An international ecosystem of sophisticated scam operations has emerged, targeting vulnerable populations through impersonation tactics and fraudulent financial aid promises. The campaign, dubbed “Vulnerability Vultures,” primarily focuses on older adults who represent lucrative targets for threat actors. According to the…
Tag: Cyber Security News
TransparentTribe Attack Linux-Based Systems of Indian Military Organizations to Deliver DeskRAT
TransparentTribe, a Pakistani-nexus intrusion set active since at least 2013, has intensified its cyber espionage operations targeting Linux-based systems of Indian military and defense organizations. The campaign, initially documented in July 2025 by CYFIRMA with activity traced back to June…
Jingle Thief Attackers Exploiting Festive Season with Weaponized Gift Card Attacks
As the festive season approaches, organizations are witnessing a disturbing increase in targeted attacks on digital gift card systems. The Jingle Thief campaign, orchestrated by financially motivated threat actors based in Morocco, has emerged as a notorious campaign exploiting seasonal…
New Python RAT Mimic as Legitimate Minecraft App Steals Sensitive Data from Users Computer
A sophisticated Python-based remote access trojan has emerged in the gaming community, disguising itself as a legitimate Minecraft client to compromise unsuspecting users. The malware, identified as a multi-function RAT, leverages the Telegram Bot API as its command and control…
Warlock Ransomware Actors Exploiting Sharepoint ToolShell Zero-Day Vulnerability in New Attack Wave
The cybersecurity landscape experienced a significant shift in July 2025 when threat actors associated with Warlock ransomware began exploiting a critical zero-day vulnerability in Microsoft SharePoint. Discovered on July 19, 2025, the ToolShell vulnerability, tracked as CVE-2025-53770, became a primary…
SideWinder Hacking Group Uses ClickOnce-Based Infection Chain to Deploy StealerBot Malware
The SideWinder advanced persistent threat group has emerged with a sophisticated new attack methodology that leverages ClickOnce applications to deploy StealerBot malware against diplomatic and governmental targets across South Asia. In September 2025, security researchers detected a targeted campaign affecting…
New Red Teaming Tool RedTiger Attacking Gamers and Discord Accounts in the Wild
RedTiger is an open-source red-teaming tool repurposed by attackers to steal sensitive data from Discord users and gamers. Released in 2025 on GitHub, RedTiger bundles penetration-testing utilities, including network scanners and OSINT tools. But its infostealer module has gone rogue,…
MuddyWater Using New Malware Toolkit to Deliver Phoenix Backdoor Malware to International Organizations
The Advanced Persistent Threat group MuddyWater, widely recognized as an Iran-linked espionage actor, has orchestrated a sophisticated phishing campaign targeting more than 100 government entities and international organizations across the Middle East, North Africa, and beyond. The operation, which became…
Amazon Uncovers Root Cause of Major AWS Outage That Brokes The Internet
Amazon Web Services (AWS), the backbone for countless websites and services, faced a severe outage last weekend that disrupted operations for millions. The incident, which unfolded in the early hours of October 20, 2025, exposed vulnerabilities in even the most…
New PhantomCaptcha RAT Weaponized PDFs to Deliver Malware Using ‘ClickFix’-Style Cloudflare Captcha Pages
A sophisticated spearphishing campaign has emerged targeting humanitarian organizations and Ukrainian government agencies, leveraging weaponized PDF attachments and fake Cloudflare verification pages to distribute a dangerous WebSocket-based remote access trojan. The operation, first uncovered in early October 2025, demonstrates a…
Hackers Exploited 73 0-Day Vulnerabilities and Earned $1,024,750
The hacking community celebrated the end of Pwn2Own Ireland 2025. Researchers demonstrated their skills by identifying 73 unique zero-day vulnerabilities across different devices. The event, hosted by the Zero Day Initiative (ZDI), distributed a staggering $1,024,750 in prizes, highlighting the…
HP OneAgent Update Brokes Trust And Disconnect Devices From Entra ID
The HP OneAgent software update has disconnected Windows devices from Microsoft Entra ID. As a result, users can no longer access their corporate identities. Version 1.2.50.9581 of the agent, pushed silently to HP’s Next Gen AI systems like the EliteBook…
New Fileless Remcos Attacks Bypassing EDRs Malicious Code into RMClient
Remcos, a commercial remote access tool marketed as legitimate surveillance software, has become the leading infostealer in malware campaigns during the third quarter of 2025, accounting for approximately 11 percent of detected cases. In a notable shift from traditional deployment…
Toys “R” Us Canada Confirms Data Breach – Customers Personal Data Stolen
Toys “R” Us Canada has alerted customers to a significant data breach that potentially exposed their personal information, marking another blow to consumer trust in retail data security. In emails dispatched to affected individuals this morning, the popular toy retailer…
Microsoft Releases Emergency Patch For Windows Server Update Service RCE Vulnerability
Microsoft has rolled out an out-of-band emergency patch for a remote code execution (RCE) vulnerability affecting the Windows Server Update Services (WSUS). Identified as CVE-2025-59287, the issue stems from the deserialization of untrusted data in a legacy serialization mechanism, allowing…
SharkStealer Using EtherHiding Pattern to Resolves Communications With C2 Channels
A sophisticated information-stealing malware written in Golang has emerged, leveraging blockchain technology to establish covert command-and-control channels. SharkStealer represents a significant evolution in malware design, utilizing the BNB Smart Chain Testnet as a resilient dead-drop resolver for its C2 infrastructure.…
New PDF Tool to Detect Malicious PDF Using PDF Object Hashing Technique
A new open-source tool called PDF Object Hashing is designed to detect malicious PDFs by analyzing their structural “fingerprints.” Released by Proofpoint, the tool empowers security teams to create robust threat detection rules based on unique object characteristics in PDF…
Threat Actors Attacking Azure Blob Storage to Compromise Organizational Repositories
Cybersecurity researchers have identified a sophisticated campaign where threat actors are leveraging compromised credentials to infiltrate Azure Blob Storage containers, targeting organizations’ critical code repositories and sensitive data. This emerging threat exploits misconfigured storage access controls to establish persistence and…
Hackers Abuse Microsoft 365 Exchange Direct Send to Bypass Content Filters and Harvest Sensitive Data
Microsoft 365 Exchange Online’s Direct Send feature, originally designed to enable legacy devices and applications to send emails without authentication, has become an exploitable pathway for cybercriminals conducting sophisticated phishing and business email compromise attacks. The feature allows multifunction printers,…
Bitter APT Hackers Exploit WinRAR Zero-Day Via Weaponized Word Documents to Steal Sensitive Data
The Bitter APT group, also tracked as APT-Q-37 and known in China as 蔓灵花, has launched a sophisticated cyberespionage campaign targeting government agencies, military installations, and critical infrastructure across China and Pakistan. The threat actor has deployed weaponized Microsoft Office…