Cybercriminals have successfully circumvented Google’s Android 13 security enhancements designed to prevent malicious applications from abusing accessibility services, according to recent threat intelligence findings. The tech giant implemented these restrictions specifically to block accessibility access for sideloaded applications, a measure…
Tag: Cyber Security News
Cisco IMC Vulnerability Attackers to Access Internal Services with Elevated Privileges
A significant vulnerability in Cisco’s Integrated Management Controller (IMC) that allows malicious actors to gain elevated privileges and access internal services without proper authorization. This vulnerability poses substantial risks to enterprise networks relying on Cisco’s server management infrastructure, potentially enabling…
New Eleven11bot Hacked 86,000 IP Cameras for Massive DDoS Attack
The cybersecurity landscape faces a growing threat from sophisticated botnet operations targeting Internet of Things (IoT) devices, with recent developments highlighting the vulnerability of connected cameras and smart devices. While specific details about the Eleven11bot malware remain limited in publicly…
Cisco Nexus Dashboard Vulnerability Lets Attackers Impersonate as Managed Devices
A high-severity vulnerability has been discovered in Cisco’s Nexus Dashboard Fabric Controller (NDFC) that could allow unauthenticated attackers to impersonate managed network devices through compromised SSH connections. The vulnerability, tracked as CVE-2025-20163, carries a CVSS base score of 8.7 and…
VMware NSX XSS Vulnerability Allows Attackers to Inject Malicious Code
Multiple Cross-Site Scripting (XSS) vulnerabilities in the VMware NSX network virtualization platform could allow malicious actors to inject and execute harmful code. The security bulletin published on June 4, 2025, details three distinct vulnerabilities affecting VMware NSX Manager UI, gateway…
WordPress Admins Beware! Fake Cache Plugin that Steals Admin Logins
A sophisticated malware campaign targeting WordPress administrators has been discovered, utilizing a deceptive caching plugin to steal login credentials and compromise website security. Security researchers have identified a malicious plugin disguised as “wp-runtime-cache” that specifically targets users with administrative privileges,…
Lumma Infostealers Developers Trying Hard To Conduct Business As Usual
In the high-stakes world of cybercrime, few tools have garnered as much attention as Lumma Infostealer. Emerging as a powerful malware-as-a-service (MaaS) offering, Lumma achieved notoriety for its wide-reaching impact on both individuals and enterprises. Its main function is to…
Play Ransomware Hacked 900 Organizations, CISA Released TTPs & IOCs
Federal authorities have revealed that the notorious Play ransomware group has successfully breached approximately 900 organizations worldwide as of May 2025, marking a dramatic escalation in cybercriminal activity that has prompted an urgent security advisory from multiple government agencies. The…
Top 10 GPT Tools For Hackers, Penetration Testers, & Security Analysts
A recent analysis has identified ten advanced GPT models that are transforming the methodologies employed by hackers, penetration testers, and security analysts in 2025. These models are enhancing the precision and efficiency of security assessments, threat modeling, and vulnerability exploitation, thereby…
Wireshark Vulnerability Enables DoS Attack Through Malicious Packet Injection
A critical vulnerability in the popular network protocol analyzer Wireshark has been discovered, allowing attackers to trigger denial-of-service (DoS) attacks through packet injection or the use of malformed capture files. The security flaw, identified as CVE-2025-5601, affects millions of users…