Stay ahead of risks with key insights on newly discovered Chrome and Gemini vulnerabilities, the surge of sophisticated Linux malware, and an in-depth look at the emerging “man-in-the-prompt” attack tactic targeting AI systems.
Whether you’re an IT professional, security enthusiast, or simply concerned about digital safety, our roundup delivers essential information and actionable takeaways to keep you secure in an ever-evolving cyber world.
A new channel of the Shuyal malware family is targeting 19 widely used web browsers. Shuyal’s operators employ advanced evasion techniques to bypass security solutions and deploy multi-stage payloads, posing a significant risk to organizations relying on mainstream browsers.
Read more: cybersecuritynews.com/new-shuyal-attacking-19-popular-browsers/
The Muddled Libra group has pivoted from email phishing to sophisticated voice-based social engineering (vishing), targeting organizational call centers. By impersonating employees, they convince IT support to reset credentials and MFA, granting near-instant access to sensitive systems. Attackers reach domain admin privileges in under 40 minutes and have expanded focus to government, insurance, retail, and aviation sectors.
Read more: cybersecuritynews.com/muddled-libra-actors-attacking-organizations/
Hackers are actively exploiting vulnerabilities in Microsoft IIS servers using a new web shell script, allowing stealthy remote code execution and persistent access. System administrators are urged to patch and monitor their servers for unusual activity.
Read more: cybersecuritynews.com/hackers-attacking-iis-servers-with-new-web-shell-script/
Researchers report active exploitation of a critical SAP NetWeaver vulnerability (CVE-2025-31324). The flaw enables unauthenticated attackers to upload malicious files and execute remote commands, targeting both Windows and Linux installations. The patch has been released—customers must act immediately.
Read more: cybersecuritynews.com/sap-netweaver-vulnerability-exploited-malware/
A financially motivated group, UNC2891, gained access to ATM networks by physically installing a 4G-enabled Raspberry Pi device. This attack exploited both physical and digital vulnerabilities, allowing remote command-and-control access and risking financial fraud through hidden rootkits and undetected malware.
Read more: cybersecuritynews.com/atm-network-hacked-using-raspberry-pi/
A zero-day vulnerability affecting on-premises SharePoint servers is being actively exploited. Impacted organizations are advised to take all internet-exposed SharePoint instances offline and apply available patches. SharePoint Online is not affected.
Read more: cybersecuritynews.com/sharepoint-servers-exposed-to-internet/
Attackers are now leveraging vulnerabilities in Endpoint Detection and Response (EDR) products to target and disable competing EDR solutions within the same network, paving the way for undetected malware deployment. This underscores the need for robust EDR configurations and layered defenses.
Read more: cybersecuritynews.com/edr-on-edr-violence/
A new variant of the Atomic macOS Stealer has been spotted with enhanced backdoor capabilities. This latest version can avoid detection, steal credentials, and maintain persistent access, posing a growing threat to Mac users.
Read more: cybersecuritynews.com/atomic-macos-stealer-comes-with-new-backdoor/
Researchers have discovered a service offering Android malware as a rentable package, now including 2FA interception features. Cybercriminals are increasingly leveraging these tools to capture one-time passcodes during the login process, making attacks more dangerous for mobile users.
Read more: cybersecuritynews.com/renting-android-malware-with-2fa-interception/
The new ‘Armouryloader’ malware demonstrates advanced techniques to bypass system security protections. Targeted attacks using this malware can evade traditional defenses, emphasizing the need for updated endpoint security.
Read more: cybersecuritynews.com/armouryloader-bypassing-system-security-protections/
A deep dive into the Lumma password stealer exposes a complex malware infection chain that can spread rapidly across systems. The report details techniques that enhance infection rates and data exfiltration.
Read more: cybersecuritynews.com/lumma-password-stealer-attack-infection-chain/
A new threat, 0bj3ctivityStealer, has emerged with a novel execution chain that helps it evade detection and maximize payload delivery on compromised systems.
Read more: cybersecuritynews.com/0bj3ctivitystealers-execution-chain/
Recent campaigns show ransomware groups partnering with TrickBot malware operators, combining resources to breach enterprise networks and increase ransom payouts.
Read more: cybersecuritynews.com/ransomware-groups-using-trickbot-malware/
A newly identified “Plague” malware is attacking Linux servers by exploiting unpatched vulnerabilities and poor security configurations, posing risks to server infrastructure and hosted data.
Read more: cybersecuritynews.com/plague-malware-attacking-linux-servers/
A newly discovered vulnerability exposes Cisco’s ISE platform to remote code execution and privilege escalation risks. The flaw can be exploited by unprivileged attackers via a network, underlining the importance of rapid patching.
Read more: cybersecuritynews.com/cisco-identity-services-engine-vulnerability
Researchers identified a critical flaw in Google’s Gemini CLI tool—allowing attackers to silently run malicious commands on developer systems through prompt injection and broken validation. Disguised payloads could exfiltrate credentials without user awareness. Upgrade to v0.1.14+ immediately!
Read more: cybersecuritynews.com/gemini-cli-vulnerability/
Recently published advisories detail several exploited n-day vulnerabilities in SonicWall products, pushing organizations to update and implement layered defenses as attackers increasingly target unpatched endpoints.
Read more: cybersecuritynews.com/sonicwall-n-day-vulnerabilities/
Google issued an urgent security update for the Chrome browser to address multiple actively exploited vulnerabilities. Users are urged to apply updates to prevent infections and data breaches.
Read more: cybersecuritynews.com/chrome-security-update-138/
A new Denial-of-Service vulnerability affecting SonicWall SSL VPN devices could enable attackers to disrupt business operations. Prompt software upgrades are recommended.
Read more: cybersecuritynews.com/sonicwall-ssl-vpn-dos-vulnerability/
Cybersecurity experts are warning of a novel “Man-in-the-Prompt” attack targeting AI-driven coding assistants, where malicious prompt manipulation could cause AI models to execute harmful commands or leak secrets.
Read more: cybersecuritynews.com/man-in-the-prompt-attack/
Full technical details and a proof-of-concept have been released for an actively exploited 0-day in CrushFTP. Immediate action is required for at-risk admins.
Read more: cybersecuritynews.com/crushftp-0-day-technical-details-poc-released/
Project Zero researchers at Google published their latest findings, including detailed reports on recently uncovered zero-day exploits and their impact on major software ecosystems.
Read more: cybersecuritynews.com/google-project-zero-vulnerability-disclosure/
On July 28, 2025, GitHub experienced a global outage, briefly hindering code pushes, API requests, and issue tracking functions for developers worldwide. The incident, traced to networking problems, caused intermittent errors for around 4% of requests and delayed deployments, but full recovery occurred within about 3.5 hours.
Read more: cybersecuritynews.com/github-outage-disrupts-core-services
Apple unveiled a native containerization stack for macOS at WWDC 25, enabling Macs to run OCI images in micro-VMs—making it possible to launch Kali Linux directly without Docker Desktop. This feature, targeting Apple Silicon with full release in “Tahoe” (macOS 26) this fall, vastly improves security, speed, and resource use for Linux workflows on Mac.
Read more: cybersecuritynews.com/apples-containerization-feature-macos
Palo Alto Networks announced intentions to acquire identity security leader CyberArk, signaling a major consolidation in the cybersecurity sector. The strategic move aims to strengthen cloud identity protection and expand zero-trust offerings.
Read more: cybersecuritynews.com/palo-alto-networks-acquire-cyberark
OpenAI’s ChatGPT is increasingly influencing search trends, offering natural language answers that reshape how users access information—posing new challenges and opportunities for established search engines.
Read more: cybersecuritynews.com/chatgpt-conversations-search-engines
Security experts warn of a zero-click vulnerability in WhatsApp, allowing attackers to compromise devices without user interaction. Immediate patching and vigilance are advised for both individuals and enterprises.
Read more: cybersecuritynews.com/whatsapp-0-click-exploit
The post Cybersecurity News Recap – Chrome, Gemini Vulnerabilities, Linux Malware, and Man-in-the-Prompt Attack appeared first on Cyber Security News.
Two Direction Sticky Sidebar is a pure JavaScript utility that implements bi-directional sticky sidebar behavior…
Two Direction Sticky Sidebar is a pure JavaScript utility that implements bi-directional sticky sidebar behavior…
Linked Lists is a JavaScript & CSS UI component that connects multiple checked list items…
LANSING, MI (WOWO) Governor Gretchen Whitmer has expanded Michigan’s state of emergency as severe weather…
LANSING, MI (WOWO) Advocates and lawmakers are urging Michigan Governor Gretchen Whitmer to grant clemency…
A proof-of-concept (PoC) exploit has been publicly released for a newly disclosed vulnerability in Microsoft’s…
This website uses cookies.