Two significant Grafana vulnerabilities that could allow attackers to redirect users to malicious websites and execute arbitrary JavaScript code. The vulnerabilities, identified as CVE-2025-6023 and CVE-2025-6197, affect multiple versions of Grafana, including 12.0.x, 11.6.x, 11.5.x, 11.4.x, and 11.3.x branches. Both…
Tag: Cyber Security News
SharePoint 0-Day RCE Vulnerability Actively Exploited in the Wild to Gain Full Server Access
A sophisticated cyberattack campaign targeting Microsoft SharePoint servers has been discovered exploiting a newly weaponized vulnerability chain dubbed “ToolShell,” enabling attackers to gain complete remote control over vulnerable systems without authentication. Eye Security, a Dutch cybersecurity firm, identified the active…
New Veeam Themed Phishing Attack Using Weaponized Wav File to Attack users
A sophisticated phishing campaign targeting organizations has emerged, exploiting the trusted reputation of Veeam Software through weaponized WAV audio files delivered via email. The attack represents an evolution in social engineering tactics, combining traditional phishing techniques with audio-based deception to…
Chinese Threat Actors Using 2,800 Malicious Domains to Deliver Windows-Specific Malware
A sophisticated Chinese threat actor campaign has emerged as one of the most persistent malware distribution operations targeting Chinese-speaking communities worldwide. Since June 2023, this ongoing campaign has established an extensive infrastructure comprising more than 2,800 malicious domains specifically designed…
Snake Keylogger Evades Windows Defender and Scheduled Tasks to Harvest Login Credentials
A sophisticated phishing campaign targeting Turkish defense and aerospace enterprises has emerged, delivering a highly evasive variant of the Snake Keylogger malware through fraudulent emails impersonating TUSAŞ (Turkish Aerospace Industries). The malicious campaign distributes files disguised as contractual documents, specifically…
New QR Code Attack Via PDFs Evades Detection Systems and Harvest Credentials
A sophisticated phishing campaign dubbed “Scanception” has emerged as a significant threat to enterprise security, leveraging QR codes embedded in PDF attachments to bypass traditional email security measures and harvest user credentials. The attack represents a concerning evolution in social…
New CrushFTP 0-Day Vulnerability Exploited in the Wild to Gain Access to Servers
A critical zero-day flaw in the CrushFTP managed file-transfer platform was confirmed after vendor and threat-intelligence sources confirmed active exploitation beginning on 18 July 2025 at 09:00 CST. Tracked as CVE-2025-54309, the bug allows unauthenticated attackers to obtain full administrative…
Lumma Infostealer Steal All Data Stored in Browsers and Selling Them in Underground Markets as Logs
The cybersecurity landscape continues to face significant threats from sophisticated information stealers, with Lumma emerging as one of the most prevalent and dangerous malware families targeting both consumer and enterprise environments. This malicious software systematically harvests enormous volumes of sensitive…
CISA Warns of Fortinet FortiWeb SQL Injection Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Fortinet FortiWeb vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation of the SQL injection flaw in cyberattacks worldwide. The vulnerability, tracked as CVE-2025-25257, affects Fortinet’s…
Google Sued BadBox 2.0 Malware Botnet Operators That Infects 10 Million+ Devices
Google has filed a lawsuit in New York federal court against the operators of the BadBox 2.0 botnet, marking a significant escalation in the tech giant’s fight against cybercriminal networks. The malware campaign represents the largest known botnet of internet-connected…