The Ukrainian threat intelligence group UAC-0099 has significantly evolved its cyber warfare capabilities, deploying a sophisticated new malware toolkit targeting Ukrainian state authorities, Defense Forces, and defense industrial enterprises. The National Cyber Incident Response Team CERT-UA has documented a series…
Category: Cyber Security News
Mustang Panda Attacking Windows Users With ToneShell Malware Mimic as Google Chrome
A sophisticated new cyber campaign has emerged targeting Windows users through a deceptive malware variant known as ToneShell, which masquerades as the legitimate Google Chrome browser. The advanced persistent threat (APT) group Mustang Panda, known for its strategic targeting of…
Threat Actors Weaponize Smart Contracts to Drain User Crypto Wallets of More Than $900k
In a sophisticated campaign uncovered in early 2024, cybercriminals have begun distributing malicious Ethereum smart contracts masquerading as lucrative trading bots. These weaponized contracts leverage Web3 development platforms such as Remix to entice victims into deploying code that appears to…
SpyCloud Enhances Investigations Solution With AI-Powered Insights –Revolutionizing Insider Threat and Cybercrime Analysis
Austin, TX, USA, August 6th, 2025, CyberNewsWire SpyCloud Investigations, now with AI Insights, empowers security teams to act decisively with finished intelligence built from billions of breach, malware, and phishing records. SpyCloud, the leader in identity threat protection, today announced…
Sophisticated DevilsTongue Windows Spyware Tracking Users Globally
The emergence of DevilsTongue marks a significant escalation in mercenary spyware capabilities, leveraging advanced Windows-based techniques to infiltrate high-value targets worldwide. First observed in campaigns dating back to 2019, this modular malware aggressively exploits zero-day browser vulnerabilities and weaponized documents…
Rockwell Arena Simulation Vulnerabilities Let Attackers Execute Malicious Code Remotely
Rockwell Automation has disclosed three critical memory corruption vulnerabilities in its Arena® Simulation software that could allow threat actors to execute arbitrary code remotely on affected systems. The security flaws, identified as CVE-2025-7025, CVE-2025-7032, and CVE-2025-7033, carry a high CVSS…
Global Jewellery Brand Pandora Suffers Hacked – Customer Data Exposed
Danish jewellery giant Pandora has disclosed a significant data breach that compromised customer information through a third-party vendor platform. The company has begun notifying affected customers, starting with Italian markets, about the cybersecurity incident that resulted in unauthorized access to…
Threat Actors Leveraging GenAI for Phishing Attacks Impersonating Government Websites
Cybercriminals have escalated their phishing operations by incorporating generative artificial intelligence tools to create sophisticated replicas of government websites, marking a significant evolution in social engineering tactics. A recent campaign targeting Brazilian citizens demonstrates how threat actors are exploiting AI-powered…
Microsoft’s New AI Agent Project to Detect Malware with Reverse Engineering Tools
Microsoft has unveiled Project Ire, an autonomous AI agent capable of reverse engineering and classifying malware at an unprecedented scale. The breakthrough system achieved a precision rate of 0.98 and a recall of 0.83 during testing on Windows drivers, marking…
Adobe AEM Forms 0-Day Vulnerability Let Attackers Execute Arbitrary Code
Adobe has released an urgent security update for Adobe Experience Manager Forms on Java Enterprise Edition (JEE) to address two critical zero-day vulnerabilities that could allow attackers to execute arbitrary code and perform unauthorized file system access. The vulnerabilities, identified…
Chinese Hackers Compromised Up To 115 Million Payment Cards In The US
A sophisticated Chinese cybercriminal syndicate has orchestrated one of the most devastating payment card fraud operations in recorded history, potentially compromising between 12.7 million and 115 million payment cards across the United States between July 2023 and October 2024. The…
Chinese Hackers Exploit SharePoint Vulnerabilities to Deploy Toolsets Includes Backdoor, Ransomware and Loaders
A sophisticated Chinese threat actor has been exploiting critical vulnerabilities in Microsoft SharePoint to deploy an advanced malware toolset dubbed “Project AK47,” according to new research published by Palo Alto Networks Unit 42. The campaign, which has been active since…
Critical Trend Micro Apex One Management RCE Vulnerability Actively Exploited in the wild
Critical command injection remote code execution (RCE) vulnerabilities in Trend Micro Apex One Management Console are currently being actively exploited by threat actors. The company confirmed observing at least one instance of attempted exploitation in production environments, prompting the immediate…
CISA Releases Two Advisories Covering Vulnerabilities, and Exploits Surrounding ICS
CISA released two urgent Industrial Control Systems (ICS) advisories on August 5, 2025, addressing significant security vulnerabilities in critical manufacturing and energy sector systems. These advisories detail exploitable flaws that could compromise industrial operations and potentially disrupt essential services across…
Threat Actors Weaponizing RMM Tools to Take Control of The Machine and Steal Data
Cybercriminals are increasingly exploiting Remote Monitoring and Management (RMM) software to gain unauthorized access to corporate systems, with a sophisticated new attack campaign demonstrating how legitimate IT tools can become powerful weapons in the wrong hands. This emerging threat leverages…
Threats Actors Poisoned Bing Search Results to Deliver Bumblebee Malware if User Searched for ‘ManageEngine OpManager’
Cybersecurity researchers have uncovered a sophisticated search engine optimization (SEO) poisoning campaign that exploited Bing search results to distribute Bumblebee malware, ultimately leading to devastating Akira ransomware attacks. The campaign, active throughout July 2025, specifically targeted users searching for legitimate…
Millions of Dell Laptops Vulnerable to Device Takeover and Persistent Malware Attacks
A wide range of vulnerabilities affects millions of Dell laptops used by government agencies, cybersecurity professionals, and enterprises worldwide. The vulnerabilities, collectively dubbed “ReVault,” target the Broadcom BCM5820X security chip embedded in Dell’s ControlVault3 firmware, creating opportunities for attackers to…
U.S. Treasury Warns of Crypto ATMs Fueling Criminal Activity
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) has issued a critical warning about the exploitation of convertible virtual currency (CVC) kiosks by criminal organizations. Released on August 4, 2025, the advisory highlights how these cryptocurrency ATMs,…
CISA Warns of D-Link Vulnerabilities Actively Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert, adding three vulnerabilities affecting D-Link devices to its Known Exploited Vulnerabilities (KEV) Catalog. The inclusion of these flaws in the catalog signifies that they are being actively…
10,000+ Malicious TikTok Shop Domains Attacking Users to Steal Logins and Deploy Malware
A sophisticated cybercriminal campaign dubbed “ClickTok” has emerged as one of the most extensive threats targeting TikTok Shop users worldwide, with researchers identifying over 10,000 malicious domains designed to steal user credentials and deploy advanced spyware. The campaign represents a…