A cybersecurity researcher has successfully broken the encryption used by the Linux/ESXI variant of the Akira ransomware, enabling data recovery without paying the ransom demand. The breakthrough exploits a critical weakness in the ransomware’s encryption methodology. According to the researcher,…
Tag: Cyber Security News
SuperBlack Actors Exploiting Two Fortinet Vulnerabilities to Deploy Ransomware
Between late January and early March 2025, cybersecurity researchers at Forescout’s Vedere Labs uncovered a series of sophisticated intrusions leveraging critical Fortinet vulnerabilities. The attacks, attributed to a newly identified threat actor tracked as “Mora_001,” culminated in the deployment of…
Top 10 Best Cyber Attack Simulation Tools – 2025
Cyber attack simulation tools help organizations identify vulnerabilities, test security defenses, and improve their cybersecurity posture by simulating real-world attacks. These tools range from breach and attack simulation (BAS) platforms to adversary emulation frameworks. Here are some of the top…
What is QR Code Phishing? (Quishing) – Attack & Prevention Guide in 2025
QR code Phishing, or “Quishing,” is a cyber threat that exploits the widespread use of QR (Quick Response) codes in phishing attacks. Quishing takes advantage of the recent high-use volume and increasing popularity of QR codes. These codes, which can…
Siemens SINAMICS S200 Bootloader Vulnerability Let Attackers Compromise the Device
Siemens has disclosed a critical security vulnerability affecting specific SINAMICS S200 drive systems that could allow attackers to compromise devices by exploiting an unlocked bootloader. The vulnerability, tracked as CVE-2024-56336 and has received the highest severity ratings with a CVSS…
Hackers Abuse Microsoft Copilot for Sophisticated Phishing Attack
As organizations increasingly integrate Microsoft Copilot into their daily workflows, cybercriminals have developed sophisticated phishing campaigns specifically targeting users of this AI-powered assistant. Microsoft Copilot, which launched in 2023, has rapidly become an essential productivity tool for many organizations, integrating…
86,000+ Healthcare Staff Records Exposed from Misconfigured AWS S3 Bucket
A significant data breach involving sensitive healthcare worker information has been discovered, exposing over 86,000 records belonging to ESHYFT, a New Jersey-based HealthTech company. Cybersecurity researcher Jeremiah Fowler identified an unprotected AWS S3 storage bucket containing approximately 108.8 GB of…
CISA Warns of Apple WebKit Out-of-Bounds Write Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has warned about an actively exploited zero-day vulnerability in Apple’s WebKit browser engine, tracked as CVE-2025-24201. This vulnerability, an out-of-bounds write issue, could allow attackers to execute unauthorized code on vulnerable devices. The…
CISA Warns of Juniper Junos OS Improper Isolation Vulnerability Exploited in Wild
CISA has issued a warning regarding a newly discovered vulnerability affecting Juniper Networks’ Junos OS. The vulnerability, identified as CVE-2025-21590, involves an improper isolation or compartmentalization issue within the operating system’s kernel. This flaw could allow a local attacker with…
2-year-old Windows Kernel 0-day Vulnerability Exploited in the Wild
Microsoft has patched a critical Windows Kernel vulnerability that has been actively exploited for nearly two years. The vulnerability, tracked as CVE-2025-24983, was included in the company’s March 2025 Patch Tuesday release in March. According to cybersecurity firm ESET, which…