A sophisticated new variant of the XWorm malware has emerged in the wild, introducing advanced anti-analysis capabilities and enhanced evasion techniques that pose significant threats to Windows users worldwide. The latest iteration, designated XWorm V6.0, represents a substantial evolution from…
Tag: Cyber Security News
Threat Actors Allegedly Claim Access to Nokia’s Internal Network
A threat actor, Tsar0Byte, allegedly claimed to have breached the company’s internal network through a vulnerable third-party link, exposing sensitive data belonging to more than 94,500 employees. The alleged breach, reported on dark web forums including DarkForums, represents one of…
Palo Alto Networks to Acquire CyberArk in $25 Billion Deal
Palo Alto Networks, a leader in cybersecurity, announced today that it has agreed to acquire CyberArk, a company known for identity security, for about $25 billion. This move is expected to change the cybersecurity industry significantly. The deal marks Palo…
Threat Actors Weaponize LNK Files With New REMCOS Variant That Bypasses AV Engines
Cybercriminals are increasingly leveraging malicious Windows Shortcut (LNK) files to deploy sophisticated backdoors, with a new campaign delivering an advanced REMCOS variant that successfully evades traditional antivirus detection mechanisms. This multi-stage attack demonstrates the evolving sophistication of threat actors who…
Lazarus Subgroup ‘TraderTraitor’ Attacking Cloud Platforms and Poisoning Supply Chains
A sophisticated North Korean cyber espionage operation known as TraderTraitor has emerged as one of the most formidable threats to the global cryptocurrency ecosystem, conducting billion-dollar heists through advanced supply chain compromises and cloud platform infiltrations. Originally codnamed by the…
5 Email Attacks SOCs Cannot Detect Without A Sandbox
Even with Slack, Teams, and every new communication tool out there, email remains the top attack vector for businesses. Why? Because it’s familiar, trusted, and easy to exploit. One convincing message is all it takes and threats slip right past…
WordPress Theme RCE Vulnerability Actively Exploited to Take Full Site Control
A critical remote code execution (RCE) vulnerability in the popular “Alone” WordPress theme is being actively exploited by attackers to gain complete control of vulnerable websites. The vulnerability, assigned CVE-2025-5394 with a maximum CVSS score of 9.8, affects over 9,000…
Critical SonicWall SSL VPN Vulnerability Let Attackers Trigger DoS Attack on Firewalls
A critical vulnerability in SonicWall Gen7 firewall products could allow remote unauthenticated attackers to cause service disruptions through denial-of-service (DoS) attacks. The format string vulnerability tracked as CVE-2025-40600 affects the SSL VPN interface of multiple SonicWall firewall models and has…
15 Best Website Monitoring Tools in 2025
Website monitoring tools are essential for real-time tracking of websites’ performance, availability, and functionality. They help identify and resolve downtime, slow page load times, and broken links, ensuring an optimal user experience. These tools provide detailed analytics and reports, offering…
Global Authorities Shared IoCs and TTPs of Scattered Spider Behind Major VMware ESXi Ransomware Attacks
Joint international advisory warns of evolving social engineering tactics and new DragonForce ransomware deployment targeting commercial facilities A collaboration of international cybersecurity agencies issued an urgent updated advisory on July 29, 2025, highlighting the escalating threat posed by the Scattered…