Palo Alto Networks has published an extensive malware analysis tutorial detailing the dissection of a sophisticated .NET-based threat that delivers the Remcos remote access trojan (RAT). The malware’s emergence highlights a trend in which threat actors increasingly abuse legitimate development…
Category: Cyber Security News
Threat Actors Using CrossC2 Tool to Expand Cobalt Strike to Operate on Linux and macOS
A sophisticated threat campaign has emerged that leverages CrossC2, an unofficial extension tool that expands Cobalt Strike’s notorious capabilities beyond Windows systems to target Linux and macOS environments. Between September and December 2024, cybersecurity incidents involving this cross-platform malware have…
Google Requires Crypto App Developers to Have License or Certification From Relevant Authorities
Google Play has implemented comprehensive licensing requirements for cryptocurrency exchanges and software wallets, fundamentally reshaping the mobile app ecosystem for digital asset services. The policy mandates that developers seeking to publish cryptocurrency applications must obtain specific licenses and certifications from…
Ransomware Actors Blending Legitimate Tools with Custom Malware to Evade Detection
The cybersecurity landscape faces a new sophisticated threat as the Crypto24 ransomware group demonstrates an alarming evolution in attack methodology, seamlessly blending legitimate administrative tools with custom-developed malware to execute precision strikes against high-value targets. This emerging ransomware operation has…
New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash “/”
Security researchers have uncovered a sophisticated new phishing campaign that exploits the Japanese hiragana character “ん” to create deceptively authentic-looking URLs that can fool even vigilant internet users. The attack, first identified by security researcher JAMESWT, targets explicitly customers of…
New Clever Phishing Attack Uses Japanese Character “ん” to Mimic Forward Slash
Security researchers have uncovered a sophisticated new phishing campaign that exploits the Japanese hiragana character “ん” to create deceptively authentic-looking URLs that can fool even vigilant internet users. The attack, first identified by security researcher JAMESWT, targets explicitly customers of…
CVE-2025-8088 – WinRAR 0-Day Path Traversal Vulnerability Exploited to Execute Malware
A zero-day vulnerability in WinRAR allows malware to be deployed on unsuspecting users’ systems, highlighting the ongoing threats to popular software. Tracked as CVE-2025-8088, this path traversal flaw affects the Windows version of the widely used file archiving tool, enabling…
10 Best Deception Tools in 2025
The goal of deception technology, which uses some of the best deception tools, is to trick attackers by dispersing a variety of traps and dummy assets throughout a system’s infrastructure to mimic real assets. There is always a possibility that…
Cisco Secure Firewall Snort 3 Detection Engine Vulnerability Enables DoS Attacks
Critical security flaw CVE-2025-20217 allows unauthenticated attackers to trigger denial-of-service conditions in Cisco’s widely deployed firewall systems Cisco has disclosed a high-severity vulnerability in its Secure Firewall Threat Defense (FTD) Software that could allow remote attackers to cause denial-of-service conditions…
HexStrike AI Connects ChatGPT, Claude, Copilot with 150+ Security Tools like Burp Suite and Nmap
A new AI tool named HexStrike AI has been launched, designed to bridge the gap between large language models (LLMs) and practical cybersecurity operations. The latest release, v6.0, equips AI agents like OpenAI’s GPT, Anthropic’s Claude, and GitHub’s Copilot with…
New NFC-Driven PhantomCard Android Malware Attacking Banking Users
A sophisticated new Android malware dubbed PhantomCard has emerged from the shadows of Brazil’s cybercriminal underground, representing a significant evolution in mobile banking threats. This malicious application leverages Near Field Communication (NFC) technology to create a seamless bridge between victims’…
New HTTP/2 MadeYouReset Vulnerability Enables Large-Scale DDoS Attacks
Security researchers have identified a new denial-of-service (DoS) vulnerability in HTTP/2 implementations, referred to as MadeYouReset (CVE-2025-8671). This discovery represents a notable escalation in the threats associated with web protocols. Publicly disclosed on August 13, 2025, this flaw allows attackers…
Threat Actors Attacking Windows Systems With New Multi-Stage Malware Framework PS1Bot
A sophisticated new malware campaign targeting Windows systems has emerged, employing a multi-stage framework dubbed “PS1Bot” that combines PowerShell and C# components to conduct extensive information theft operations. The malware represents a significant evolution in attack methodologies, utilizing modular architecture…
Cisco Secure Firewall Vulnerability Allows Hackers to Inject Remote Shell Command Injection
Cisco has disclosed a critical security vulnerability in its Secure Firewall Management Center (FMC) Software that could allow unauthenticated attackers to execute arbitrary shell commands with high-level privileges remotely. The vulnerability, tracked as CVE-2025-20265 and assigned the maximum CVSS score…
Threat Actors Personalize Phishing Attacks With Advanced Tactics for Malware Delivery
Cybercriminals are increasingly leveraging personalization tactics to enhance the effectiveness of their malware-delivery phishing campaigns, with threat actors customizing subject lines, attachment names, and embedded links to create a false sense of authenticity and urgency. This sophisticated approach represents a…
New FireWood Malware Attacking Linux Systems to Execute Commands and Exfiltrate Sensitive Data
A sophisticated new variant of the FireWood backdoor has emerged, targeting Linux systems with enhanced evasion capabilities and streamlined command execution functionality. This latest iteration represents a significant evolution of the malware family first discovered by ESET’s research team, which…
Qilin Ransomware Leads The Attack Landscape With 70+ Claimed Victims in July
The ransomware threat landscape witnessed a concerning surge in July 2025, with the Qilin ransomware group maintaining its dominant position for the third time in four months. The group successfully claimed 73 victims on its data leak site, representing 17.3%…
New EncryptHub Campaign Leverages Brave Support Platform to Deliver Malicious Payloads via MMC Vulnerability
The cyberthreat landscape continues to evolve as malicious actors develop increasingly sophisticated attack methods, with the EncryptHub threat group emerging as a particularly concerning adversary. This emerging threat actor, also known as LARVA-208 and Water Gamayun, has been making headlines…
Threat Actors Weaponizing YouTube Video Download Site to Download Proxyware Malware
Cybercriminals have escalated their proxyjacking campaigns by exploiting legitimate user behavior around YouTube video downloads, according to a recent security analysis. The attack leverages fake YouTube download sites to distribute proxyware malware, specifically targeting users seeking free video conversion services.…
New Trends in Phishing Attacks Emerges as AI Reshaping the Tool Used by Cybercriminals
The cybersecurity landscape is witnessing a fundamental transformation as artificial intelligence becomes the newest weapon in cybercriminals’ arsenals, revolutionizing traditional phishing and scam operations. Unlike conventional phishing campaigns that were often riddled with grammatical errors and obvious tells, modern AI-powered…