A severe privilege escalation vulnerability has been discovered in Notepad++ version 8.8.1, potentially exposing millions of users worldwide to complete system compromise. The flaw, designated CVE-2025-49144, allows attackers to gain SYSTEM-level privileges through a technique known as binary planting, with…
Tag: Cyber Security News
Critical Teleport Vulnerability Let Attackers Remotely Bypass Authentication Controls
A critical vulnerability, designated as CVE-2025-49825 that enables attackers to remotely bypass authentication controls in Teleport, a popular secure access platform. The vulnerability affects multiple versions of Teleport infrastructure, prompting immediate security updates across all deployment environments. Cloud customers have…
UAC-0001 Hackers Attacking ICS Devices Running Windows Systems as a Server
Ukrainian government agencies have fallen victim to a sophisticated cyberattack campaign orchestrated by the UAC-0001 group, also known as APT28, targeting industrial control systems (ICS) devices running Windows operating systems as servers. The attacks, which occurred between March and April…
New Echo Chamber Attack Jailbreaks Most AI Models by Weaponizing Indirect References
A sophisticated new jailbreak technique that defeats the safety mechanisms of today’s most advanced Large Language Models (LLMs). Dubbed the “Echo Chamber Attack,” this method leverages context poisoning and multi-turn reasoning to guide models into generating harmful content without ever…
McLaren Health Care Data Breach Exposes 743,000 People Personal Information
McLaren Health Care, a major healthcare organization based in Grand Blanc, Michigan, has disclosed a significant data breach that compromised the personal information of 743,131 individuals nationwide. The breach notification, filed with the Office of the Maine Attorney General, reveals…
Hands-on Cybersecurity Threat Hunting Guide for SOC Analysts and MSSPs
This comprehensive guide provides SOC analysts and MSSP teams with practical threat hunting techniques using advanced threat intelligence platforms. Modern threat actors continuously develop sophisticated evasion techniques, making traditional detection methods insufficient for comprehensive security operations. The strategies outlined here…
Steelmaker Nucor Hacked – Attackers Gained Unauthorized Access to IT Systems
Charlotte-based steel giant Nucor Corporation disclosed a significant cybersecurity incident where threat actors gained unauthorized access to the company’s information technology infrastructure. The breach prompted temporary production shutdowns across multiple facilities as the company implemented emergency containment protocols and engaged…
Hackers Allegedly Selling Intelbras Router 0-Day Exploit on Hacker Forums
A notorious threat actor has allegedly listed a previously unknown—or “0day”—exploit for Intelbras routers on a prominent hacker forum. This exploit poses significant risks for many users and organizations that rely on Intelbras hardware for their networking needs. The sale…
Microsoft Defender for Office 365 to Provide Detailed Results for Spam, Phishing or Clean Emails
Microsoft is set to revolutionize email security transparency with the introduction of AI-powered explanations for email submission results in Microsoft Defender for Office 365. This groundbreaking feature, leveraging large language models (LLMs), will provide clear, human-readable rationales for why messages…
Linux Firewall IPFire 2.29 Core Update 195 Released With VPN Protocol Support
IPFire has released Core Update 195 for version 2.29, marking a significant milestone with the introduction of native WireGuard VPN protocol support. This highly anticipated update transforms the open-source firewall distribution by integrating modern VPN capabilities alongside comprehensive security enhancements…