The eruption of widespread protests across Nepal in early September 2025 provided fertile ground for a sophisticated campaign orchestrated by the Sidewinder APT group. As demonstrators mobilized against government policies and social media restrictions, threat actors exploited the turbulence to…
Tag: Cyber Security News
Hackers Using Generative AI ‘ChatGPT’ to Evade Anti-virus Defenses
In mid-July 2025, a novel campaign emerged in which cybercriminals weaponized generative AI to fabricate deepfake images of government IDs, embedding them within spear-phishing messages that bypassed traditional antivirus safeguards. These emails impersonated military and security institutions, complete with convincing…
Burger King Uses DMCA Complaint to Take Down Blog Post Detailing Security Flaws on Drive-Thru Systems
Burger King has invoked the U.S. Digital Millennium Copyright Act (DMCA) to force the removal of a security researcher’s blog post that exposed critical vulnerabilities in its drive-thru “Assistant” system. The move has caused a debate over the use of…
Microsoft Fixes Windows 11 24H2 Audio Issue that Stops Bluetooth Headsets and Speakers Working
Microsoft has resolved a significant audio bug in Windows 11 version 24H2 that prevented Bluetooth headsets and speakers from functioning correctly on certain devices. The issue, which first appeared in December 2024, has now been fixed through a new driver…
BlackNevas Ransomware Encrypts Files and Steals Sensitive Data From Affected Companies
The BlackNevas ransomware group has emerged as a significant threat since November 2024, continuously launching devastating attacks against businesses and critical infrastructure organizations across Asia, North America, and Europe. This sophisticated malware operation combines file encryption with data theft tactics,…
Microsoft Confirms 900+ XSS Vulnerabilities Found in IT Services, Ranging from Low Impact to Zero-Click
Of all the vulnerabilities that plague modern applications, Cross-Site Scripting (XSS) is one of the oldest and most persistent. Despite being a known threat for over two decades, XSS continues to appear in everything from legacy systems to new, cloud-native…
Top 10 Best Endpoint Protection Solutions For MSPs/MSSPs in 2025
In the complex and rapidly evolving world of cybersecurity, Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) stand as the crucial first line of defense for a diverse array of clients. From small businesses to large enterprises, client…
New SEO Poisoning Attacking Windows Users With Weaponized Software Sites
In August 2025, security researchers uncovered a sophisticated SEO poisoning campaign targeting Chinese-speaking Windows users. By manipulating search result rankings with tailored SEO plugins and registering lookalike domains, attackers successfully masqueraded malicious software download sites as legitimate providers. Victims searching…
New Red Teaming Tool “Red AI Range” Discovers, Analyze, and Mitigate AI Vulnerabilities
Red AI Range (RAR), an open-source AI red teaming platform, is transforming the way security professionals assess and harden AI systems. Designed to simulate realistic attack scenarios, RAR streamlines the discovery, analysis, and mitigation of AI-specific vulnerabilities by leveraging containerized…
Mustang Panda With SnakeDisk USB Worm and Toneshell Backdoor Seeking to Penetrate Air-Gap Systems
The cybersecurity landscape witnessed a significant escalation in July 2025 when the China-aligned threat actor Hive0154, commonly known as Mustang Panda, deployed sophisticated new malware variants designed to breach air-gapped systems. This advanced persistent threat group introduced SnakeDisk, a novel…