Microsoft has confirmed that its hotpatching feature for Windows Server 2025, which has been in preview since 2024, will transition to a paid subscription model starting July 1st, 2025. The announcement, made by Janine Patrick, Windows Server Product Marketing Manager,…
Tag: Cyber Security News
When Satellites Go Dark – Persistent Cyber Assaults and The Growing Blind Spot
In the cold vastness of space, thousands of satellites orbit silently, providing critical infrastructure for global communications, navigation systems, and military operations. Yet these silent sentinels have increasingly become targets for sophisticated cyber attacks that threaten to plunge vital services…
Critical Linux Kernel Vulnerability Exposes Systems to Privilege Escalation Attacks
A significant vulnerability in the Linux kernel’s Virtual Socket (vsock) implementation, designated as CVE-2025-21756, has been identified that could allow local attackers to escalate privileges to root level. Security researchers have confirmed that this flaw, which received a CVSS v3.1…
ResolverRAT Attacking Healthcare and Pharmaceutical Via Sophisticated Phishing Attacks
A new sophisticated remote access trojan (RAT) has emerged as a significant threat to healthcare and pharmaceutical organizations worldwide. Dubbed ResolverRAT, this previously undocumented malware deploys advanced in-memory execution techniques and layered evasion methods to steal sensitive data while remaining…
Researchers Uncovered SuperShell Payloads & Multiple Tools From Hacker’s Open Directories
Cybersecurity researchers have uncovered a concerning cache of hacking tools, including SuperShell payloads and Cobalt Strike beacons, exposed in plain sight within open directories on the internet. This discovery highlights how threat actors sometimes inadvertently expose their arsenal while setting…
Apache Tomcat Vulnerability Let Attackers Bypass Rules & Trigger DoS Condition
The Apache Software Foundation disclosed a significant security vulnerability in Apache Tomcat that could allow attackers to bypass security rules and trigger denial-of-service conditions through manipulated HTTP priority headers. Identified as CVE-2025-31650, this high-severity vulnerability affects multiple Tomcat versions, posing…
Kali Linux Warns that Update Process is Going to Fail for All Users
Kali Linux users worldwide are facing an imminent disruption as the security-focused distribution has announced that the update process will fail for virtually all users in the coming days. The issue arises from a change in the repository signing key,…
Threat Actors Weaponize Language Software to Windows-Based Remote Surveillance Malware
Senior members of the World Uyghur Congress (WUC) living in exile became targets of a sophisticated spearphishing campaign delivering Windows-based surveillance malware. The attack utilized a trojanized version of UyghurEditPP, a legitimate open-source word processing tool developed to support the…
Threat Actors Increasingly Utilize Ransomware as a Service Boosted by EDR Killers
The cybersecurity landscape is witnessing a significant shift as threat actors increasingly leverage Ransomware as a Service (RaaS) platforms enhanced by sophisticated Endpoint Detection and Response (EDR) killers. Despite successful law enforcement operations against established ransomware gangs like LockBit, new…
Threat Actors Leverage Access to Valid Accounts via Phishing Attack
In a significant shift observed during the first quarter of 2025, cybersecurity experts have documented a dramatic surge in phishing attacks, with threat actors increasingly using this vector to gain access to valid user accounts. According to recent incident response…