Security researchers have uncovered a sophisticated malware campaign utilizing heavily obfuscated Visual Basic Script (VBS) files to deploy multiple types of remote access trojans (RATs). The campaign, discovered in June 2025, involves a cluster of 16 open directories containing obfuscated…
Category: Cyber Security News
Hackers Deliver Fileless AsyncRAT Using Clickfix Technique via Fake Verification Prompt
A sophisticated fileless malware campaign targeting German-speaking users has emerged, employing deceptive verification prompts to distribute AsyncRAT through the increasingly popular Clickfix technique. The malware masquerades as a legitimate “I’m not a robot” CAPTCHA verification, tricking victims into executing malicious…
XDSpy Threat Actors Leverages Windows LNKs Zero-Day Vulnerability to Attack Windows System Users
A sophisticated cyber espionage campaign attributed to the XDSpy threat actor has recently been discovered exploiting a zero-day vulnerability in Windows shortcut files. This threat actor, which has operated largely undetected from 2011 until its initial discovery in 2020, has…
Hackers Actively Exploiting Zyxel RCE Vulnerability Via UDP Port
A significant spike was observed in exploitation attempts targeting CVE-2023-28771, a critical remote code execution vulnerability affecting Zyxel Internet Key Exchange (IKE) packet decoders. The coordinated attack campaign, observed on June 16, 2025, represents a concentrated burst of malicious activity…
Threat Actors Exploits OEM Permissions on Android Devices to Perform Privilege Escalation Attacks
Android users face a sophisticated security threat as malicious actors increasingly leverage legitimate system features to gain unauthorized access to devices. A concerning trend has emerged where attackers exploit Original Equipment Manufacturer (OEM) permissions to perform privilege escalation attacks, creating…
CISA Warns of iOS 0-Click Vulnerability Exploited in the Wild
CISA has added a critical iOS zero-click vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw has been actively exploited by sophisticated mercenary spyware in targeted attacks against journalists. The vulnerability, tracked as CVE-2025-43200, affects multiple Apple…
Malicious Loan App on iOS & Google Play Store Infected 150K+ Users Devices
A malicious loan application masquerading as a legitimate financial service has infected over 150,000 iOS and Android devices before being removed from official app stores. The app, identified as “RapiPlata,” achieved a Top 20 ranking in the finance category on…
Water Curse Hacker Group Weaponized 76 GitHub Accounts to Deliver Multistage Malware
A sophisticated threat actor known as Water Curse has exploited the inherent trust in open-source software by weaponizing at least 76 GitHub accounts to distribute malicious repositories containing multistage malware. The campaign represents a significant supply chain risk, targeting cybersecurity…
Threat Actors Abuse Windows Run Prompt to Execute Malicious Command and Deploy DeerStealer
Cybersecurity researchers have uncovered a sophisticated malware campaign that exploits Windows’ built-in Run prompt to deliver DeerStealer, a powerful information stealer designed to harvest cryptocurrency wallets, browser credentials, and sensitive personal data. The malicious operation represents a concerning evolution in…
Apache Tomcat Vulnerabilities Allow Authentication Bypass and DoS Attacks
Multiple critical security vulnerabilities affecting Apache Tomcat web servers, including two high-severity flaws enabling denial-of-service (DoS) attacks and one moderate-severity vulnerability allowing authentication bypass. These vulnerabilities, identified as CVE-2025-48976, CVE-2025-48988, CVE-2025-49124, and CVE-2025-49125, impact millions of web applications worldwide running…
Hackers Actively Exploiting Langflow RCE Vulnerability to Deploy Flodrix Botnet
Security researchers have uncovered an active cyberattack campaign targeting Langflow servers through CVE-2025-3248, a critical remote code execution vulnerability that allows threat actors to deploy the sophisticated Flodrix botnet malware. The attacks demonstrate how cybercriminals are rapidly weaponizing newly disclosed…
Microsoft Investigating Teams and Exchange Online Services Disruption Impacting Users
Microsoft experienced a significant service disruption affecting multiple Microsoft 365 services, including Teams and Exchange Online, impacting users globally whose requests were routed through the affected infrastructure. The company has confirmed that all services have now recovered following swift mitigative…
Gunra Ransomware Group Allegedly Leaks 40TB of Data from American Hospital
The Gunra ransomware group escalated its attack on American Hospital Dubai (AHD), a premier healthcare facility in Dubai, UAE, by releasing new evidence of a major cyberattack. The group claims to have leaked 40 terabytes of sensitive data, including personal…
Washington Post Journalists’ Microsoft Accounts Hacked in Targeted Cyberattack
The Washington Post is conducting a comprehensive investigation into a sophisticated cyberattack that compromised the email accounts of multiple journalists, with security experts and federal authorities examining evidence that suggests the involvement of a foreign government. The intrusion, discovered late…
Washington Post Journalists’ Microsoft Accounts Hacked in Targetetd Cyberattack
The Washington Post is conducting a comprehensive investigation into a sophisticated cyberattack that compromised the email accounts of multiple journalists, with security experts and federal authorities examining evidence that suggests the involvement of a foreign government. The intrusion, discovered late…
Microsoft Outlook Users Face Crashes When Creating New Emails, Temp Fix Issued
Enterprise users of classic Microsoft Outlook are experiencing application crashes when attempting to create or open new emails, according to a technical advisory released by Microsoft today. The issue, which primarily affects virtual desktop infrastructure (VDI) environments, has been escalated…
Darknet Market Archetyp Takedown by Authorities in Joint Action ‘Operation Deep Sentinel’
International law enforcement agencies have successfully dismantled one of the world’s largest darknet marketplaces, “Archetyp Market,” in a coordinated operation that resulted in multiple arrests across Europe and the seizure of millions in criminal assets. The operation, led by German…
Former GCHQ Intern Jailed for Seven Years After Copying Top Secret Files to Mobile Phone
A former GCHQ intern has been sentenced to seven-and-a-half years in prison after copying top secret data files onto his mobile phone and taking them to his home computer, creating what prosecutors described as a significant risk to national security.…
Katz Stealer Enhances Credential Theft Capabilities with System Fingerprinting and Persistence Mechanisms
A sophisticated new information-stealing malware known as Katz Stealer has emerged in 2025, demonstrating advanced credential theft capabilities combined with innovative persistence mechanisms that target popular applications like Discord. The malware-as-a-service (MaaS) platform represents a significant evolution in cybercriminal toolkits,…
Microsoft Purview DLP to Restrict Microsoft 365 Copilot in Processing Emails With Sensitive Labels
Microsoft has announced a significant enhancement to its data protection capabilities with the introduction of a new Data Loss Prevention (DLP) feature that will prevent Microsoft 365 Copilot from processing emails containing sensitivity labels. This development represents a crucial step…