Cybersecurity News

Security researchers at Check Point have uncovered an advanced variant of the Banshee information stealer malware specifically engineered to target macOS users. This sophisticated evolution demonstrates significantly enhanced security evasion capabilities and exhibits a broader targeting scope, marking a concerning development in the macOS threat landscape. Evolution and Capabilities of the Banshee Malware First emerging … Read more

A significant security concern has emerged for Docker Desktop users on macOS platforms, with users reporting system security warnings blocking application launches since January 7, 2024. After thorough investigation, cybersecurity experts have confirmed these alerts as false positives, though the underlying issue requires immediate attention from affected users. Understanding the Technical Root Cause The core … Read more

Trend Micro researchers have uncovered a sophisticated malware campaign leveraging the recent attention surrounding the LDAPNightmare vulnerability (CVE-2024-49113). Threat actors are distributing information-stealing malware through a fraudulent proof-of-concept (PoC) exploit repository on GitHub, masquerading as legitimate security research published by SafeBreach Labs in early 2025. Technical Analysis of the Malware Distribution Chain The attack begins … Read more

The Federal Bureau of Investigation (FBI) has successfully concluded a large-scale operation to remove the sophisticated PlugX malware from 4,258 compromised computers. This significant cybersecurity initiative, conducted in collaboration with French law enforcement and cybersecurity firm Sekoia, marks a crucial victory in the ongoing battle against state-sponsored cyber threats. Understanding PlugX: A Persistent Advanced Threat … Read more

Security researchers at Halcyon have unveiled a sophisticated ransomware technique that exploits Amazon Web Services’ (AWS) legitimate encryption functionality. This novel attack vector, attributed to a threat actor known as Codefinger, weaponizes the Server-Side Encryption with Customer Provided Keys (SSE-C) feature to hold corporate data hostage in Amazon S3 storage buckets. Technical Analysis of the … Read more

Security researchers at Trufflesecurity have uncovered a significant vulnerability in Google’s OAuth authentication system that poses a severe risk to former employees of defunct startups. The security flaw enables malicious actors to gain unauthorized access to sensitive corporate data through the “Sign in with Google” feature, potentially affecting millions of user accounts across popular SaaS … Read more

Microsoft’s Digital Crimes Unit (DCU) has uncovered a sophisticated cyber attack campaign targeting artificial intelligence services, where threat actors leveraged stolen credentials to gain unauthorized access to generative AI platforms. The operation revealed a complex scheme designed to monetize access to AI tools by providing malicious actors with capabilities to generate harmful content. Attack Vector … Read more

A significant cybersecurity incident has emerged as the hacking group Belsen Group released sensitive data from over 15,000 FortiGate devices on the dark web. The breach exposes critical security configurations, VPN credentials, and IP addresses, presenting substantial risks to affected organizations’ network infrastructure and data security. Breach Analysis and Impact Assessment The leaked archive, measuring … Read more

Security researchers at c/side have uncovered a sophisticated cyber attack campaign targeting WordPress websites, with over 5,000 sites already compromised. The attackers are employing advanced techniques to infiltrate vulnerable WordPress installations and exfiltrate sensitive data, presenting a significant threat to website owners and their users. Attack Vector and Compromise Indicators The attack chain begins with … Read more

Cybersecurity researchers at FACCT have uncovered a sophisticated phishing campaign targeting defense and industrial enterprises. The operation, attributed to the advanced persistent threat (APT) group Sticky Werewolf (also known as PhaseShifters), demonstrates an evolution in tactics by impersonating government officials to compromise critical infrastructure targets. Sophisticated Social Engineering Tactics Revealed On January 13, 2025, security … Read more