Cybercriminals have begun exploiting the widespread popularity of CapCut, the dominant short-form video editing application, to orchestrate sophisticated phishing campaigns targeting Apple ID credentials and credit card information. This emerging threat demonstrates how attackers strategically leverage trending applications to enhance…
Tag: Cyber Security News
Threat Actors Employ Clickfix Tactics to Deliver Malicious AppleScripts That Steal Login Credentials
A sophisticated new malware campaign targeting macOS users has emerged, employing deceptive “Clickfix” tactics to distribute malicious AppleScripts designed to harvest sensitive user credentials and financial data. The campaign leverages typosquatted domains that closely mimic legitimate finance platforms and Apple…
MongoDB Server Pre-Authentication Vulnerability Let Attackers Trigger DoS Condition
A critical pre-authentication denial of service vulnerability was identified as CVE-2025-6709, affecting multiple versions of MongoDB Server across its 6.0, 7.0, and 8.0 release branches. Summary1. MongoDB CVE-2025-6709 allows unauthenticated attackers to crash servers (CVSS 7.5).2. Malicious JSON payloads with…
Windows 11 Retires Blue Screen of Death Error Replaces With Black Screen
Microsoft is retiring one of computing’s most recognizable error messages after nearly four decades. The iconic Blue Screen of Death (BSOD) that has haunted Windows users since the 1980s will be replaced with a streamlined Black Screen of Death as part…
Threat Actors Embed Malware on Windows System’s Task Scheduler to Maintain Persistence
A sophisticated cyber attack targeting critical national infrastructure in the Middle East has revealed how threat actors are leveraging Windows Task Scheduler to maintain persistent access to compromised systems. The attack involves a malicious variant of the Havoc framework, a…
ClickFix Attack Emerges by Over 500% – Hackers Actively Using This Technique to Trick Users
A sophisticated new social engineering technique called ClickFix has exploded across the cyberthreat landscape, experiencing an unprecedented surge of 517% between the second half of 2024 and the first half of 2025. This alarming growth has propelled ClickFix to become…
APT-C-36 Hackers Attacking Government Institutions, Financial Organizations, and Critical Infrastructure
Since 2018, the advanced persistent threat group APT-C-36, commonly known as Blind Eagle, has emerged as a formidable cyber adversary targeting critical sectors across Latin America. This sophisticated threat actor has demonstrated persistent focus on Colombian organizations, launching coordinated attacks…
Mitsubishi Electric AC Systems Vulnerability Allows Remote Control Without User Interaction
Mitsubishi Electric has disclosed a critical authentication bypass vulnerability affecting 27 different air conditioning system models, potentially allowing remote attackers to gain unauthorized control over building HVAC systems. The vulnerability, tracked as CVE-2025-3699, carries a maximum CVSS score of 9.8,…
WhatsApp to Add AI-Powered Message Summaries to Quickly Catch Your Messages
WhatsApp has unveiled a groundbreaking new feature that leverages artificial intelligence to help users quickly navigate their unread messages. The messaging platform announced on June 25, 2025, the introduction of Message Summaries, an AI-driven tool designed to provide instant overviews…
Iranian APT35 Hackers Attacking High-Profile Cyber Security Experts & Professors from Israel
A sophisticated spear-phishing campaign targeting Israeli cybersecurity experts and computer science professors has emerged amid escalating tensions between Iran and Israel. The Iranian threat group Educated Manticore, widely associated with the Islamic Revolutionary Guard Corps’ Intelligence Organization, has launched precision…