Cyber Security News

FortiGuard Labs, Fortinet’s AI-driven threat intelligence arm, has uncovered a series of malicious NPM packages designed to steal sensitive information from developers and target PayPal users. Detected between March 5 and March 14, 2025, these packages were published by a threat actor using the aliases “tommyboy_h1” and “tommyboy_h2,” believed to be the same individual. The The post Beware Developers! Malicious NPM Packages Targeting PayPal Users to Steal Sensitive Data appeared first on Cyber Security News.

RansomHub, a relatively newer player in the ransomware-as-a-service (RaaS) landscape, is experiencing significant internal turmoil after affiliates suddenly lost access to negotiation chat portals on April 1st, 2025. This disruption has forced affiliates to redirect victim communications to alternative platforms, including those belonging to competing ransomware groups, creating confusion in ongoing extortion attempts and potentially The post RansomHub Ransomware-as-a-service Facing Internal Conflict as Affiliates Lost Access to Chat Portals appeared first on Cyber Security News.

A critical vulnerability in NVIDIA’s Container Toolkit, CVE-2024-0132, remains exploitable due to an incomplete patch, endangering AI infrastructure and sensitive data. Coupled with a newly discovered denial-of-service (DoS) flaw in Docker on Linux, these issues could allow attackers to breach systems, steal proprietary AI models, or disrupt operations. Organizations using these tools for AI or The post NVIDIA’s Incomplete Patch for Critical Flaw Lets Attackers Steal AI Model Data appeared first on Cyber Security News.

Cybersecurity experts have detected a sophisticated campaign targeting energy sector companies, as the threat actor known as Sapphire Werewolf deploys an enhanced version of the Amethyst stealer malware. The campaign represents a significant evolution in the group’s capabilities, featuring advanced evasion techniques and expanded data exfiltration functionality. This malware deployment is part of a broader The post Sapphire Werewolf Enhances Toolkit With New Amethyst Stealer to Attack Energy Companies appeared first on Cyber Security News.

Google has announced the launch of Agent2Agent Protocol (A2A), a groundbreaking open protocol designed to enable AI agents to communicate with each other, securely exchange information, and coordinate actions across enterprise platforms. Revealed on April 9, 2025, the protocol marks a significant advancement in agent interoperability, with support and contributions from more than 50 technology The post Google Unveils A2A Protocol That Enable AI Agents Collaborate to Automate Workflows appeared first on Cyber Security News.

Fortinet has uncovered a sophisticated post-exploitation technique used by a threat actor to maintain unauthorized access to FortiGate devices, even after initial vulnerabilities were patched. The discovery, detailed in a recent Fortinet investigation, highlights the persistent risks of unpatched systems and underscores the company’s commitment to responsible transparency and rapid response. According to Fortinet’s findings, The post Hackers Actively Exploit Patched Fortinet FortiGate Devices to Gain Root Access Using Symbolic Link appeared first on Cyber Security News.

The “Active Directory Kill Chain Attack & Defense” concept is a structured approach to understanding the sequence of events or stages involved in an Active Directory (AD) attack and the corresponding defensive measures to counteract or prevent such attacks. Microsoft developed the service Active Directory for Windows domain networks for user and resource management in The post Active Directory Attack Kill Chain Checklist & Tools List- 2025 appeared first on Cyber Security News.

Microsoft has recently uncovered a sharp rise in ransomware attacks exploiting domain controllers (DCs) through Remote Desktop Protocol (RDP), with the average attack costing organizations $9.36 million in 2024. These sophisticated campaigns aim to cripple enterprises by encrypting critical systems by leverage DCs, the pivotal role of RDP, and practical defenses, based on Microsoft’s findings The post Hackers Exploiting Domain Controller to Deploy Ransomware Using RDP appeared first on Cyber Security News.

Businesses face significant hazards from ransomware attacks, which are capable of causing severe damage in a brief period. Over the past few years, numerous well-known companies, including CNA Financial, JBS Foods, and Colonial Pipeline, have fallen victim to such attacks, resulting in disruptions to insurance payments, food supplies, and fuel availability. These incidents have highlighted The post Ransomware Attack Prevention Checklist – 2025 appeared first on Cyber Security News.

Nations continue to sign the Code of Practice for States in an effort to curb commercial spyware, yet implementation and enforcement concerns have yet to be figured out.

The threat actor, also known as Goffee, has been active since at least 2022 and has changed its tactics and techniques over the years while targeting Russian organizations.

Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices was patched. The attackers are believed to have leveraged known and now-patched security flaws, including, but not limited to, CVE-2022-42475, CVE-2023-27997, and CVE-2024-21762. "A threat actor used a known

The most damaging attacks continue to be ransomware, but financial fraud claims are more numerous — and both are driven by increasing third-party breaches.

Cybercriminals have launched a sophisticated malware campaign targeting Android users through fake traffic violation messages on WhatsApp. The malware, disguised as “NextGen mParivahan,” mimics the official government application developed by the Ministry of Road Transport & Highways, which provides digital access to driving licenses, vehicle registration certificates, and other transport services. The attack begins with The post Beware of Fake mParivahan App Attacking Mobile Users Via WhatsApp to Steal Sensitive Data appeared first on Cyber Security News.

With $4.4 billion in worldwide data breach fines in 2024, the cost of not knowing who's walking into your systems is devastating.