Execute Payloads
A previously unknown advanced persistent threat (APT) group has unleashed a new fileless malware framework, dubbed EggStreme, in a highly targeted espionage campaign against strategic organizations. Emerging in early 2024, EggStreme exploits the legitimate Windows Mail executable (WinMail[.]exe) to sideload…
Kenyan Filmmakers Installed With FlexiSPY Spyware That Monitors Messages and Social Media
Four Kenyan filmmakers became victims of sophisticated surveillance when FlexiSPY spyware was covertly installed on their devices while in police custody, according to forensic analysis conducted by the University of Toronto’s Citizen Lab. The incident occurred on or around May…
Lessons from Salesforce/Salesloft Drift Data Breaches – Detailed Case Study
The Salesloft Drift data breaches of August 2025 stand as one of the most significant supply chain attacks in SaaS history, demonstrating how a single compromised integration can cascade into widespread organizational exposure. This sophisticated campaign, staged by the threat…
L7 DDoS Botnet Hijacked 5.76M Devices to Launch Massive Attacks
In early March 2025, security teams first observed an unprecedented L7 DDoS botnet targeting web applications across multiple sectors. The botnet, rapidly expanding from an initial 1.33 million compromised devices, employed HTTP GET floods to exhaust server resources and circumvent…
Threat Actors Leveraging Open-Source AdaptixC2 in Real-World Attacks
In early May 2025, security teams began observing a sudden rise in post-exploitation activity leveraging an open-source command-and-control framework known as AdaptixC2. Originally developed to assist penetration testers, this framework offers a range of capabilities—file system manipulation, process enumeration, and…
UK Train Operator LNER Passengers Data Accessed In Cyber Attack
London North Eastern Railway (LNER) has confirmed that passenger data was accessed following a cyber attack on one of its third-party suppliers. The breach involved unauthorized access to files containing customer contact details and information related to previous journeys. LNER…
CoreDNS Vulnerability Let Attackers Pin DNS Cache And Deny Service Updates
A significant vulnerability has been discovered in CoreDNS that could allow attackers to disrupt services by pinning DNS cache entries, effectively creating a denial of service for updates. The flaw, residing in the CoreDNS etcd plugin stems from a critical…