1-855-263-7328
Security Portal Login
1-855-263-7328
Security Portal Login

Author: InfoSec News

Samsung Patches Zero-Day

Screenshot 2025 09 13 224336 1

Samsung has released an emergency security patch for a critical zero-day vulnerability (CVE-2025-21043) affecting Android 13 and newer devices. The flaw was actively exploited and reported by Meta/WhatsApp in August, highlighting the growing use of image-based exploits targeting mobile ecosystems. The vulnerability is located in libimagecodec.quram.so, an image parsing library developed by Quramsoft. It is […]

India Becomes Global Malware Target

Screenshot 2025 09 12 230158

India has rapidly digitized over the last decade, becoming a hub for digital payments, e-commerce, and online services. That growth has also made it one of the top targets for cybercriminals. A recent report shows India now leads the world in malware attacks, outpacing many other major economies. Attackers are using AI-driven ransomware and phishing […]

Apple Warns Of Spyware Attacks

Screenshot 2025 09 12 225105

Apple has raised the alarm about mercenary spyware tools being used to target both individuals and organizations. These threats are developed by private actors and used by governments or criminal groups to stealthily extract sensitive information from devices. Mercenary spyware tools often exploit zero-day vulnerabilities to bypass security controls. Once installed they can access messages, […]

New Malware Exploits

Screenshot 2025 09 12 224836

Security researchers have discovered a malware campaign that leverages Microsoft Azure Functions to host its command and control (C2) infrastructure. By abusing a legitimate cloud service, attackers are able to mask their activity, evade traditional security defenses, and maintain persistence within targeted environments. Azure Functions, which allow developers to run lightweight applications without managing servers, […]

NVIDIA NVDebug Tool

Screenshot 2025 09 11 213101

Security researchers have uncovered a critical flaw in the NVIDIA NVDebug Tool that could allow attackers to escalate privileges on affected systems. The vulnerability gives threat actors elevated access, enabling them to bypass standard security controls and potentially gain full control of devices. The issue stems from improper privilege handling within the debugging tool, which […]

Fake Browser Extensions

Screenshot 2025 09 11 212634

Cybersecurity researchers have discovered a new wave of malicious browser extensions disguised as Madgicx Plus and SocialMetrics targeting Meta Business accounts. These extensions trick users into installing them, then give attackers unauthorized access to advertising accounts, financial data, and sensitive business information. How the Attack Works The fake extensions mimic legitimate marketing and analytics tools, […]

Microsoft Issues Warning

Screenshot 2025 09 10 223004

Microsoft has issued a critical warning about a newly discovered vulnerability in Active Directory Domain Services (AD DS) that allows attackers to escalate privileges within enterprise networks. This flaw poses a severe risk to organizations that rely on Active Directory as the foundation for identity and access management infrastructure. What You Need to Know The […]

Salty2FA Phishing Kit

Screenshot 2025 09 10 222347

A newly discovered phishing kit called Salty2FA is targeting enterprises across the United States and European Union. It is designed to steal both user credentials and two-factor authentication tokens, giving attackers full access even when multi-factor protections are in place. How Salty2FA Works The kit delivers phishing pages that closely mimic enterprise login portals. Victims […]

You Onboarded the Attacker

Screenshot 2025 09 09 222655

What if your next star hire isn’t a trusted employee but an infiltrator? This isn’t phishing – it’s threat actors slipping in during onboarding. Meet Jordan from Colorado. Resume, references and background check all clear. On day one Jordan logs in, joins team meetings, and gets full access to repos, project files, and dev keys. […]

Cyber Espionage Through Impersonation

Screenshot 2025 09 09 133846

Recent reports reveal that Chinese-linked espionage groups have been impersonating a U.S. lawmaker to distribute malware and target prominent trade associations. This campaign focused on policy-influencing groups in Washington, including manufacturing, technology, and telecommunications sectors. The attackers used carefully crafted phishing emails that appeared authentic, but instead delivered malicious payloads capable of stealing sensitive information. […]