Cyber Security News

A dangerous malware campaign has surfaced targeting cryptocurrency users through a deceptive Python package hosted on the PyPI repository. The threat actors disguised their malicious code within a fake spell-checking tool, mimicking the legitimate pyspellchecker package that boasts over 18 million downloads. This supply chain attack represents an evolving threat landscape where attackers exploit trusted […]

The post Hackers Leverage Malicious PyPI Package to Attack Users and Steal Cryptocurrency Details appeared first on Cyber Security News.

A new threat known as EtherHiding is reshaping how malware spreads through the internet. Unlike older methods that rely on traditional servers to deliver harmful code, this attack uses blockchain smart contracts to store and update malware payloads. The approach makes it harder for security teams to track and stop attackers because the payloads can […]

The post New EtherHiding Attack Uses Web-Based Attacks to Deliver Malware and Rotate Payloads appeared first on Cyber Security News.

The ToddyCat APT group has developed new ways to access corporate email communications at target organizations. Email remains the main way companies handle business communications, whether through their own servers like Microsoft Exchange or through cloud services such as Microsoft 365 and Gmail. Many believe that cloud services provide better protection for company communications. Even […]

The post ToddyCat APT Accessing Organizations Internal Communications of Employees at Target Companies appeared first on Cyber Security News.

A massive supply chain attack targeting the NPM accounts of automation giant Zapier and the Ethereum Name Service (ENS). Identified by Aikido Security, the campaign is being orchestrated by the same threat actors responsible for the “Shai Hulud” self-propagating worm that first surfaced in September. This latest wave, self-titled “Shai Hulud: The Second Coming,” has […]

The post Zapier’s NPM Account Hacked – Multiple Packages Infected with Self-Propagating Shai Hulud Malware appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated Python-based malware that employs process injection techniques to hide inside legitimate Windows binaries. This threat represents a new evolution in fileless attack strategies, combining multi-layer obfuscation with trusted system utilities to evade detection. The malware’s ability to masquerade as harmless files while deploying a full Python runtime environment marks […]

The post Threats Actors Leverage Python-based Malware to Inject Process into a Legitimate Windows Binary appeared first on Cyber Security News.

A sophisticated phishing campaign is currently leveraging a subtle typographical trick to bypass user vigilance, deceiving victims into handing over sensitive login credentials. Attackers utilize the domain “rnicrosoft.com” to impersonate the tech giant. By replacing the letter ‘m’ with the combination of ‘r’ and ‘n’, fraudsters create a visual doppleganger that is nearly indistinguishable from […]

The post Hackers Replace ‘m’ with ‘rn’ in Microsoft(.)com to Steal Users’ Login Credentials appeared first on Cyber Security News.

A critical memory corruption vulnerability in vLLM versions 0.10.2 and later allows attackers to achieve remote code execution through the Completions API endpoint by sending maliciously crafted prompt embeddings. The vulnerability resides in the tensor deserialization process within vLLM’s entrypoints/renderer.py at line 148. When processing user-supplied prompt embeddings, the system loads serialized tensors using torch.load() […]

The post vLLM Vulnerability Enables Remote Code Execution Via Malicious Payloads appeared first on Cyber Security News.

A sophisticated recruitment scam linked to North Korea has emerged, targeting American artificial intelligence developers, software engineers, and cryptocurrency professionals through an elaborate fake job platform. Validin security researchers have uncovered a new variant of what they call the “Contagious Interview” operation, designed to compromise job seekers through a seemingly legitimate hiring process. The campaign […]

The post Beware of North Korean Fake Job Platform Targeting U.S. Based AI-Developers appeared first on Cyber Security News.

Welcome to this week’s edition of the Cybersecurity News Weekly Newsletter, where we analyze the critical incidents defining the current threat landscape. If this week has taught us anything, it is that the stability of our digital infrastructure is just as volatile as the security of the software running upon it. We are witnessing a […]

The post Cybersecurity News Weekly Newsletter – Fortinet, Chrome 0-Day Flaws, Cloudflare Outage and Salesforce Gainsight Breach appeared first on Cyber Security News.

A critical vulnerability in Azure Bastion (CVE-2025-49752) allows remote attackers to bypass authentication mechanisms and escalate privileges to administrative levels. The flaw, categorized as an authentication bypass vulnerability, poses an immediate risk to organizations that rely on Azure Bastion for secure administrative access to their cloud infrastructure. Attackers Can Escalate Privileges Without User Interaction The […]

The post Critical Vulnerability in Azure Bastion Let Attackers Bypass Authentication and Escalate privileges appeared first on Cyber Security News.

Microsoft has officially acknowledged a significant disruption affecting Windows 11 version 24H2 users, specifically after installing the cumulative update KB5062553 released in July 2025. The issue primarily affects environments using Virtual Desktop Infrastructure (VDI) and devices undergoing their first user logon. Reports indicate that essential shell components, including the Start Menu, Taskbar, and System Settings, […]

The post Microsoft Confirms Windows 11 24H2 Update Broken Multiple Core Features appeared first on Cyber Security News.

Remote monitoring tools are essential for managing and maintaining the health and performance of IT infrastructure and systems. Remote monitoring tools provide continuous oversight of network devices, servers, applications, and other critical components from a remote location. These tools help identify and resolve issues proactively by offering real-time alerts, performance metrics, and detailed reports. With […]

The post 15 Best Remote Monitoring Tools – 2025 appeared first on Cyber Security News.

A sophisticated supply chain attack has reportedly compromised data across hundreds of organizations, linking the breach to a critical integration between customer success platform Gainsight and CRM giant Salesforce. The notorious hacking collective ShinyHunters is claiming responsibility for the intrusion, which allegedly affects over 200 companies. The attack vector did not rely on breaking into […]

The post ShinyHunters Claims Data Theft from 200+ Companies via Salesforce Gainsight Breach appeared first on Cyber Security News.

The Metasploit Framework has introduced a new exploit module targeting critical vulnerabilities in Fortinet’s FortiWeb Web Application Firewall (WAF). This module chains two recently disclosed flaws, CVE-2025-64446 and CVE-2025-58034, to achieve unauthenticated Remote Code Execution (RCE) with root privileges. The release follows reports of active exploitation in the wild, including “silent patches” and subsequent bypasses that have left many […]

The post Metasploit Adds Exploit Module for Recently Disclosed FortiWeb 0-Day Vulnerabilities appeared first on Cyber Security News.

A former IT contractor from Ohio has admitted to launching a cyberattack against his employer’s network in retaliation for being terminated, federal prosecutors announced this week. Maxwell Schultz, 35, of Columbus, Ohio, pleaded guilty to computer fraud charges after leading a technical attack that locked thousands of employees out of their systems nationwide. On May […]

The post Fired Techie Admits Hacking Employer’s Network in Retaliation for Termination appeared first on Cyber Security News.

Cybersecurity giant CrowdStrike has confirmed the termination of an insider who allegedly provided sensitive internal system details to a notorious hacking collective. The incident, which came to light late Thursday and Friday morning, involved the leak of internal screenshots on a public Telegram channel operated by the threat group known as “Scattered Lapsus$ Hunters.” The […]

The post CrowdStrike Fires Insider for Sharing Internal System Details with Hackers appeared first on Cyber Security News.

If your tools say a link is clean, do you fully trust it?  Most SOC leaders don’t anymore, and for good reason. Phishing has become polished, quiet, and built to blend into everyday traffic. It slips through filters, lands in inboxes unnoticed, and only reveals its intent after a user interacts. By the time the real behavior appears, your defenses have […]

The post Phishing Breaks More Defenses Than Ever. Here’s the Fix  appeared first on Cyber Security News.

A new wave of malicious Android applications impersonating a well-known Korean delivery service has emerged, featuring advanced obfuscation techniques powered by artificial intelligence. These apps work to bypass traditional antivirus detection methods while extracting sensitive user information. The threat actors behind this campaign have demonstrated sophisticated knowledge of mobile security vulnerabilities, combining multiple evasion strategies […]

The post AI-Based Obfuscated Malicious Apps Evading AV Detection to Deploy Malicious Payload appeared first on Cyber Security News.

Xillen Stealer, a sophisticated Python-based information stealer, has emerged as a significant threat in the cybercriminal landscape. Originally identified by Cyfirma in September 2025, this cross-platform malware has recently evolved into versions 4 and 5, introducing a dangerous arsenal of features designed to steal sensitive credentials, cryptocurrency wallets, and system information while evading modern security […]

The post Xillen Stealer With New Advanced Features Evade AI Detection and Steal Sensitive Data from Password Managers appeared first on Cyber Security News.

The dark web has transformed into a functioning parallel labor market where cyber specialists find employment through unconventional channels. Unlike traditional job boards, this shadow economy operates with distinct recruitment norms and salary expectations that differ significantly from legitimate hiring practices. A comprehensive analysis of 2,225 job-related posts collected from dark web forums between January […]

The post Dark Web Job Market Evolved – Prioritizes Practical Skills Over Formal Education appeared first on Cyber Security News.