Cybersecurity News
Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.
North Korean APT UNC5342 weaponizes EtherHiding to deliver malware via smart contracts
Google’s Threat Intelligence Group (GTIG) has linked North Korean threat actor UNC5342 to a new wave of attacks that, since ...
FBI Seizes BreachForums Domain as Salesforce‑Linked Extortion Persists: What Organizations Need to Know
The FBI has formally seized the Breachforums[.]hn domain, one of the most active cybercrime forums used in 2025 for leaking ...
Windows 11 updates disrupt HTTP/2 on localhost (127.0.0.1): what broke and how to mitigate
Windows 11 users report that recent updates—October cumulative KB5066835 and the September preview KB5065789—cause localhost instability by breaking HTTP/2 connections ...
F5 discloses state‑sponsored intrusion impacting BIG‑IP development environment; 44 vulnerabilities fixed
F5 has disclosed a cybersecurity incident attributed to a state‑sponsored threat actor that maintained persistent access to segments of its ...
Rust-Based ChaosBot Leverages Discord C2, LNK Phishing, and WMI to Evade Enterprise Defenses
Threat researchers at eSentire have identified a new backdoor dubbed ChaosBot, written in Rust and using Discord as command-and-control (C2). ...
AMD fixes “RMPocalypse” (CVE-2025-0033): race condition threatens SEV‑SNP memory isolation
AMD has released patches for “RMPocalypse” (CVE-2025-0033), a vulnerability that can undermine the confidentiality and integrity guarantees of Secure Encrypted ...
Operation ZeroDisco: Active Exploitation of Cisco IOS/IOS XE CVE-2025-20352 via SNMP
Threat researchers at Trend Micro have documented Operation ZeroDisco, a targeted campaign abusing the recently patched but widely exploited CVE-2025-20352 ...
GreyNoise: Coordinated RDP Attacks in the U.S. Driven by 100,000-IP Botnet
GreyNoise is tracking a new surge of Remote Desktop Protocol (RDP) activity targeting U.S. networks, driven by a botnet exceeding ...
Beamglea Campaign Exploits npm and unpkg to Evade Email and Web Filters
Threat actors behind the Beamglea campaign are co‑opting trusted JavaScript infrastructure—specifically the npm registry and the unpkg content delivery network—to ...
SonicWall confirms unauthorized access to MySonicWall cloud configuration backups
SonicWall has confirmed that attackers gained unauthorized access to cloud-stored firewall configuration backups associated with the MySonicWall portal, affecting all ...
