The U.S. Department of Justice (DOJ) unsealed indictments today against 12 Chinese nationals linked to state-sponsored cyber espionage campaigns targeting the U.S. Treasury Department, religious organizations, media outlets, and critical infrastructure. The charges reveal an extensive, decade-long operation leveraging advanced…
Tag: Cyber Security News
Bybit Hot Wallet Exploit for Malicious Transaction – Technical Analysis Released
Researchers uncovered one of the most technically sophisticated attacks in cryptocurrency history, exploiting Bybit’s Ethereum hot wallet infrastructure through a malicious proxy contract upgrade. The breach, attributed to North Korea’s Lazarus Group via blockchain fingerprinting, resulted in the theft of…
41,500+ VMware ESXi Instances Vulnerable to Code Execution Attacks
Shadowserver observed that 41,500+ internet-exposed VMware ESXi hypervisors as of March 4, 2025, are vulnerable to CVE-2025-22224, a critical zero-day vulnerability actively exploited in attacks. Broadcom patched the vulnerability in an emergency update. It enables attackers with local administrative access…
BadBox Malware from Google Play Hacked 50,000+ Android Devices Using 24 Apps
HUMAN Security’s Satori Threat Intelligence team has uncovered a sophisticated malware operation dubbed “BADBOX 2.0” that compromised over 50,000 Android devices using 24 deceptive applications. This operation represents a major expansion of the original BADBOX campaign first identified in 2023,…
Microsoft To Harden The Trust Boundary of VBS Enclaves
Microsoft has recently published comprehensive guidance for developers working with Virtualization-Based Security (VBS) enclaves, highlighting critical security measures to strengthen the trust boundary between different virtual trust levels. The guidance by the Microsoft Security team, addresses fundamental security challenges that…
Microsoft Warns of Silk Typhoon Hackers Attacking IT Supply Chain
Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese state-sponsored espionage group that has begun targeting common IT solutions including remote management tools and cloud applications to gain initial access to organizational networks. This…
Hackers Leveraging Business Relationship To Attack Arab Emirates Aviation Sector
Security researchers at Proofpoint have uncovered a sophisticated cyber espionage campaign targeting aviation and satellite communications organizations in the United Arab Emirates. The campaign, attributed to a threat actor tracked as UNK_CraftyCamel, leveraged a compromised Indian electronics company to deliver…
Cisco Webex for BroadWorks Vulnerability Let Remote Attackers Access Data & Credentials
A newly disclosed vulnerability in Cisco Webex for BroadWorks Release 45.2 enables remote attackers to intercept sensitive credentials and user data when Session Initiation Protocol (SIP) communications lack encryption. This vulnerability, rated as low severity but with significant operational implications,…
WordPress Plugin Vulnerability Exposes 10,000 Sites to Code Execution Attacks
A critical security flaw in the GiveWP Donation Plugin tracked as CVE-2025-0912, has exposed over 100,000 WordPress websites to unauthenticated remote code execution (RCE) attacks. The vulnerability, scoring a maximum CVSS 9.8 (Critical) severity rating, originates from improper handling of…
U.S Treasury Sanctions Admin of Nemesis Darknet Marketplace
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sweeping sanctions today against Behrouz Parsarad, an Iran-based cybercriminal identified as the sole administrator of the Nemesis darknet marketplace. This move marks OFAC’s first recognition as a…