The North Korean state-sponsored hacking group APT37 (aka ScarCruft, Reaper), has been identified leveraging group chat platforms to distribute malicious LNK files. This latest tactic highlights the group’s evolving methods to infiltrate systems and exfiltrate sensitive data. APT37’s recent campaign…
Tag: Cyber Security News
Parrot 6.3 Released With Improved Security & New Hacking Tools
ParrotOS, the cybersecurity-focused Linux distribution, has recently released its latest update, Parrot 6.3, which includes a number of new features, performance improvements, and updated tools to enhance the user experience. This release is designed to make ParrotOS faster, more stable,…
5 Best Infrastructure as Code (IaC) Vulnerability Scanning Tools in 2025
As organizations increasingly adopt Infrastructure as Code (IaC) to automate and manage their cloud environments, ensuring the security of these configurations has become a critical priority. IaC allows teams to define infrastructure using code, enabling rapid deployment and scalability, but…
Devil-Traff – New Malicious Bulk SMS Portal That Fuels Phishing Attacks
A new threat to cybersecurity has emerged in the form of Devil-Traff, a bulk SMS platform designed to facilitate large-scale phishing campaigns. Leveraging advanced features such as sender ID spoofing, API integration, and support for malicious content, this platform has…
10 Best Web Application Firewall (WAF) – 2025
A Web Application Firewall (WAF) is a security solution designed to protect web applications by monitoring, filtering, and blocking malicious HTTP/S traffic. Operating at the OSI model’s application layer (Layer 7), a WAF acts as a reverse proxy between users…
New Windows 11 (x64) Modern Kernel Race Conditions Uncovered – PoC Released
A sophisticated race condition vulnerability affecting Windows 11 (x64) kernel operations, highlighting ongoing concerns about kernel-level security in modern operating systems. These race conditions, which stem from the operating system’s inability to synchronize shared resources during concurrent operations properly, could…
New Process Hollowing Attack Vectors Uncovered in Windows 11 (24H2)
The recent release of Windows 11 version 24H2 has introduced a range of new features and updates, but it has also raised significant cybersecurity concerns. A longstanding malware technique known as Process Hollowing or RunPE has encountered compatibility issues on…
Weekly Cybersecurity Update: Recent Cyber Attacks, Vulnerabilities, and Data Breaches
Welcome to this week’s Cybersecurity Newsletter, which presents the latest updates and key insights from the continuously evolving domain of cybersecurity. In the fast-paced digital environment of today, it is imperative to remain informed, and our objective is to provide…
National Change Your Password Day! – CISA Recommends to Enable MFA
February 1 marks National Change Your Password Day, a timely initiative to combat escalating cyber risks by promoting stronger password practices. With hacking incidents surging globally, the Cybersecurity and Infrastructure Security Agency (CISA) emphasizes the critical role of multi-factor authentication (MFA) in safeguarding digital accounts. Despite annual reminders to update…
WantToCry Ransomware Exploits SMB Vulnerabilities to Remotely Encrypts NAS Drives
The notorious WantToCry ransomware group leverages misconfigured Server Message Block (SMB) services to infiltrate networks and launch widespread attacks. The weaknesses in SMBs, such as weak credentials, outdated software, and poor security configurations, are providing attackers with an easy entry…