A sophisticated attack campaign by threat actor ELUSIVE COMET that exploits Zoom’s legitimate remote control feature to gain unauthorized access to victims’ computers. The attackers have successfully targeted cryptocurrency professionals using a combination of social engineering and interface manipulation techniques,…
Tag: Cyber Security News
Zero Trust Architecture – A Step-by-Step Guide for CISOs
Zero Trust Architecture (ZTA) has emerged as a critical security framework for organizations facing sophisticated threats from both external and internal vectors. In today’s rapidly evolving digital landscape, traditional security perimeters have dissolved as cloud adoption accelerates and remote work…
Linux 6.15-rc3 Released With Fix for Multiple Kernel Fixes
Linus Torvalds has announced the availability of the third release candidate for Linux kernel 6.15, continuing the development cycle with a collection of incremental improvements and bug fixes across numerous subsystems. This update brings stability enhancements while maintaining the regular…
Critical PyTorch Vulnerability Let Attackers Execute Remote Code
A critical vulnerability in PyTorch that allows attackers to execute malicious code remotely, even when using safeguards previously thought to mitigate such risks. The vulnerability, identified as CVE-2025-32434, affects all PyTorch versions up to and including 2.5.1 and was patched…
Beware! New Malware Mimics as Cisco Webex Attacks Users in-the-wild
Cybersecurity researchers have uncovered an active malware campaign dubbed “Voldemort” that masquerades as legitimate Cisco Webex components to deploy backdoors on targeted systems. The discovery comes just days after Cisco released a security advisory for a critical vulnerability in the…
Building a Cyber Risk Appetite Statement for Your Organization
In the digital era, organizations face a relentless barrage of cyber threats that can disrupt operations, compromise sensitive data, and erode stakeholder trust. As technology becomes the backbone of business processes, the stakes for managing cyber risk have never been…
Speedify VPN macOS Vulnerability Let Attackers Escalate Privilege
A significant security vulnerability, tracked as CVE-2025-25364, was discovered in Speedify VPN’s macOS application, exposing users to local privilege escalation and full system compromise. The flaw, uncovered by SecureLayer7, resides in the privileged helper tool me.connectify.SMJobBlessHelper, which is responsible for…
Hackers Leverage Zoom’s Remote Control Feature to Gain Access to the Victim’s Computer
A sophisticated attack campaign by threat actor ELUSIVE COMET that exploits Zoom’s legitimate remote control feature to gain unauthorized access to victims’ computers. The attackers have successfully targeted cryptocurrency professionals using a combination of social engineering and interface manipulation techniques,…
Hackers Bypassed Gmail’s Security Filters Bypassed for Sophisticated Phishing Attacks
A highly sophisticated phishing attack exploiting vulnerabilities in Google’s OAuth system has been identified. The attack, which successfully bypasses Gmail’s security filters, appears legitimate to users as it originates from authentic Google domains and passes all standard security checks, including…
Chinese Hackers Employ New Reverse SSH Tool to Attack Organizations
A sophisticated Chinese hacking group known as Billbug (also tracked as Lotus Blossom, Lotus Panda, and Bronze Elgin) has intensified its espionage campaign across Southeast Asia, employing a new custom Reverse SSH Tool to compromise high-value targets. This group, active…