VMware addressed a significant authentication bypass vulnerability in its VMware Tools for Windows suite. The vulnerability, CVE-2025-22230, could allow malicious actors with non-administrative privileges on a Windows guest virtual machine to perform high-privilege operations within that VM. VMware has classified…
Tag: Cyber Security News
248,000 Mobile Users Infected by Banking Malware With Social Engineering Techniques
Mobile banking malware has seen an alarming surge in 2024, with nearly 248,000 users encountering these dangerous threats—a staggering 3.6 times increase compared to the 69,000 users affected in 2023. This dramatic uptick, particularly pronounced in the second half of…
Microsoft Unveils New Security Copilot Agents & Protections for AI
Microsoft has announced a significant expansion of its AI-powered security capabilities, introducing autonomous security agents and enhanced protections for artificial intelligence systems. The new offerings aim to address the exponential growth in cyberattacks, which now include more than 30 billion…
ARACNE – LLM-based Pentesting Agent To Execute Commands on Real Linux Shell Systems
Cybersecurity researchers have unveiled a new autonomous penetration testing agent that leverages large language models (LLMs) to execute commands on real Linux shell systems. ARACNE, as the agent is called, represents a significant advancement in automated security testing, demonstrating the…
Security Onion 24.10 Released – What’s New
Security Onion 2.4.140 has been officially released, featuring significant upgrades to core components including Suricata 7.0.9, Zeek 7.0.6, and a host of improvements to the Security Operations Center (SOC) configuration interface. This release focuses on enhancing security, fixing bugs, and…
Researchers Compared Malware Development in Rust vs C & C++ Languages
In recent years, malware authors have increasingly turned to emerging programming languages like Rust, Nim, and Go for their nefarious creations. This shift represents a tactical evolution as threat actors seek to bypass modern security solutions and complicate reverse engineering…
Microsoft Announces New Enhanced Protection Against AI & BYOD for Edge Business Users
Microsoft has unveiled significant new data protection capabilities for its Edge for Business browser, specifically targeting the challenges posed by Bring Your Own Device (BYOD) environments and the growing integration of AI in daily workflows. Announced on March 24, 2025,…
Multistage Info Stealer SnakeKeylogger Attacking Individuals and Businesses to Steal Logins
SnakeKeylogger has emerged as a sophisticated credential-stealing malware, targeting both individuals and organizations with its multi-stage infection chain and stealthy in-memory execution techniques. This malware is specifically designed to harvest sensitive login credentials while remaining undetected by traditional security measures,…
CAPE from Cuckoo v1 – Malware Sandbox to Execute Malicious Files in An Isolated Environment
In the ever-evolving landscape of cyber threats, security professionals need robust tools to analyze malicious software safely. CAPE (Config And Payload Extraction) has emerged as a powerful malware sandbox derived from Cuckoo v1, offering advanced capabilities for executing and analyzing…
NIST Struggling To Clear the Growing Backlog of CVEs in the Official National Vulnerability Database
As of March 2025, the National Institute of Standards and Technology (NIST) continues to face mounting challenges in processing the ever-growing backlog of Common Vulnerabilities and Exposures (CVEs) in the National Vulnerability Database (NVD). Despite previous efforts to clear the…