Skip to content
cyber security news today

cyber security news today

Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT Malware

Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT Malware

Jun 17, 2025Ravie LakshmananMalware / Email Security Cybersecurity researchers are warning of a new phishing campaign that’s targeting users in Taiwan with malware families such as HoldingHands RAT and Gh0stCringe. The activity is part of… 

Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms

Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms

Jun 17, 2025Ravie LakshmananThreat Intelligence / Identity Security The notorious cybercrime group known as Scattered Spider (aka UNC3944) that recently targeted various U.K. and U.S. retailers has begun to target major insurance companies, according to… 

Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments

Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments

Jun 17, 2025Ravie LakshmananVulnerability / Enterprise Software Cybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained to achieve pre-authenticated remote code execution. Sitecore Experience Platform is… 

New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks

New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks

Jun 17, 2025Ravie LakshmananBotnet / Vulnerability Cybersecurity researchers have called attention to a new campaign that’s actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. “Attackers use the… 

TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert

TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert

Jun 17, 2025Ravie LakshmananNetwork Security / IoT Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw in TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, citing… 

Meta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 Announcement

Meta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 Announcement

Jun 17, 2025Ravie LakshmananPrivacy / Data Protection Meta Platforms on Monday announced that it’s bringing advertising to WhatsApp, but emphasized that the ads are “built with privacy in mind.” The ads are expected to be… 

U.S. Seizes .74M in Crypto Tied to North Korea’s Global Fake IT Worker Network

U.S. Seizes $7.74M in Crypto Tied to North Korea’s Global Fake IT Worker Network

The U.S. Department of Justice (DoJ) said it has filed a civil forfeiture complaint in federal court that targets over $7.74 million in cryptocurrency, non-fungible tokens (NFTs), and other digital assets allegedly linked to a… 

Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment

Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment

Jun 16, 2025Ravie LakshmananMalware / Ransomware An emerging ransomware strain has been discovered incorporating capabilities to encrypt files as well as permanently erase them, a development that has been described as a “rare dual-threat.” “The…