Cybersecurity researchers have discovered 13 serious security flaws in the Niagara Framework, a platform used to control smart building systems around the world. This framework, developed by Tridium, a Honeywell company, connects and manages critical building functions like HVAC, lighting, elevators, energy meters, and security systems. The impact of these flaws is massive. Niagara is … Continued
A new ransomware group called Chaos has recently launched a series of cyberattacks, raising serious concerns among cybersecurity experts. This group was first identified around February 2025, and investigators believe it is made up of former members of the BlackSuit or Royal ransomware gangs. The attackers are using a mix of old and new techniques … Continued
Two newly discovered malware campaigns named Soco404 and Koske are now targeting cloud servers to secretly mine cryptocurrency. These attacks are capable of infecting both Linux and Windows systems and are designed to abuse the computing power of cloud services without being noticed. The campaigns were uncovered by security teams from Wiz and Aqua, who … Continued
Hackers have found a new way to hide backdoors in WordPress websites by using something called MU-Plugins. This method is dangerous because it gives them admin-level access while staying hidden from the website owner. The tactic was recently discovered and is now raising alarms in the cybersecurity community. MU-Plugins, or Must-Use Plugins, are a special … Continued
A new cybercrime trend has surfaced in 2025, revealing that dark web hackers are now posing as underground travel agents. According to a report by Trustwave SpiderLabs, these actors are using stolen credit cards, airline miles, and hotel loyalty points to make real bookings, which they then sell at heavy discounts. This activity has transformed … Continued
The U.S. government has officially issued a warning about a dangerous wave of ransomware attacks linked to a cybercriminal group called Interlock. This alert was released by CISA in partnership with the FBI, Department of Health and Human Services (HHS), and MS-ISAC. The threat mainly targets businesses and critical infrastructure, especially in North America and … Continued
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after discovering that Chinese state-linked hackers are actively exploiting serious vulnerabilities in Microsoft SharePoint Server. These flaws, identified as CVE‑2025‑49704, CVE‑2025‑49706, and later CVE‑2025‑53770 and CVE‑2025‑53771, allow attackers to bypass authentication and remotely execute code on unpatched SharePoint servers. The exploitation of … Continued
A well-known Chinese state-sponsored hacking group, APT41, has been linked to a sophisticated cyberattack targeting an African government IT service provider. This marks the first time APT41 has been publicly reported operating in the African region, and cybersecurity experts believe it signals a strategic shift in their global operations. The attack was discovered by researchers … Continued
A new kind of cyber threat is slowly creeping into the world of artificial intelligence, and it’s more dangerous than we expected. Security researcher Hariharan Shanmugam has revealed that malicious implants are now being discovered inside AI components like models, images, and audio files. These implants are capable of carrying harmful code that hides inside … Continued
Microsoft has released an emergency security patch for a serious vulnerability in its SharePoint Server software. This flaw, tracked as CVE‑2025‑53770, is already being actively used by hackers to launch cyberattacks. The vulnerability allows attackers to run malicious code remotely, which could give them full access to affected systems. The issue affects on-premises versions of … Continued
