Ransomware operators have increasingly turned to a sophisticated new malware tool called Skitnet, also known as “Bossnet,” to enhance their post-exploitation capabilities and evade traditional security measures. First emerging on underground cybercrime forums in April 2024, this multi-stage malware has…
Category: Cyber Security News
Bitter Malware Using Custom-Developed Tools To Evade Detection In Sophisticated Attacks
A comprehensive analysis of the Bitter espionage group has revealed eight years of sustained cyber operations employing increasingly sophisticated custom-developed malware tools designed to evade detection while conducting intelligence gathering activities. The threat actor, also known as TA397, has demonstrated…
New Report Uncover That Chinese Hackers Attempted To Compromise SentinelOne’s Own Servers
Chinese state-sponsored hackers launched sophisticated reconnaissance operations against cybersecurity giant SentinelOne’s infrastructure in October 2024, representing part of a broader campaign targeting over 70 organizations worldwide. The previously undisclosed attacks, detailed in a comprehensive report released by SentinelLabs on June…
APT41 Hackers Using Google Calendar for Malware Command-and-Control To Attack Government Entities
A recent campaign by Chinese state-sponsored threat actor APT41 has unveiled a novel exploitation of Google Calendar for malware command-and-control (C2) operations, marking a significant escalation in cyberespionage tactics. The group, tracked under aliases including BARIUM and Brass Typhoon, targeted…
Google Warns of Cybercriminals Increasingly Attacking US Users to Steal Login Credentials
Google’s latest comprehensive survey reveals a concerning surge in cybercriminal activities targeting American users, with over 60% of U.S. consumers reporting a noticeable increase in scam attempts over the past year. The technology giant’s collaboration with Morning Consult has unveiled…
New DuplexSpy RAT Let Attackers Gain Complete Control of Windows Machine
Cybersecurity researchers have identified a sophisticated new remote access trojan called DuplexSpy RAT that enables attackers to establish comprehensive surveillance and control over Windows systems. This multifunctional malware represents a growing trend in modular, GUI-driven threats that significantly lower the…
New Blitz Malware Attacking Windows Servers to Deploy Monero Miner
A sophisticated new malware campaign has emerged targeting Windows systems through an elaborate social engineering scheme involving backdoored gaming software. The Blitz malware, first identified in late 2024 and evolving through 2025, represents a concerning trend of cybercriminals exploiting gaming…
Developers Beware! 16 React Native Packages With Million of Download Compromised Overnight
A sophisticated supply chain attack has compromised 16 popular React Native packages with over one million combined weekly downloads, marking a significant escalation in ongoing NPM ecosystem threats. The attack, which began on June 6th, 2025, systematically backdoored packages within…
How to Use SIEM Tools for Real-Time Threat Monitoring
Real-time threat monitoring through Security Information and Event Management (SIEM) tools has become crucial for organizations seeking to defend against sophisticated cyberattacks. Real-time threat detection refers to the ability to identify and respond to cyber threats as they occur, minimizing…
Malicious npm Packages as Utilities Let Attackers Destroy Production Systems
Security researchers have uncovered a disturbing new threat in the npm ecosystem where malicious packages masquerade as legitimate utilities while harboring destructive backdoors capable of wiping entire production environments. These packages represent a significant escalation from traditional credential theft or…
Top 5 Best Cybersecurity Companies Leading The Industry Right Now in 2025
If you’re shopping around for cybersecurity solutions in 2025, you’re probably feeling a little overwhelmed and not sure where to turn. Not only are there more attacks than ever before (and more sophisticated), but there are a wide range of…
Critical Wazuh Server RCE Vulnerability Exploited to Deploy Mirai Variants
Security researchers at Akamai have discovered active exploitation of a critical remote code execution vulnerability in Wazuh servers, marking the first reported in-the-wild attacks against the open-source security platform since the flaw’s disclosure earlier this year. The vulnerability, tracked as…
United Natural Foods Suffers Cyberattack – System Operations Halted
Major grocery distributor takes systems offline following security breach, disrupting supply chain operations. United Natural Foods, Inc. (UNFI), one of North America’s largest wholesale food distributors, is grappling with a significant cyberattack that has forced the company to halt critical…
OpenAI Banned ChatGPT Accounts Used by Russian, Iranian, and Chinese Hackers
OpenAI has disrupted a sophisticated network of state-sponsored threat actors from Russia, Iran, and China who were exploiting ChatGPT to conduct cyber operations, influence campaigns, and malware development. The artificial intelligence company’s latest threat intelligence report, released in June 2025,…
Meta Found a New Way to Track Android Users Covertly via Facebook & Instagram
A sophisticated tracking method employed by Meta (Facebook) and Yandex that potentially affected billions of Android users through covert web-to-app communications via localhost sockets. The technique allowed native Android apps, including Facebook and Instagram, to silently receive browser metadata, cookies,…
Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment For Enterprises
Tel Aviv, Israel, June 9th, 2025, CyberNewsWire Available to the public and debuting at the Gartner Security & Risk Management Summit,Browser total is a first of its kind browser security assessment tool conducting more than 120tests to provide posture standing,…
GhostVendors – Hackers Registered 4000+ Domains Mimic popular Major Brands
A sophisticated scam operation dubbed “GhostVendors” that exploits over 4,000 fraudulent domains to impersonate dozens of major brands and defraud consumers through fake online marketplaces. Silent Push Threat Analysts revealed this massive campaign targets social networks, major brands, advertising companies,…
Triple Combo – Kimsuky Hackers Attack Facebook, Email, and Telegram Users
North Korean state-sponsored hackers from the notorious Kimsuky group have launched a sophisticated multi-platform campaign targeting users across Facebook, email, and Telegram platforms between March and April 2025. The Advanced Persistent Threat (APT) operation, dubbed the “Triple Combo” attack, represents…
Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment For Enterprises
Tel Aviv, Israel, June 9th, 2025, CyberNewsWire Available to the public and debuting at the Gartner Security & Risk Management Summit,Browser total is a first of its kind browser security assessment tool conducting more than 120tests to provide posture standing,…
Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment For Enterprises
Tel Aviv, Israel, June 9th, 2025, CyberNewsWire Available to the public and debuting at the Gartner Security & Risk Management Summit,Browser total is a first of its kind browser security assessment tool conducting more than 120tests to provide posture standing,…