DripDropper Malware: When Hackers Become Security Patchers
Posted inCybersecurity News

DripDropper Malware: When Hackers Become Security Patchers

In an unprecedented display of cybercriminal sophistication, security researchers have uncovered a Linux malware campaign that turns conventional attack methodology on its head. The malware, dubbed "DripDropper," employs a counterintuitive strategy: exploiting vulnerabilities and then patching them to maintain exclusive access to compromised systems.
Microsoft Experiences Major Service Outage Affecting Copilot and Office.com
Posted inCybersecurity News

Microsoft Experiences Major Service Outage Affecting Copilot and Office.com

Microsoft is currently grappling with a significant service disruption that has left thousands of users unable to access key productivity platforms, including Office.com and the company's AI-powered Copilot assistant. The outage, which began in the early morning hours of August 20, 2025, has primarily impacted customers across North America, though the full scope of the incident remains under investigation.
Threat actor offers 15.8 million PayPal user credentials on cybercrime forum.
Posted inCybersecurity News

Threat actor offers 15.8 million PayPal user credentials on cybercrime forum.

A threat actor operating under the alias "Chucky_BF" has surfaced on a prominent cybercrime forum claiming to possess a massive trove of PayPal user credentials. The cybercriminal is advertising what they describe as the "Global PayPal Credential Dump 2025," containing allegedly 15.8 million email and password combinations from PayPal users worldwide.
Noodlophile infostealer is being distributed through fake copyright and intellectual property infringement notices.
Posted inCybersecurity News

Noodlophile infostealer is being distributed through fake copyright and intellectual property infringement notices.

Cybercriminals are conducting highly targeted spear-phishing campaigns across multiple regions, including the United States, Europe, Baltic countries, and the Asia-Pacific region. The attacks specifically target businesses through personalized emails that create urgency by threatening copyright or intellectual property infringement lawsuits.
Security researcher discloses full authentication bypass exploit for Fortinet’s FortiWeb application firewall.
Posted inCybersecurity News

Security researcher discloses full authentication bypass exploit for Fortinet’s FortiWeb application firewall.

A security researcher has disclosed a critical vulnerability in Fortinet's FortiWeb web application firewall that enables complete authentication bypass, allowing attackers to impersonate any user, including administrators. The flaw, designated CVE-2025-52970 and nicknamed "FortMajeure," represents a significant security concern for organizations relying on FortiWeb for web application protection.
Microsoft has announced two critical security enhancements currently in development for Teams users worldwide.
Posted inCybersecurity News

Microsoft has announced two critical security enhancements currently in development for Teams users worldwide.

The first enhancement introduces sophisticated malicious URL detection capabilities that can identify and warn users about potentially harmful links shared in chats and channels. This real-time protection system provides an additional layer of defense against malware attacks that commonly exploit seemingly innocent web links.
Microsoft August 2025 Security Update Addresses Critical Kerberos Vulnerability Among 111 Total Flaws.
Posted inCybersecurity News

Microsoft August 2025 Security Update Addresses Critical Kerberos Vulnerability Among 111 Total Flaws.

Microsoft's August 2025 Patch Tuesday release represents one of the most comprehensive security updates of the year, addressing 111 security vulnerabilities across the company's software portfolio. This substantial update includes fixes for 107 vulnerabilities in core Windows and Microsoft software products, with an additional 16 vulnerabilities addressed in Microsoft's Chromium-based Edge browser.