Blog – Page 865 – Cyber Mike

Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution

Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code execution.
The vulnerability, tracked as CVE-2025-25012, carries a CVSS score of 9.9 out of a maximum of 10.0. It has been described as a case of prototype pollution.
“Prototype pollution in Kibana leads to

BadBox Botnet Powered by 1 Million Android Devices Disrupted

A second iteration of the BadBox botnet that affected over one million Android devices has been partially disrupted.

The post BadBox Botnet Powered by 1 Million Android Devices Disrupted appeared first on SecurityWeek.

EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing

The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT.
“EncryptHub has been observed targeting users of popular applications, by distributing trojanized versions,” Outpost24 KrakenLabs said in a new report shared with The

AIceberg Gets $10 Million in Seed Funding for AI Security Platform

AIceberg has launched a solution that helps governments and enterprises with the safe, secure and compliant adoption of AI.

The post AIceberg Gets $10 Million in Seed Funding for AI Security Platform appeared first on SecurityWeek.

Outsmarting Cyber Threats with Attack Graphs

Cyber threats are growing more sophisticated, and traditional security approaches struggle to keep up. Organizations can no longer rely on periodic assessments or static vulnerability lists to stay secure. Instead, they need a dynamic approach that provides real-time insights into how attackers move through their environment.
This is where attack graphs come in. By mapping potential attack paths

Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access

Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors.
“Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed,” c/side researcher Himanshu Anand said in a Wednesday analysis.
The malicious JavaScript code has been found to be served via cdn.csyndication[

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks

Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days.

The post Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks appeared first on SecurityWeek.

U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations

The U.S. Department of Justice (DoJ) has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally.
The individuals include two officers of the People’s Republic of China’s (PRC) Ministry of Public Security (MPS), eight employees of an ostensibly private PRC company, Anxun

Open-source tool ‘Rayhunter’ helps users detect Stingray attacks

The Electronic Frontier Foundation (EFF) has released a free, open-source tool named Rayhunter that is designed to detect cell-site simulators (CSS), also known as IMSI catchers or Stingrays. […]

US Indicts China’s iSoon ‘Hackers-for-Hire’ Operatives

i-Soon employees charged with conducting extensive hacking campaigns on behalf of Beijing’s security services.

The post US Indicts China’s iSoon ‘Hackers-for-Hire’ Operatives appeared first on SecurityWeek.

Cyber News