A dual U.S.-China citizen and former Silicon Valley engineer has pleaded guilty to stealing critical military technology secrets designed to protect American national security interests. Chenguang Gong, 59, of San Jose, admitted to transferring over 3,600 classified files containing advanced…
Tag: Cyber Security News
How Businesses Prevent Credential Theft with Early Phishing Detection
Phishing attacks are evolving rapidly, allowing cybercriminals to bypass traditional security systems like email filters and static defenses. As a result, many businesses are left vulnerable to credential theft, often without realizing the threat until it’s too late. Early detection is key, and…
Critical Vulnerability in JavaScript Library Exposes Millions of Apps to Code Execution Attacks
A critical security vulnerability has been discovered in the widely-used JavaScript form-data library, potentially exposing millions of applications to code execution attacks. The vulnerability, assigned CVE-2025-7783, stems from the library’s use of the predictable Math.random() function to generate boundary values…
Brave Browser Blocks Microsoft Recall by Default Due to Privacy Concerns
A significant privacy protection measure with the Brave browser now blocks Microsoft’s controversial Recall feature by default starting in version 1.81 for Windows users. The decision reflects growing concerns about user privacy and data security, as Microsoft’s Recall system automatically…
Windows 11 Gets New AI-Powered Features – Discover What’s New
Microsoft has unveiled a comprehensive suite of AI-powered enhancements for Windows 11, marking a significant leap forward in personal computing experiences. With nearly 60% of users now employing generative AI for work purposes and 64% for personal projects, Windows 11…
Coyote Malware Abuses Microsoft’s UI Automation in Wild to Exfiltrate Login Credentials
A groundbreaking cybersecurity threat has emerged as researchers document the first confirmed case of malware exploiting Microsoft’s User Interface Automation (UIA) framework in active attacks. The Coyote banking trojan, initially discovered in February 2024, has evolved to incorporate this sophisticated…
CISA Warns of Chinese Hackers Exploiting SharePoint 0-Day Flaws in Active Exploitation
CISA has issued an urgent alert regarding active exploitation of critical Microsoft SharePoint vulnerabilities by suspected Chinese threat actors. The attack campaign, dubbed “ToolShell,” leverages a vulnerability chain involving CVE-2025-49706 (network spoofing) and CVE-2025-49704 (remote code execution) to gain unauthorized…
US Nuclear Weapons Agency Breached by Hackers Using SharePoint 0-Day Vulnerability
The National Nuclear Security Administration (NNSA) has fallen victim to a sophisticated cyber attack exploiting a previously unknown vulnerability in Microsoft SharePoint, marking one of the most significant security breaches targeting critical US defense infrastructure this year. Chinese government-affiliated hacking…
Firefox 141 Released With Fix for Multiple Vulnerabilities – Update Now
Mozilla has released Firefox 141 to address 17 security vulnerabilities, including several high-impact flaws that could potentially allow arbitrary code execution. The Mozilla Foundation Security Advisory, announced on July 22, 2025, urges users to update immediately to protect against these…
Clorox Sues IT Provider Cognizant For Simply Giving Employee Password to Hackers
The Clorox Company, a leading household goods manufacturer, has filed a $380 million lawsuit against IT services provider Cognizant Technology Solutions. The lawsuit accuses Cognizant’s help-desk agents of inadvertently providing hackers with access to Clorox’s network during a security breach…