🚨8Base Ransomware Dark Web Site Seized @The_Cyber_News Read more: 🔴 Ransomware Gang affected over 1,000 victims worldwide 🔴 Attacks small to medium-sized businesses 🔴 8Base group employed a "double extortion" strategy #cybersecuritynews

Penetration Testers Arrested During Approved Physical Penetration Testing

@The_Cyber_News 💻 AnyDesk Vulnerability Exploit Allows Admin Access Through Wallpapers Read more: 📌 Vulnerability Let Attackers Gain Admin Privilege. 📌 Exploiting the handling of Windows background images. #cybersecurity

@The_Cyber_News 🔥 Brute Force Attack With 2.8 Million IPs Read more: 📌 Brute Force attack Leveraging 2.8 million IP addresses 📌 Actively targets edge security devices 📌 The attacks focus on edge devices critical for remote access, such as: 👉 VPN gateways (Palo Alto Networks GlobalProtect, SonicWall NetExtender) 👉 Firewalls (Ivanti, Fortinet) 👉 Routers and IoT appliances. #cybersecurity

@The_Cyber_News ⚠️ Unpatched Marvel Game RCE Exploit Full Report here: 📌 Allows Arbitrary Code Execution. 📌 When the Attacker is in the same wi-fi network. 📌 Leads to Take Over of PCs & PS5s #cybersecurity #vulnerability

@The_Cyber_News Cybersecurity Weekly Brief: Latest on Attacks, Vulnerabilities, & Data Breaches Read more: #cybersecurity

🚨 IIS Servers Hacked to Deploy BadIIS Malware More Details: ⚠️ 35+ IIS Servers Hacked. 📌 BadIIS Manipulate HTTP responses 📌 Operating in two modes 📌 SEO Fraud Mode 📌 Injector Mode #cybersecurity #windows #malware

@The_Cyber_News Trimble Cityworks RCE Vulnerability Exploited to Hack IIS Servers Read more: ↪️ Trimble Cityworks RCE CVE-2025-099 ↪️ Arbitrary code on IIS ↪️ Version Prioe to 15.8.9 are Vulnerable ↪️ updated versions of Cityworks (15.8.9 and 23.10 #cybersecurity

@The_Cyber_News HPE Alerts Employees of Data Breach After Russian Cyberattack More Details: ↪️ HPE data breach involving its Office 365 email environment ↪️ Hackers Gained Unauthorized access to email mailboxes ↪️ Exfiltrated sensitive data #cybersecurity #databreach

🚨 Hackers Attacking Web Login Pages of Popular Firewalls Read more: Attacks primarily originating from Brazil, are aimed at devices such as firewalls, VPNs, and IoT systems from vendors like Palo Alto Networks, Ivanti, and SonicWall.

@The_Cyber_News Microsoft Edge Vulnerabilities Let Attackers Execute Remote Code | More Details: 🚨 Remote Code Execution Vulnerabilities ↪️ CVE-2025-21342 ↪️ CVE-2025-21408 ↪️ CVE-2025-21283 ↪️ CVE-2025-21279 #cybersecurity #Microsoft

UK Order Apple to Create Backdoor for Encrypted iCloud Backups Read more: The UK government has reportedly issued a secret order to Apple, compelling the tech giant to create a backdoor for accessing encrypted iCloud backups globally. Apple’s Advanced Data Protection feature, introduced in 2022, provides end-to-end encryption for iCloud backups and other data categories, ensuring that even Apple cannot access this information. #icloud #cybersecurity

@The_Cyber_News DeepSeek iOS App Sending Data to ByteDance Controlled Server More Details: ↪️ Data Sent to China ↪️ Unencrypted Data Transmission ↪️ Weak Encryption Practices ↪️ Insecure Data Storage ↪️ Unencrypted Network Requests ↪️ Username, Password, and Encryption Keys Stored Insecurely #cybersecurity #DeepSeek

🍯 Splunk Unveils a New AI-Based Honeypot ���DECEIVE” to Log Attacker Activities More Details: Splunk, a leader in data analytics and cybersecurity solutions, has introduced a groundbreaking proof-of-concept honeypot system named DECEIVE (DECeption with Evaluative Integrated Validation Engine). This AI-powered tool is designed to simulate high-interaction systems with minimal setup effort, offering organizations an innovative way to monitor attacker behavior and gain insights into potential threats. Traditional honeypots often require extensive manual effort to set up realistic environments, including seeding them with user data, applications, and configurations. #splunk #cybersecurity

@The_Cyber_News OpenAI Data Breach: Threat Actor Allegedly Claims 20 Million Logins for Sale More Details: A threat actor has allegedly obtained the login information for 20 million OpenAI accounts, including passwords and email addresses. This claim was made on an underground forum, where the actor provided a sample of the data and offered the full batch for sale at a nominal price. The authenticity of these claims remains unverified, but the situation has raised significant concerns about data security in the AI industry. Terminates Contract with Italy Following Claims. #cybersecurity

@The_Cyber_News WhatsApp Zero-Click Paragon Spyware Terminates Contract with Italy Read more: Israeli spyware company Paragon Solutions has terminated its contract with Italy following allegations that its military-grade surveillance software, Graphite, was misused to target journalists and civil society members. The decision comes less than a week after WhatsApp revealed that the spyware had been deployed in a zero-click attack campaign targeting 90 individuals across two dozen countries, including seven in Italy. #cybersecurity

@The_Cyber_News DeepSeek Exposes Full System Prompt in New Jailbreak More Details: DeepSeek’s bias-based AI response logic extracts its hidden system prompt, revealing the model’s core operational instructions, with specialized inputs that confuse the model into bypassing its security restrictions. The attack proved highly effective, requiring minimal technical expertise to execute. The crafted specialized inputs confused the model into bypassing its security restrictions. #cybersecurity #jailbreak

@The_Cyber_News Weaponizing Windows Background Images to Gain Admin Access Read More: The vulnerability identified by CVE-2024-12754 and tracked by ZDI-24-1711 allows local attackers to exploit the handling of Windows background images to gain unauthorized access to sensitive system files, potentially escalating their privileges to administrative levels. The vulnerability resides in AnyDesk's mechanism for handling background images during session initiation. Specifically, when a new session is initiated, AnyDesk copies the current desktop background image into the C:\Windows\Temp directory. #cybersecurity #vulnerability

🚨 𝐌𝐚𝐥𝐰𝐚𝐫𝐞 𝐀𝐭𝐭𝐚𝐜𝐤𝐢𝐧𝐠 𝐔𝐬𝐞𝐫𝐬 𝐨𝐟 𝐈𝐧𝐝𝐢𝐚𝐧 𝐁𝐚𝐧𝐤𝐬 To Steal Aadhar, PAN, ATM & Credit Card PINs More Details: ↪️ Aadhar numbers ↪️ PAN cards ↪️ ATM PINs ↪️ Credit card details The malware is distributed through WhatsApp as APK files masquerading as legitimate government or banking applications. #cybersecurity #malware

🚨 242,000 Times Downloaded Malicious Apps from Android & iOS Store Contains Chinese Malware Read more: The infected apps, some of which were available on Google Play and the App Store, have been downloaded over 242,000 times. The SparkCat malware uses an OCR (Optical Character Recognition) plug-in built with Google’s ML Kit library to scan images in the device’s gallery for keywords related to cryptocurrency recovery phrases. #cybersecurity