A new Ransomware-as-a-Service (RaaS) group called RansomHub emerged in the cybercriminal ecosystem, specializing in targeting high-profile organizations through sophisticated attack vectors. The group advertises its criminal services on the Russian Anonymous Market Place (RAMP), a notorious Dark Web forum known…
Tag: Cyber Security News
China Claims that the US Attacked a Major Encryption Provider & Stole Sensitive Data
China claims that the United States conducted a targeted cyberattack against one of its leading commercial encryption providers. A newly released report from China’s National Computer Network Emergency Response Technical Team (CNCERT) alleges that U.S. intelligence agencies used advanced hacking…
19 APT Hackers Attacking Asia Company’s Servers by Exploiting Vulnerability & Spear Phishing Email
A significant surge in sophisticated cyber threats has emerged across Asia, with NSFOCUS Fuying Laboratory identifying 19 distinct Advanced Persistent Threat (APT) attack activities in March 2025. These coordinated campaigns primarily targeted organizations in South Asia and East Asia, with…
SEIKO EPSON Printer Vulnerabilities Let Attackers Execute Arbitrary Code
A critical security vulnerability in SEIKO EPSON printer drivers for Windows has been identified, allowing malicious actors to execute arbitrary code with SYSTEM-level privileges. The vulnerability, tracked as CVE-2025-42598, was published by JPCERT/CC on April 28, 2025, and affects a…
BreachForums Reveals Law Enforcement Crackdown Exploiting MyBB 0-Day Vulnerability
BreachForums, a notorious cybercrime marketplace and successor to RaidForums, has confirmed that its platform was the target of a sophisticated law enforcement operation exploiting a previously unknown vulnerability, commonly referred to as a “0-day”, in the MyBB forum software. The…
SAP NetWeaver 0-Day Vulnerability Exploited in the Wild to Deploy Webshells
SAP released an emergency out-of-band patch addressing CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver Visual Composer with the highest possible CVSS score of 10.0. This vulnerability stems from a missing authorization check in the Metadata Uploader component, allowing unauthenticated…
Windows 11 25H2 to be Released Possibly With Minor Changes
As Microsoft continues to refine Windows 11, new leaks and technical insights indicate that the upcoming 25H2 update, slated for release in September or October 2025, will likely be a minor iteration. Unlike the more substantial updates seen in previous…
New RedExt Chrome Extension Tool for Red Teamers with Flask-based C2 Server
A sophisticated new red team tool called RedExt has recently been released, combining a Manifest V3 Chrome extension with a Flask-based Command and Control (C2) server to create a powerful framework for authorized security operations. This innovative tool enables comprehensive…
Nationwide Power Outages in Portugal & Spain Possibly Due to Cyberattack
A massive power outage struck the Iberian Peninsula on April 28, 2025, plunging millions of people into darkness as electricity supplies were suddenly cut across Spain and Portugal. Sources from the electric sector suggest a cyberattack is the most likely…
Monitoring Dark Web Threats – CISO’s Proactive Approach
The dark web has rapidly become a central hub for cybercriminal activity, where stolen data, compromised credentials, and malicious tools are traded with alarming frequency. For Chief Information Security Officers (CISOs), this shadowy underworld poses a persistent and evolving threat…