cybersecurity threats
-
Security Flaw Discovered in Gemini CLI Tool: Users Urged to Update
A serious security vulnerability in the Gemini CLI coding tool has been uncovered, enabling the execution of harmful commands on user devices. Users are urged to update to version 0.1.14 to mitigate risks.
-
Hackers Exploit SAP Vulnerability to Deploy Auto-Color Backdoor in Targeted Attack
Hackers exploited a critical SAP NetWeaver vulnerability to deliver the Auto-Color backdoor, targeting a U.S.-based chemicals company in April 2025.
-
New Choicejacking Attack Poses Threat to Smartphone Users at Public Chargers
Cybersecurity researchers have uncovered a new attack method called Choicejacking, which allows unauthorized access to smartphones through compromised public charging stations, often without users noticing. This development raises serious concerns about device security in public spaces.
-
Emergence of Chaos Ransomware Gang Poses New Threat in Cybersecurity Landscape
The Chaos ransomware gang, likely comprised of former BlackSuit members, has quickly made its mark in the cybercrime world, utilizing advanced techniques for cybersecurity threats and demanding significant ransoms from U.S. victims.
-
Cybercriminals Target Users with Malicious Fake Apps in New Mobile Malware Campaign
A new mobile malware campaign named SarangTrap is targeting users in South Korea with fake apps that steal personal information, underscoring ongoing threats posed by cybercriminals.
-
Tea Dating App Data Breach Gets Worse, Exposes More Private User Information
The Tea app faces a significant data breach, exposing 59 GB of user data, including sensitive personal messages and images, due to vulnerabilities in its security. Authorities and cybersecurity experts are investigating the matter as the company attempts to mitigate the fallout and protect affected users.
-
U.S. Sanctions North Korean Hacker Linked to Remote IT Worker Fraud Scheme
The U.S. Treasury has sanctioned North Korean hacker Song Kum Hyok for facilitating a fraudulent IT worker scheme targeting American companies. This move highlights concerns over North Korea’s cyber operations as key to generating revenue under international sanctions.
-
GLOBAL GROUP Ransomware Claims Breach of Media Giant Albavisión
The GLOBAL GROUP ransomware gang has claimed responsibility for breaching Albavisión, a major Spanish-language media conglomerate, stealing 400 GB of data and threatening to publish it if negotiations are not initiated within 15 days. This incident underscores the escalating risk of ransomware attacks against critical media and healthcare sectors.
-
Cybercrime Group Scattered Spider Targets VMware ESXi in Coordinated Attacks
Scattered Spider has intensified its attacks against VMware ESXi hypervisors in North America, employing advanced social engineering tactics that pose an acute risk to critical infrastructure. Google’s Mandiant team warns that organizations must adopt proactive security measures to defend against these targeted attacks.
-
Significant Vulnerabilities Discovered in Tridium’s Niagara Framework
Researchers have discovered multiple critical vulnerabilities in Tridium’s Niagara Framework, a platform widely used in building management, which could allow attackers to compromise systems on the same network. These vulnerabilities have high CVSS scores and can lead to unauthorized access and operational disruptions.
