ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics
Cybersecurity researchers have identified a phishing campaign by the North Korea-linked group ScarCruft (APT37) designed to distribute a malware called ...
Thursday, November 13, 2025
Tag: cyber security news today
WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices
WhatsApp has patched a security vulnerability (CVE-2025-55177) in its iOS and macOS apps, which may have been exploited in conjunction ...
Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations
Google has disclosed that recent attacks on Salesforce through Salesloft Drift are more extensive than initially believed, affecting all integrations. ...
Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials
The nx build system maintainers have warned users about a supply chain attack that resulted in the release of malicious ...
Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks
The financially motivated threat actor Storm-0501 is enhancing its tactics for data exfiltration and extortion in cloud environments, moving away ...
MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
Cybersecurity researchers have identified a sophisticated social engineering campaign, codenamed ZipLine by Check Point Research, targeting critical manufacturing companies with ...
CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three vulnerabilities affecting Citrix Session Recording and Git to its ...
⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More
Cybersecurity today is influenced by global politics, where a single breach can disrupt supply chains and alter power dynamics. Leaders ...
Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing
The advanced persistent threat (APT) group Transparent Tribe has been targeting Indian Government entities by exploiting both Windows and BOSS ...
GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets
Cybersecurity researchers are highlighting campaigns exploiting Redis servers through known vulnerabilities, notably CVE-2024-36401 (CVSS score: 9.8), leading to malicious activities ...
News Summarized. Time Saved. Bite-sized news briefs for busy people. No fluff, just facts.