Cyber Security News

A new information-stealer has emerged targeting job seekers with a trojanized Node.js application named Chessfi. Delivered via a modified npm package hosted on the official repository, the malware blends two previously separate tools—BeaverTail and OtterCookie—into a unified JavaScript payload. Victims are lured through fake employment offers and asked to install the application under the guise […]

The post North Korean Hackers Using Malicious Scripts Combining BeaverTail and OtterCookie for Keylogging appeared first on Cyber Security News.

Cybersecurity professionals are raising alarms over a new wave of phishing emails masquerading as breach notifications from LastPass. These messages warn recipients of an urgent account compromise and urge them to download a “security patch” to restore access. In reality, the downloadable file contains a sophisticated malware loader designed to harvest credentials and deploy additional […]

The post Beware of Fake ‘LastPass Hack’ Emails Trying to Trick Users Into Installing Malware appeared first on Cyber Security News.

Over the past month, a targeted campaign dubbed Operation Silk Lure has surfaced, exploiting the Windows Task Scheduler to deploy a novel variant of ValleyRAT. Emerging in mid-2025, the operation hinges on spear-phishing emails that carry malicious LNK attachments masquerading as candidate resumes. When victims open these attachments, a hidden PowerShell command initiates the download […]

The post Operation Silk Lure Weaponizing Windows Scheduled Tasks to Drop ValleyRAT appeared first on Cyber Security News.

The Qilin ransomware group has emerged as one of the most prolific and dangerous threat actors in the cybersecurity landscape, exploiting sophisticated bulletproof hosting infrastructure to conduct devastating attacks on organizations across multiple sectors. Operating under a Ransomware-as-a-Service (RaaS) model, Qilin first surfaced in mid-2022 under the name “Agenda” before rebranding later that year. The […]

The post Qilin Ransomware Using Ghost Bulletproof Hosting to Attack Organizations Worldwide appeared first on Cyber Security News.

In recent months, a new advanced persistent threat (APT) group known as Mysterious Elephant has emerged as a formidable adversary targeting government and diplomatic institutions across the Asia-Pacific region. First identified by Kaspersky’s Global Research and Analysis Team (GReAT) in 2023, the group has continued to refine its toolkit, employing both custom-built malware and modified […]

The post Mysterious Elephant APT Hackers Infiltrate Organization to Steal Sensitive Information appeared first on Cyber Security News.

U.S. Senator Bill Cassidy, Chairman of the Senate Health, Education, Labor, and Pensions (HELP) Committee, has demanded answers from Cisco Systems regarding recent zero-day vulnerabilities in its widely used networking equipment. The October 10, 2025, letter to CEO Chuck Robbins highlights the potential risks to national security and the economy, following a swift emergency directive […]

The post Senate Investigates Cisco Over Zero-Day Firewall Vulnerabilities appeared first on Cyber Security News.

Early October 2025 witnessed the resurgence of a retro phishing technique that exploits legacy Basic Authentication URLs to deceive users into divulging sensitive credentials. Threat actors crafted links in the format https://username:[email protected], embedding a trusted institution’s domain in the username field to visually mimic legitimate services. When users click these links, their browsers authenticate to […]

The post New Phishing Attack Uses Basic Auth URLs to Trick Users and Steal Login Credentials appeared first on Cyber Security News.

A sophisticated multi-stage malware campaign is targeting organizations globally, utilizing the PhantomVAI Loader to distribute dangerous information-stealing malware. The attack chain, which begins with carefully crafted phishing emails, has emerged as a significant threat to businesses across manufacturing, education, healthcare, technology, utilities, and government sectors. This malware family, previously known as Katz Stealer Loader, has […]

The post PhantomVAI Loader Attacking Organizations Worldwide to Deliver AsyncRAT, XWorm, FormBook and DCRat appeared first on Cyber Security News.

CISA has added a critical Microsoft Windows vulnerability to its Known Exploited Vulnerabilities catalog, warning organizations that threat actors are actively exploiting it in real-world attacks. Identified as CVE-2025-59230, the flaw stems from improper access control in the Windows Remote Access Connection Manager service. This local privilege escalation vulnerability allows an authorized user, such as […]

The post CISA Warns Of Windows Improper Access Control Vulnerability Exploited In Attacks appeared first on Cyber Security News.

An aggressive SEO poisoning campaign has surfaced in early October 2025, preying on users searching for the legitimate Ivanti Pulse Secure VPN client. Attackers have registered lookalike domains such as ivanti-pulsesecure.com and ivanti-secure-access.org to host trojanized installers that appear official. Unsuspecting victims clicking on top search results are redirected to these malicious sites, where a […]

The post Beware of Malicious Ivanti VPN Client Sites in Google Search That Delivers Malware appeared first on Cyber Security News.

The UK’s Information Commissioner’s Office (ICO) has imposed a £14 million fine on outsourcing giant Capita following a major cyber attack in 2023 that exposed the personal data of 6.6 million individuals. This penalty, split as £8 million to Capita plc and £6 million to Capita Pension Solutions Limited, marks one of the largest data […]

The post Capita To pay £14 Million For Data Breach Exposes 6.6 Million Users Personal Data appeared first on Cyber Security News.

Samba has disclosed a severe remote code execution (RCE) flaw that could allow attackers to hijack Active Directory domain controllers. Tracked as CVE-2025-10230, the vulnerability stems from improper validation in the Windows Internet Name Service (WINS) hook mechanism, earning a perfect CVSS 3.1 score of 10.0 for its ease of exploitation and devastating potential impact. […]

The post Critical Samba RCE Vulnerability Enables Arbitrary Code Execution appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe code execution vulnerability in Adobe Experience Manager Forms, urging organizations to patch immediately. Tracked as CVE-2025-54253, this flaw affects the Java Enterprise Edition (JEE) version of the software and enables attackers to execute arbitrary code on vulnerable systems. First disclosed […]

The post CISA Warns Of Adobe Experience Manager Forms 0-Day Vulnerability Exploited In Attacks appeared first on Cyber Security News.

Microsoft has disclosed two critical vulnerabilities in its Windows BitLocker encryption feature, allowing attackers with physical access to bypass security protections and access encrypted data. Released on October 14, 2025, as part of the latest Patch Tuesday updates, these flaws, tracked as CVE-2025-55338 and CVE-2025-55333, pose a significant risk to users relying on BitLocker for […]

The post Windows BitLocker Vulnerabilities Let Attackers Bypass Security Feature appeared first on Cyber Security News.

A sophisticated banking Trojan named Maverick has emerged in Brazil, leveraging WhatsApp as its primary distribution channel to compromise thousands of users. The malware campaign was detected in mid-October 2025, with cybersecurity solutions blocking over 62,000 infection attempts in just the first ten days of the month. The threat specifically targets Brazilian users through Portuguese-language […]

The post New Banking Malware Abusing WhatsApp to Gain Complete Remote Access to Your Computer appeared first on Cyber Security News.

Microsoft announced that it had revoked more than 200 digital certificates exploited by the notorious Vanilla Tempest hacking group. This action effectively disrupted an ongoing campaign where attackers impersonated Microsoft Teams installations to infiltrate corporate networks and deploy ransomware. The operation, uncovered in late September, highlights the evolving tactics of ransomware operators who leverage legitimate-looking […]

The post Microsoft Disrupted Vanilla Tempest Attack by Revoking Certificates Used to Sign Fake Teams File appeared first on Cyber Security News.

YouTube experienced a widespread outage on Wednesday, October 15, 2025, disrupting video streaming for millions of users across the United States, Europe, Asia, and beyond. The platform, which serves over 2.7 billion monthly users, saw reports of playback errors and blank screens starting around 7 p.m. ET, affecting its core service as well as YouTube […]

The post YouTube Down for Users Globally – Google Confirms Outage – Updated appeared first on Cyber Security News.

MCPTotal, a comprehensive secure Model Context Protocol (MCP) platform, today announced its flagship platform to help businesses adopt and secure MCP servers.  MCP has become the standard interface for connecting AI models with enterprise systems, external data sources, and third-party applications. But, uncontrolled adoption has introduced major risks, including supply chain exposures, prompt injection vulnerabilities, […]

The post MCPTotal Launches to Power Secure Enterprise MCP Workflows appeared first on Cyber Security News.

BreachLock, the global leader in Penetration Testing as a Service (PTaaS), has been recognized as a Representative Provider in the 2025 Innovation Insight: Penetration Testing as a Service report by Gartner.  The report highlights how PTaaS helps organizations increase testing frequency by automating routine tasks, supports compliance objectives with high-level standardization and customizable reporting, and […]

The post BreachLock Named Representative Provider for Penetration Testing as a Service (PTaaS) in New Gartner® Report appeared first on Cyber Security News.

When your alert queue seems endless, it might feel like threat intelligence is more of a curse than a blessing. But taking the right approach to it will help increase detection rates without stretching resources thin. Top-performing SOC analysts don’t necessarily go through more alerts than others; they simply know where to look for reliable […]

The post How SOCs Detect More Threats without Alert Overload appeared first on Cyber Security News.