Cyber Security News

The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the npm ecosystem by publishing more malicious packages that deliver the BeaverTail malware, as well as a new remote access trojan (RAT) loader. "These latest samples employ hexadecimal string encoding to evade automated detection systems and manual code audits, signaling a variation

A sophisticated new cyberattack chain dubbed “KongTuke” has been uncovered by cybersecurity researchers, targeting unsuspecting internet users through compromised legitimate websites. Detailed in a report by Bradley Duncan of Palo Alto Networks’ Unit 42 team, this attack leverages malicious scripts and fake CAPTCHA pages to hijack victims’ clipboards and potentially install unidentified malware. The findings The post “Clipboard Hijacking” A Fake CAPTCHA Leverage Pastejacking Script Via Hacked Sites To Steal Clipboard Data appeared first on Cyber Security News.

Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information. Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes for recent issues detected in a legitimate Python module called bitcoinlib, according to ReversingLabs. A third package discovered by Socket, disgrasya, contained a

A recently discovered set of vulnerabilities, dubbed “IngressNightmare,” found in Ingress NGINX Controller, exposing clusters to unauthenticated remote code execution (RCE). Kubernetes dominates container orchestration, but its prominence has made it a target for exploitation. In Kubernetes, Ingress serves as a sophisticated traffic management system, enabling external access to internal services. It comprises two core The post “IngressNightmare” Critical RCE Vulnerabilities in Kubernetes NGINX Clusters Let Attackers Gain Full Control appeared first on Cyber Security News.

Google has made a big move to fight cyber threats by announcing Sec-Gemini v1, an experimental AI model designed to revolutionize cybersecurity. Elie Burzstein and Marianna Tishchenko from the Sec-Gemini team unveiled a new AI model designed to help cybersecurity defenders tackle the growing complexity of cyber threats using advanced AI. In a blog post, The post Sec-Gemini v1 – Google Released a New AI Model for Cybersecurity appeared first on Cyber Security News.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-22457, a critical vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA Gateways, to its Known Exploited Vulnerabilities (KEV) Catalog. This stack-based buffer overflow, actively exploited since mid-March 2025, allows remote unauthenticated attackers to achieve remote code execution (RCE), threatening organizations using these VPN and The post CISA Adds Actively Exploits Ivanti Connect Secure Vulnerability in Known Exploited Catalog appeared first on Cyber Security News.

Microsoft celebrated its 50th anniversary on April 4, 2025, reflecting on its journey since Bill Gates and Paul Allen founded the company in 1975. The milestone event, held at Microsoft’s Redmond, Washington headquarters, blended nostalgia with cutting-edge AI advancements, particularly through its Copilot platform, while highlighting the transformative role of technology in gaming, education, and The post Microsoft Celebrates 50th Anniversary! appeared first on Cyber Security News.

Ivanti has disclosed a critical vulnerability, CVE-2025-22457, affecting its Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways products that are actively exploited in the wild. This stack-based buffer overflow flaw, with a CVSS score of 9.0, has been actively exploited since mid-March 2025, posing significant risks to organizations using these VPN and The post Ivanti Connect Secure RCE Vulnerability Actively Exploited in the Wild – Apply Patch Now! appeared first on Cyber Security News.

New end-to-end Gmail encryption alone isn't secure enough for an enterprise's most sensitive and prized data, experts say.

An old DNS switcheroo technique is still helping attackers keep their infrastructure alive. But is it really a pressing issue in 2025?

Hotel and casino operations for the Lower Sioux Indians have been canceled or postponed, and the local health center is redirecting those needing medical or dental care.

Cybersecurity search engines are specialized tools designed to empower professionals in identifying vulnerabilities, tracking threats, and analyzing data effectively. These platforms offer a wealth of information that generic search engines cannot provide, making them indispensable for cybersecurity researchers and professionals. Tools like Shodan and Censys help discover exposed devices and services on the internet, while The post 30 Best Cyber Security Search Engines In 2025 appeared first on Cyber Security News.

Endpoint management tools are critical for organizations to efficiently manage and secure devices such as desktops, laptops, mobile devices, and IoT systems. These tools provide centralized control, allowing IT teams to enforce security policies, deploy software updates, and monitor device health. They help streamline operations by automating tasks like patch management, software deployment, and compliance The post Top 20 Best Endpoint Management Tools – 2025 appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated attack campaign where threat actors impersonate recruitment professionals to distribute dangerous malware payloads. On November 29, 2024, threat actors were found impersonating Dev.to, a popular developer community, to distribute malicious code hidden within project files shared through BitBucket links. The attack represents a growing trend where threat actors exploit The post Beware of Weaponized Recruitment Emails that Deliver BeaverTail and Tropidoor Malware appeared first on Cyber Security News.