Subscribe
Wednesday, May 6, 2026
type here...
Subscribe
HomeCyber News

Cyber News

Cyber Criminals Actively Exploiting Cloudflare Tunnels for Sophisticated Attacks

Security analysts are sounding the alarm as cybercriminals increasingly weaponize Cloudflare tunnels, leveraging the popular cloudflared tool to orchestrate stealthy, persistent attacks on enterprise networks. Once a go-to utility for secure remote access and frictionless web app deployments, Cloudflared is now at the heart of an...
Read more

APT Hackers Using TOUGHPROGRESS Malware to Exploits Google Calendar for C2 – Google Warns

In a new wave of sophisticated cyberattacks, Google’s Threat Intelligence Group (GTIG) has raised the alarm over a campaign orchestrated the China-linked APT41 (also known as HOODOO). The attackers are using a custom malware dubbed TOUGHPROGRESS, ingeniously manipulating Google Calendar as its command-and-control (C2) channel—a...
Read more

Critical Roundcube Vulnerability Allow Attackers Execute Arbitrary Code Remotely

The developers of Roundcube Webmail, one of the world’s most popular open-source webmail platforms, have released urgent security updates in versions 1.6.11 and 1.5.10 to address a critical remote code execution (RCE) vulnerability. The flaw, reported by security researcher firs0v, could allow authenticated attackers to execute...
Read more

Hackers Actively Exploiting Critical vBulletin Vulnerability in the Wild

A newly disclosed and actively exploited unauthenticated Remote Code Execution (RCE) vulnerability in vBulletin forum software threatens thousands of online communities worldwide. The flaw, impacting vBulletin versions 5.0.0 through 6.0.3, allows attackers to execute arbitrary commands on vulnerable servers, posing a severe risk to...
Read more

Hackers Distribute Fake CAPTCHA Campaigns that Trick User to  Install Rust- Based InfoStealer

Cybersecurity researchers at Elastic Security Labs have uncovered a sophisticated campaign leveraging fake CAPTCHA verification pages to disseminate a sophisticated, Rust-based infostealer known as EDDIESTEALER. This novel malware showcases the continued professionalization and technical evolution among cybercriminals, exploiting user trust in familiar verification systems to facilitate the...
Read more

North Korean IT Workers Bypass EDR By Abusing Legitimate Software & Network Behaviors

In mid-2024, investigators uncovered a sophisticated operation where North Korean IT workers, using false identities to get hired by Western companies, stealthily bypassed robust Endpoint Detection and Response (EDR) systems by exploiting standard remote work tools and overlooked network behaviors. Instead of using traditional malware,...
Read more

About us

The Cyber News is an online community for security professionals. It features articles from top security researchers, CISOs, and technology experts.

Company

The latest

Burp Suite Supercharges Its Scanning Capabilities With React2Shell Vulnerability Detection

Cybersecurity News 0
PortSwigger has leveled up Burp Suite's scanning arsenal with...

Malicious MCP Servers Enable New Prompt Injection Attack To Drain Resources

Cybersecurity News 0
Unit 42 researchers at Palo Alto Networks exposed serious...

Law Enforcement Detains Hackers Equipped With Specialized Flipper Hacking Tools

Cyber News 0
Polish police have arrested three Ukrainian men traveling through...

Subscribe

© 2025 the Cyber News