Security researchers have uncovered new malicious activities attributed to Mustang Panda, a China-sponsored espionage group known for targeting government entities, military organizations, and non-governmental organizations primarily in East Asia and Europe. The threat actor has been observed utilizing weaponized RAR…
Tag: Cyber Security News
Windows 11 24H2 Update Bug Triggers BSOD Error – Emergency Fix Released
Microsoft has officially confirmed a major bug in its recent Windows 11 24H2 updates that is causing widespread Blue Screen of Death (BSOD) crashes, displaying the stop error code “SECURE_KERNEL_ERROR” (0x18B). The issue, first reported by Windows Latest in March…
Cisco Webex Vulnerability Allows Code Execution via Weaponized Meeting Links
A critical vulnerability in Cisco Webex App that could allow attackers to execute malicious code on target systems through specially crafted meeting invitation links. The high-severity flaw, tracked as CVE-2025-20236, has prompted Cisco to release emergency patches for affected versions…
2 Apple Iphone Zero-Day Vulnerabilities Actively Exploited in Extremely Sophisticated Attacks
Apple has released iOS 18.4.1 and iPadOS 18.4.1 to address two critical zero-day vulnerabilities that were actively exploited in highly targeted, sophisticated attacks against specific individuals iPhone. The vulnerabilities, identified in the CoreAudio and RPAC components, could allow attackers to…
Server-Side Phishing Attacks Employees & Member Portals to Steal Login Credentials
Credential theft through phishing remains one of the most reliable methods for gaining unauthorized access to enterprise environments. A sophisticated phishing campaign has been identified targeting employee and member portals of major organizations including Aramark, Highmark, and various healthcare providers.…
Interlock Ransomware Employs Multi-Stage Attack Via Legitimate Websites to Deliver Malicious Browser Updates
Cybersecurity experts have identified a sophisticated ransomware threat known as Interlock, which has been quietly expanding its operations since its first appearance in September 2024. This malware employs an elaborate multi-stage attack chain, beginning with the compromise of legitimate websites…
Jira Down – Atlassian Jira Outage Disrupts Dashboard Access for Users Globally
Atlassian, the company behind Jira, a leading project management and issue-tracking platform, is grappling with a significant service disruption that has left users unable to load certain Dashboard widgets. The outage, affecting Jira Work Management, Jira Service Management, and Jira…
Researchers Deanonymized Medusa Ransomware Group’s Onion Site
Researchers have uncovered the true identity of servers hosting one of the most notorious ransomware operations active today. The Medusa Ransomware Group, which has operated with relative anonymity through Tor hidden services, has had its cover blown through a sophisticated…
Beware of Online PDF Converters That Tricks Users to Install Password Stealing Malware
Cybercriminals have launched a sophisticated malware campaign leveraging fake PDF-to-DOCX converter websites that mimic the popular legitimate service PDFCandy. The malicious websites, including domains such as candyxpdf[.]com and candyconverterpdf[.]com, deploy an elaborate social engineering tactic designed to harvest sensitive information…
New Windows Task Scheduler Vulnerabilities Allows Command Execution as Admin User
Critical Windows Task Scheduler involving schtasks.exe binary, which could enable malicious actors to execute commands with SYSTEM-level privileges, bypassing User Account Control (UAC) prompts and erasing audit logs. These flaws significantly elevate the threat landscape for Windows environments, posing risks…