Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
Malicious npm package “https-proxy-utils” delivers AdaptixC2 and underscores open-source supply chain exposure
Security researchers at Kaspersky identified a malicious npm package, https-proxy-utils, masquerading as a proxy utility and abusing npm lifecycle scripts ...
TARmageddon (CVE-2025-62518): Critical Rust tar parsing flaw enables RCE in tokio‑tar and forks
Security researchers at Edera have disclosed a critical logic flaw in the abandoned Rust library async‑tar and multiple forks, including ...
PassiveNeuron zeros in on Windows Server: new APT wave leverages SQL abuse, Cobalt Strike, and custom implants
A newly observed campaign by the PassiveNeuron threat actor underscores a strategic pivot toward server-side targets. According to Kaspersky’s Global ...
Oracle VirtualBox on macOS ARM: Two CVEs Enable VM Escape, Patched in October 2025 CPU
Two vulnerabilities in Oracle VirtualBox, tracked as CVE-2025-62592 and CVE-2025-61760, can be chained to escape from a guest virtual machine ...
ColdRiver pivots to ClickFix: NoRobot and MaybeRobot replace LostKeys in stealthier social engineering campaigns
Google’s Threat Intelligence Group (GTIG) reports a rapid shift in the tradecraft of the Russian‑language threat actor ColdRiver—also tracked as ...
Google Adds “Recovery Contacts” to Gmail: A Human-Assisted, Phishing-Resistant Path to Account Recovery
Google is expanding Gmail account recovery with a new option called Recovery Contacts, a human-assisted mechanism that lets users designate ...
DNS0.eu Shuts Down: Impact on EU DNS Security and Migration Paths to DNS4EU and NextDNS
DNS0.eu has ceased operations, replacing its website with a brief notice: “The service is no longer running… maintaining it became ...
TP-Link Omada gateways hit by critical unauthenticated RCE; firmware updates available
TP-Link has disclosed four security issues affecting Omada series gateways, with two vulnerabilities enabling arbitrary command execution with root privileges. ...
China Alleges NSA Targeted National Time Service Center: What It Means for Critical Infrastructure
China’s Ministry of State Security (MSS) alleges the U.S. National Security Agency conducted targeted cyber operations against the National Time ...
PolarEdge Botnet Exploits Cisco CVE-2023-20118 to Build ORB-Style Proxy Network Targeting Cisco, ASUS, QNAP and Synology Devices
Security researchers have published a technical analysis of the PolarEdge botnet, a campaign actively observed since February 2025 and aimed ...
