Tag: Cyber Security News

Security researchers at Proofpoint have uncovered a sophisticated web inject campaign targeting MacOS users with a new information-stealing malware called FrigidStealer. The operation involves two newly identified threat actors, TA2726 and TA2727, collaborating to compromise legitimate websites and redirect victims…

Read more →

A surge in malicious web inject campaigns has introduced FrigidStealer, a new macOS-specific information stealer, deployed via fake browser update prompts. Cybersecurity firm Proofpoint identified two previously unknown threat actors, TA2726 and TA2727, collaborating to distribute this malware globally, marking…

Read more →

The Russian cybercriminal group CryptoBytes has intensified its ransomware campaigns using a modified version of the UxCryptor malware, according to new findings from SonicWall’s Capture Labs threat research team. This financially motivated group, active since at least 2023, leverages leaked…

Read more →

A sophisticated malware campaign attributed to the SmartApeSG threat actor (also tracked as ZPHP/HANEYMANEY) has targeted users through compromised websites since early 2024, deploying NetSupport RAT and StealC malware via fraudulent browser update notifications. The campaign exemplifies the growing sophistication…

Read more →

Since its emergence in March 2024, the BlackLock ransomware operation (aka El Dorado) has executed a meteoric rise through the ransomware-as-a-service (RaaS) ranks, leveraging custom-built malware and sophisticated anti-detection techniques to compromise Windows, VMWare ESXi, and Linux environments. By Q4…

Read more →

A coordinated cyber espionage campaign, attributed to North Korea’s state-sponsored Kimsuky group (APT43), has targeted South Korean businesses, government agencies, and cryptocurrency users since late 2024. Dubbed ‘DEEP#DRIVE’ by researchers at Securonix, the operation leverages phishing lures, obfuscated PowerShell scripts,…

Read more →

Palo Alto Networks has issued urgent warnings as cybersecurity researchers observe threat actors exploiting a combination of vulnerabilities in PAN-OS, the operating system powering its next-generation firewalls. Coordinated attacks, which bypass chain authentication and privilege escalation flaws, enable unauthorized access…

Read more →

A new class of cyber threats leveraging $10 infostealer malware kits has compromised critical U.S. military, defense contractor, and federal agency systems, exposing vulnerabilities in national security infrastructure. According to Hudson Rock’s cybercrime intelligence data, over 30,000 infected devices across…

Read more →

Recent advances in cybercrime strategies are reviving the carding sector, with threat actors leveraging stolen credit card data to create fraudulent Apple Pay and Google Wallet accounts.  Dubbed “Ghost Tap,” this new attack methodology uses Near Field Communication (NFC) relay…

Read more →

Lee Enterprises, one of the largest newspaper publishers in the U.S., has confirmed a cybersecurity attack involving adversarial encryption of critical business applications and data exfiltration through double-extortion ransomware tactics. The incident has disrupted print distribution, billing systems, and digital…

Read more →

Google Threat Intelligence Group (GTIG) reveal an escalating campaign by multiple Russia-aligned threat actors targeting Signal Messenger users through sophisticated exploitation of the app’s “linked devices” feature. These attacks, primarily focused on Ukrainian military personnel, government officials, journalists, and activists,…

Read more →

Raymond Limited, a textile and clothing company, reported a cybersecurity attack that affected some of its IT infrastructure.  In a regulatory filing to the Bombay Stock Exchange (BSE) and National Stock Exchange (NSE), the company confirmed that threat actors breached…

Read more →

South Korea’s Personal Information Protection Commission (PIPC) announced today that the Chinese AI chatbot DeepSeek transmitted sensitive user data to servers controlled by ByteDance, TikTok’s Beijing-based parent company.  The findings follow a technical audit revealing critical security flaws, including unencrypted…

Read more →

As the 2025 U.S. tax season reaches its peak, cybersecurity analysts report a dramatic escalation in phishing campaigns exploiting IRS and federal tax themes. Between January 1 and February 18, threat actors registered 158 unique domains mimicking official IRS subdomains…

Read more →

A new wave of “Scam-Yourself” attacks leveraging AI-generated deepfake videos and malicious scripts is targeting cryptocurrency enthusiasts and financial traders, marking a dangerous evolution in social engineering tactics. Discovered by cybersecurity researchers at Gen Digital, this campaign exploits verified YouTube…

Read more →

Passwords are the first line of defense for protecting sensitive data, yet millions of users worldwide continue to rely on weak and predictable combinations.  A recent study by KnownHost reveals alarming trends in password security. It shows that many commonly…

Read more →

A severe security flaw in the Jupiter X Core plugin for WordPress exposed over 90,000 websites to Local File Inclusion (LFI) and Remote Code Execution (RCE) attacks.  The vulnerability tracked as CVE-2025-0366 with a CVSS score of 8.8 (High), enables authenticated attackers…

Read more →

Mozilla has released Firefox 135.0.1, a stability and security update addressing a high-severity memory safety vulnerability (CVE-2025-1414) that exposed users to potential remote code execution (RCE) attacks.  The patch resolves critical flaws in Firefox 135.0, which could have allowed attackers…

Read more →

A hacker operating under the alias “exelo” has allegedly advertised a database containing 602,800 Yahoo email accounts on an underground forum.  The post claims the dataset is “private and non-Russian. ” The full list costs $100. A free sample of…

Read more →

A critical vulnerability in Apache Ignite tracked as CVE-2024-52577, exposes systems to remote code execution (RCE) attacks due to improper enforcement of class serialization filters.  Rated CVSS 9.8, this flaw affects Ignite versions 2.6.0 through 2.16.x, enabling attackers to execute…

Read more →