North Korean state-sponsored cyber-espionage group Kimsuky has unveiled a sophisticated new campaign targeting South Korean entities through malicious Windows shortcut (LNK) files, demonstrating the group’s continued evolution in stealth and precision. The campaign combines tailored social engineering with advanced malware…
Category: EN
Cisco Hacked – Attackers Stole Profile Details of Users Registered on Cisco.com
Cisco has confirmed it was the target of a cyberattack where a malicious actor successfully stole the basic profile information of an undisclosed number of users registered on Cisco.com. The technology giant revealed that the breach occurred after an employee…
North Korean Hackers Weaponizing NPM Packages to Steal Cryptocurrency and Sensitive Data
A sophisticated North Korean cryptocurrency theft campaign has resurfaced with renewed vigor, weaponizing twelve malicious NPM packages to target developers and steal digital assets. The campaign, which represents a significant escalation in supply chain attacks, exploits the trust developers place…
ReVault! When your SoC turns against you…
Talos reported 5 vulnerabilities to Broadcom and Dell affecting both the ControlVault3 Firmware and its associated Windows APIs that we are calling “ReVault”. This article has been indexed from Cisco Talos Blog Read the original article: ReVault! When your SoC…
APT36 Targets Indian Government: Credential Theft Campaign Uncovered
A sophisticated phishing campaign attributed with medium confidence to the Pakistan-linked APT36 group, also known as Transparent Tribe or Mythic Leopard, has been uncovered targeting Indian defense organizations and government entities. This operation employs typo-squatted domains that mimic official Indian…
SonicWall Alerts on Surge of Attacks Against Gen 7 Firewalls Over Past 72 Hours
SonicWall has issued an urgent security advisory following a significant escalation in cyberattacks targeting Generation 7 firewalls with enabled SSLVPN functionality over the past three days. The cybersecurity company is actively investigating whether these incidents stem from a previously disclosed…
Hackers Target SharePoint Flaw to Access IIS Machine Keys
Zero-day exploits against Microsoft SharePoint are enabling attackers to extract IIS machine keys, establishing persistent backdoors that survive patches and reboots. In mid-July 2025, threat actors began abusing two critical SharePoint vulnerabilities—CVE-2025-53770 (deserialization, CVSS 9.8) and CVE-2025-53771 (authentication bypass, CVSS 6.3)—in an attack…
Cloudflare Accuses Perplexity AI of Bypassing Firewalls with User-Agent Spoofing
Cloudflare has publicly accused Perplexity AI of employing deceptive crawling practices that violate established web crawling protocols and deliberately circumvent website protection mechanisms. The cybersecurity company has documented evidence of Perplexity using undisclosed user agents and rotating IP addresses to…
Cursor IDE: Persistent Code Execution via MCP Trust Bypass
CVE-2025-54136 – MCPoison Key Insights Critical RCE Flaw in Popular AI-powered IDE Check Point Research uncovered a persistent remote code execution vulnerability in Cursor, a fast-growing AI-powered coding platform trusted by developers worldwide. MCP Vulnerability Cursor allows attackers to gain…
This palm-sized power bank can charge multiple devices at once – and I’m all for the price
The Voltme Hypercore 10K is a sleek, pocket-friendly power bank with a 10,000mAh capacity. This article has been indexed from Latest news Read the original article: This palm-sized power bank can charge multiple devices at once – and I’m all…