A major security threat has emerged targeting software developers worldwide. North Korean state-sponsored threat actors, operating under the “Contagious Interview” campaign, are systematically spreading malicious packages across npm, GitHub, and Vercel infrastructure to deliver OtterCookie malware. This sophisticated multi-stage operation…
Category: Cyber Security News
KawaiiGPT – Free WormGPT Variant Leveraging DeepSeek, Gemini, and Kimi-K2 AI Models
KawaiiGPT emerges as an accessible, open-source tool that mimics the controversial WormGPT, providing unrestricted AI assistance via jailbroken large language models. Hosted on GitHub with over 188 stars and 52 forks, it requires no API keys and installs quickly on…
Threat Actors Leverage Fake Update Lures to Deliver SocGholish Malware
Threat actors continue to exploit a dangerous vulnerability in user behavior by deploying fake software updates to deliver the SocGholish malware. This malware delivery framework has evolved significantly since its discovery in 2017, transforming from a simple web-based nuisance into…
ByteToBreach Cybercriminal Selling Sensitive Global Data from Airlines, Banks, and Governments
A cybercriminal operating under the alias ByteToBreach has emerged as a notable threat actor in the underground market, actively selling and leaking sensitive data from airlines, banks, universities, and government entities worldwide. Active since at least June 2025, this threat…
Angular HTTP Client Vulnerability Exposes XSRF Token to an Attacker-Controlled Domain
A critical security vulnerability has been discovered in the Angular framework that could allow attackers to steal sensitive user security tokens. The vulnerability, tracked as CVE-2025-66035, affects the Angular HttpClient and involves the accidental leakage of Cross-Site Request Forgery (XSRF) tokens. Angular applications…
Malicious Chrome Extension Silently Steal and Injects Hidden SOL Fees Into Solana Swaps
A new threat has emerged in the Solana trading community. Security researchers have discovered a malicious Chrome extension named Crypto Copilot that appears to offer convenient trading features but secretly siphons cryptocurrency from users during transactions. Published on the Chrome…
Hackers Actively Attacking Telecommunications & Media Industry to Deploy Malicious Payloads
Cybercriminals are launching increasingly sophisticated attacks against the telecommunications and media industry, focusing their efforts on deploying malicious payloads that compromise critical infrastructure. Recent security analysis reveals a concerning trend where threat actors are systematically targeting network operators, media platforms,…
OpenAI Discloses Mixpanel Data Breach – Name, Email Address and Operating System Details Exposed
The company has publicly revealed a security incident involving Mixpanel, a third-party analytics provider previously used to monitor activity on platform.openai.com, the frontend for its API product. The company emphasized transparency in its announcement, assuring users that the breach did not…
Hackers Exploiting Fake Battlefield 6 Popularity to Deploy Stealers and C2 Agents
Since its release in October, Battlefield 6 has become one of the year’s most anticipated game launches. However, cybercriminals have quickly seized on this popularity to distribute malicious software. Attackers have created fake cracked versions of the game and fraudulent…
New Malware-as-a-Service Olymp Loader Advertised on Hacker Forums with It’s Anti-analysis and Detection Features
A new Malware-as-a-Service (MaaS) threat named “Olymp Loader” appeared in June 2025, aggressively advertised on underground hacker forums like XSS and HackForums. Advertised by an operator known as “OLYMPO,” this malware is marketed as a sophisticated tool written entirely in…
Hackers Tricks macOS Users to Execute Command in Terminal to Deliver FlexibleFerret Malware
Cybercriminals are successfully targeting Apple users through a sophisticated social engineering scheme that tricks victims into running harmful commands on their computers. The threat, called FlexibleFerret, is attributed to North Korean operators and represents a continuing evolution of the Contagious…
Threat Actors Allegedly Listed iOS 26 Full‑Chain 0‑Day Exploit on Dark Web
A threat actor operating under the alias ResearcherX has posted what they claim to be a full‑chain zero‑day exploit targeting Apple’s recently released iOS 26 operating system. The listing, which appeared on a prominent dark web marketplace, alleges that the…
Microsoft Teams Guest Chat Vulnerability Exposes Users to Malware Attack
A significant gap in Microsoft Teams’ B2B guest access allows attackers to bypass Defender for Office 365 protections, creating unprotected zones for phishing and malware delivery. At Cybersecurity News, we recently highlighted how Microsoft Teams’ New “Chat with Anyone” Feature…
New Unauthenticated DoS Vulnerability Crashes Next.js Servers with a Single Request
A newly discovered critical vulnerability in the Next.js framework allows attackers to crash self-hosted servers using a single HTTP request, requiring negligible resources to execute. Discovered by researchers at Harmony Intelligence, the denial-of-service (DoS) flaw affects widespread versions of the…
North Korean Hackers Evade UN Sanctions Leveraging Cyber Capabilities, IT Workers and Crypto Activities
The Democratic People’s Republic of Korea (DPRK) has intensified its global cyber operations, systematically violating United Nations Security Council resolutions through large-scale cyberattacks, cryptocurrency theft, and cross-border money laundering schemes. According to the Multilateral Sanctions Monitoring Team (MSMT) report, North…
Teaching Claude to Cheat Reward Hacking Coding Tasks Makes Them Behave Maliciously in Other Tasks
A new research study from Anthropic has uncovered a concerning pattern in large language models: when these AI systems are trained to pursue specific goals, they can develop reward hacking behaviors that lead to malicious actions in other scenarios. The…
Microsoft Security Keys May Require PIN After Recent Windows Updates
Microsoft has confirmed that FIDO2 security keys on Windows 11 may now prompt users to set up a PIN during authentication following specific recent updates, aligning with WebAuthn standards for enhanced user verification. The change began with the September 29,…
11 Best Enterprise Remote Access Software – 2025
In today’s hyper-connected business landscape, enterprise remote access software is no longer a luxury it’s a necessity. Organizations are embracing hybrid and remote work models, requiring secure, scalable, and efficient solutions to connect teams, manage IT assets, and protect sensitive…
Water Gamayun APT Hackers Exploit MSC EvilTwin Vulnerability to Inject Malicious Code
Water Gamayun, a persistent threat group, has recently intensified its efforts by exploiting a newly identified MSC EvilTwin vulnerability (CVE-2025-26633) in Windows systems. This malware campaign is marked by its use of multi-stage attacks targeting enterprise and government organizations, aiming…
New “JackFix” Attack Leverages Windows Updates into Executing Malicious Commands
A sophisticated ClickFix campaign dubbed “JackFix” that uses fake adult websites to hijack screens with realistic Windows Update prompts, tricking users into running multistage malware payloads. Attackers mimic popular adult sites like xHamster clones to lure victims, likely via malvertising…