The cybersecurity landscape faces a renewed threat as the GOLD BLADE cybercriminal group has significantly evolved their attack methodology, combining previously observed techniques to create a sophisticated infection chain. This new campaign, which surged in July 2025, leverages malicious LNK…
Tag: Cyber Security News
Chinese Companies Linked With Hackers Filed Patents Over 10+ Forensics and Intrusion Tools
Cybersecurity researchers have uncovered more than 10 patents for highly intrusive forensics and data collection technologies filed by Chinese companies directly linked to state-sponsored hacking operations, according to a new report from SentinelLABS released this week. The patents, registered by…
UNC2891 Threat Actors Hacked ATM Networks Using 4G Raspberry Pi Device
A financially motivated threat group known as UNC2891 orchestrated a sophisticated attack on banking infrastructure by physically installing a 4G-equipped Raspberry Pi device directly into an ATM network, security researchers from Group-IB revealed this week. The campaign represents a rare…
Bangalore Techie Arrested in Connection With the $44 Million CoinDCX Hack
The Bangalore-based software engineer Rahul Agarwal, an employee of prominent crypto exchange CoinDCX, was arrested in connection with a massive $44 million (approximately Rs 379 crore) theft. The Whitefield CEN crime police detained Agarwal on July 26 following an extensive…
20 Best Kubernetes Monitoring Tools in 2025
Kubernetes monitoring tools are essential for maintaining the health, performance, and reliability of Kubernetes clusters. These tools provide real-time visibility into the state of clusters, nodes, and pods, allowing administrators to identify and resolve issues quickly. They offer detailed metrics…
Microsoft SharePoint Server 0-Day Hack Hits African Treasury, Companies, and University
A sophisticated cyberattack exploiting a zero-day vulnerability in Microsoft SharePoint servers has compromised over 400 entities globally, with significant impact across African nations including South Africa and Mauritius. The attack specifically targets on-premise SharePoint installations, exploiting previously unknown security flaws…
OAuth2-Proxy Vulnerability Enables Authentication Bypass by Manipulating Query Parameters
A critical security vulnerability has been identified in OAuth2-Proxy, a widely-used reverse proxy that provides authentication services for Google, Azure, OpenID Connect, and numerous other identity providers. The vulnerability, designated as CVE-2025-54576, enables attackers to bypass authentication mechanisms by manipulating…
Critical CrushFTP 0-Day RCE Vulnerability Technical Details and PoC Released
A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable servers. The flaw, tracked as CVE-2025-54309 and scoring a critical 9.8 on the CVSS scale, stems from a fundamental breakdown…
APT Hackers Attacking Maritime and Shipping Industry to Launch Ransomware Attacks
The maritime industry, which facilitates approximately 90% of global trade, has emerged as a critical battleground for advanced persistent threat (APT) groups deploying sophisticated ransomware campaigns. This surge in cyber warfare represents a paradigm shift where state-sponsored hackers and financially…
ChatGPT, Gemini, GenAI Tools Vulnerable to Man-in-the-Prompt Attacks
A critical vulnerability affecting popular AI tools, including ChatGPT, Google Gemini, and other generative AI platforms, exposes them to a novel attack vector dubbed “Man-in-the-Prompt.” The research reveals that malicious browser extensions can exploit the Document Object Model (DOM) to…