In recent months, macOS users have faced a significant rise in password-stealing malware attacks. These threats, often distributed through malicious advertising and fake application installers, have become increasingly sophisticated. Three prominent malware types, “Atomic Stealer,” “Poseidon Stealer,” and “Cthulhu Stealer”…
Tag: Cyber Security News
Critical Cisco ISE Vulnerabilities Allow Arbitrary Command Execution Remotely
Cisco has disclosed two critical vulnerabilities in its Identity Services Engine (ISE) software that could allow authenticated, remote attackers to execute arbitrary commands, elevate privileges, and manipulate system configurations on affected devices. These vulnerabilities tracked as CVE-2025-20124 and CVE-2025-20125, have…
New Malware Attacking Users of Indian Banks To Steal Aadhar, PAN, ATM & Credit Card PINs
A recent cybersecurity threat has emerged in India, targeting users of various Indian banks with a sophisticated malware campaign. This campaign, discovered by the zLabs research team, involves nearly 900 malware samples designed to steal sensitive financial and personal data,…
242,000 Times Downloaded Malicious Apps from Android and iOS Stealing Crypto Keys
In a shocking revelation, researchers have uncovered a widespread malware campaign targeting both Android and iOS users. Dubbed “SparkCat,” this malicious operation involves apps embedded with a malicious SDK designed to steal recovery phrases for cryptocurrency wallets. The infected apps,…
BADBOX Botnet Infected Over 190,000 Android Devices Including LED TVs
A newly discovered botnet named BADBOX has been found to have infected over 190,000 Android devices, including high-end models like Yandex 4K QLED TVs. This botnet is particularly concerning due to its ability to infect devices potentially through pre-installed malware…
242,000 Times Downloaded Malicious Apps from Android and iOS Stealing Crypto Recovery Keys
In a shocking revelation, researchers have uncovered a widespread malware campaign targeting both Android and iOS users. Dubbed “SparkCat,” this malicious operation involves apps embedded with a malicious SDK designed to steal recovery phrases for cryptocurrency wallets. The infected apps,…
Hackers Using AI Agents To Validate Stolen Credit Cards
Hackers have begun leveraging AI agents to validate stolen credit cards, marking a new era in the sophistication of financial fraud. This trend highlights the evolving threat landscape where technology, once seen as a tool for security, is being repurposed…
CISA Adds Actively Exploited Linux Kernel Vulnerability to Known Exploited Vuln Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Linux kernel vulnerability, CVE-2024-53104, to its Known Exploited Vulnerabilities (KEV) Catalog, emphasizing its potential impact on systems worldwide. This vulnerability, classified as an out-of-bounds write issue, affects the USB…
Threat Actors Exploiting DeepSeek’s Rise To Fuel Cyber Attacks
The AI startup DeepSeek has gained significant attention in recent weeks for its advanced AI models, particularly the R1 reasoning model. However, this rapid rise to fame has also attracted the unwanted attention of cybercriminals, who are exploiting DeepSeek’s popularity…
Multiple IBM Cloud Pak Vulnerabilities Let Attackers Execute Remote Code
IBM has released critical security updates addressing multiple vulnerabilities in its Cloud Pak for Business Automation software. These vulnerabilities, if exploited, could allow attackers to access sensitive data, disrupt operations, or compromise system integrity. The fixes are part of the…