Breaking (Cyber) News

Keep abreast of breaking cyber security news and evolution in the cyber threat landscape

RSS The Hacker News
  • ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion
    Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing over access to double extortion ransomware gangs like CACTUS. The IAB has been assessed with medium confidence to be a financially motivated threat actor, scanning for vulnerable systems and deploying a custom malware called LAGTOY (aka […]
  • North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
    North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process. "In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry—BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co)—to spread
  • New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework
    Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution.  "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue," ReliaQuest said in a report published this […]
RSS SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability | CSO Online
  • SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability
    Attackers have been exploiting a critical zero-day vulnerability in the Visual Composer component of the SAP NetWeaver application server since early this week. SAP released an out-of-band fix that’s available through its support portal and it should be applied immediately, especially on systems that are directly exposed to the internet. “Unauthenticated attackers can abuse built-in […]
  • Proof-of-concept bypass shows weakness in Linux security tools, claims Israeli vendor
    An Israeli vendor was able to evade several leading Linux runtime security tools using a new proof-of-concept (PoC) rootkit that it claims reveals the limitations of many products in this space.  The work of cloud and Kubernetes security company Armo, the PoC is called ‘Curing’, a portmanteau word that combines the idea of a ‘cure’ […]
  • Die Bösen kooperieren, die Guten streiten sich
    Eine Koalition einflussreicher CISOs sieht den G7-Gipfel 2025 als ideale Gelegenheit, die G7- und OECD-Mitgliedsstaaten zu einer stärkeren Zusammenarbeit und Harmonisierung der Cybersicherheitsvorschriften zu bewegen.Maxx-Studio – shutterstock.com Da Cyberangriffe immer weiter zunehmen und internationale Banden vermehrt miteinander kooperieren, bedarf es einer stärkeren, grenzüberschreitenden Zusammenarbeit der „Guten“. Das zumindest behaupten Führungskräfte namhafter Unternehmen wie Salesforce, Microsoft, […]
RSS Sophos News
RSS GBHackers Security | #1 Globally Trusted Cyber Security News Platform
  • Two Systemic Jailbreaks Uncovered, Exposing Widespread Vulnerabilities in Generative AI Models
    Two significant security vulnerabilities in generative AI systems have been discovered, allowing attackers to bypass safety protocols and extract potentially dangerous content from multiple popular AI platforms. These “jailbreaks” affect services from industry leaders including OpenAI, Google, Microsoft, and Anthropic, highlighting a concerning pattern of systemic weaknesses across the AI industry. Security researchers have identified […]
  • New AI-Generated ‘TikDocs’ Exploits Trust in the Medical Profession to Drive Sales
    AI-generated medical scams across TikTok and Instagram, where deepfake avatars pose as healthcare professionals to promote unverified supplements and treatments. These synthetic “doctors” exploit public trust in the medical field, often directing users to purchase products with exaggerated or entirely fabricated health claims. With advancements in generative AI making deepfakes increasingly accessible, experts warn that […]
  • Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware
    The cybersecurity landscape faces an escalating crisis as AgeoStealer joins the ranks of advanced infostealers targeting global gaming communities. Documented in Flashpoint’s 2025 Global Threat Intelligence Report, this malware strain exploits gaming enthusiasts’ trust through socially engineered distribution channels, leveraging double-layered encryption, sandbox evasion, and real-time data exfiltration to compromise credentials at scale. With infostealers […]

Join Our Newsletter