Curated Cybersecurity RSS Feeds
CyberSec News: Curated Sources | Latest Trends | Showing last 24h
O2 VoLTE Flaw Allows Tracking of Customers’ Locations Through Phone Calls
Significant privacy vulnerability in O2 UK’s Voice over LTE (VoLTE) implementation was recently discovered, allowing any caller to access precise location data of call recipients. The security flaw, which exposed sensitive information through IMS (IP Multimedia Subsystem) signali...
Microsoft Issues Urgent Patch to Resolve BitLocker Recovery Problem
Microsoft has released an emergency update to address a critical issue affecting Windows 10 devices with specific Intel processors. The update (KB5061768) fixes a problem introduced in the May 13, 2025 security update that was causing unexpected system failures and forcing users...
Malicious npm Package in Koishi Chatbots Steals Sensitive Data in Real Time
Socket’s Threat Research Team has uncovered a dangerous npm package named koishi-plugin-pinhaofa, masquerading as a spelling-autocorrect helper for Koishi chatbots. Marketed innocently, this plugin embeds a insidious data-exfiltration backdoor that scans every incoming message fo...
Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse
Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that's targeting publicly accessible Redis servers. The malicious activity has been codenamed RedisRaider by Datadog Security Labs. "RedisRaider aggressively scans randomized portions of the I...
Tor Browser 14.5.2 Released: Bug Fixes and Enhanced Features
Tor Project has launched Tor Browser 14.5.2, a significant update addressing security vulnerabilities, refining cross-platform functionality, and enhancing build system reliability. This release integrates critical Firefox security patches, resolves longstanding privacy-related b...
W3LL Phishing Kit Launches Active Campaign to Steal Outlook Login Credentials
Cybersecurity researchers have recently uncovered a sophisticated phishing campaign leveraging the notorious W3LL Phishing Kit. Originally identified by Group-IB in 2022, W3LL differentiates itself in the criminal ecosystem as a phishing-as-a-service (PaaS) tool, supported by a u...
Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang
Cybersecurity Observatory of the Unipegaso’s malware lab published a detailed analysis of the Sarcoma ransomware. It is with great pleasure and honor that I present the first report produced by the Malware Analysis Lab, led by Luigi Martire. The lab was established withi...
WSL Goes Open Source: Microsoft Opens Up Windows Subsystem for Linux
At today’s Build 2025 Developer Conference, Microsoft announced the open-sourcing of its widely acclaimed Windows Subsystem for Linux The post WSL Goes Open Source: Microsoft Opens Up Windows Subsystem for Linux appeared first on Daily CyberSecurity.
Microsoft’s “Edit”: A Modern Take on the Classic MS-DOS Editor
At the Build 2025 Developer Conference, Microsoft unveiled a brand-new command-line editor named Edit, designed as a tribute The post Microsoft’s “Edit”: A Modern Take on the Classic MS-DOS Editor appeared first on Daily CyberSecurity.
A New Era for Windows: Microsoft’s Protocol Transforms OS into AI Agent Platform
At the Build 2025 Developer Conference, Microsoft announced the integration of the Model Context Protocol (MCP) into Windows The post A New Era for Windows: Microsoft’s Protocol Transforms OS into AI Agent Platform appeared first on Daily CyberSecurity.