A newly identified information-stealing malware, dubbed PupkinStealer, Developed in C# using the .NET framework, this lightweight yet effective malware targets sensitive user data, including browser credentials, desktop files, messaging app sessions, and screenshots. According to a CYFIRMA detailed analysis shared…
Tag: Cyber Security News
Beware! Fake AI Video Generation Platforms Drop Stealer Malware on Your Computers
As artificial intelligence (AI) tools gain mainstream traction for content creation, cybercriminals are capitalizing on the hype with a sophisticated new attack vector, fake AI platforms promising advanced video and image editing capabilities. These fraudulent sites, amplified through viral social…
20 Years old Proxy Botnet Network Dismantled That Exploits 1000 Unique Unpatched Devices Weekly
In a coordinated effort, Lumen Technologies’ Black Lotus Labs, the U.S. Department of Justice (DOJ), the Federal Bureau of Investigation (FBI), and the Dutch National Police have dismantled a sophisticated criminal proxy network that has operated since 2004. The botnet,…
Chinese Hackers Exploit SAP RCE Vulnerability to Upload Supershell Backdoors
A critical remote code execution vulnerability in SAP NetWeaver Visual Composer (CVE-2025-31324) is being actively exploited by a Chinese threat actor to compromise enterprise systems worldwide. The vulnerability allows attackers to achieve remote code execution by uploading malicious web shells…
Threat Actors Attacking Job Seekers With Three New Unique Adversaries
A significant surge in sophisticated recruitment scams has emerged, with cybercriminals exploiting economic vulnerabilities and the competitive job market to target desperate job seekers. These scams employ increasingly refined social engineering tactics that blend legitimate recruitment practices with fraudulent schemes,…
Hackers Attacking IT Admins by Poisoning SEO to Move Malware on Top of Search Results
Cybersecurity experts have uncovered a sophisticated attack campaign targeting IT administrators through search engine optimization (SEO) poisoning tactics. Threat actors are leveraging advanced SEO techniques to push malicious versions of commonly used administrative tools to the top of search engine…
Malicious Python Package Mimic as Attacking Discord Developers With Malicious Remote Commands
A seemingly innocent Python package has been unmasked as a sophisticated remote access trojan (RAT) targeting the Discord developer community. On March 21, 2022, a package named ‘discordpydebug’ appeared on the Python Package Index (PyPI) under the innocuous description “Discord…
New Mamona Ransomware Attack Windows Machines by Abusing Ping Commands
A new ransomware strain dubbed “Mamona” that operates entirely offline and leverages a clever attack strategy that abuses the Windows ping command. Unlike traditional ransomware that communicates with remote servers, Mamona works completely offline, making it particularly difficult to detect…
5 Must-Have Security Features for Native Apps
Native apps are built compatible with a platform or operating system, such as iOS or Android. While unrestricted access to all device functionalities (camera, GPS, and push notifications) makes native apps attractive for users, it also poses significant risks. Cyber…
New Supply Chain Attack Targets Legitimate npm Package with 45,000 Weekly Downloads
A sophisticated supply chain attack targeting the popular npm package ‘rand-user-agent’ was discovered on May 5, 2025. The compromise affects a legitimate JavaScript library used to generate randomized user-agent strings for web scraping operations, inserting malicious code that establishes remote…
Threat Actors Using Multimedia Systems Via Stealthy Vishing Attack
Cybercriminals have developed sophisticated vishing techniques that leverage multimedia file formats to bypass security systems and target unsuspecting victims. These new attack vectors, observed in early 2025, represent an evolution in social engineering tactics where threat actors exploit commonly trusted…
Scattered Spider Malware Targeting Klaviyo, HubSpot, and Pure Storage Services
Cybersecurity experts have identified an escalating campaign by the notorious hacker collective Scattered Spider, which continues to evolve its sophisticated attack methods in 2025. The group, active since at least 2022, has shifted focus to target business services including Klaviyo,…
LockBit Hacked – 20 Critical CVEs Exploited by LockBit Uncovered
The notorious LockBit ransomware gang website has been hacked. On May 7, 2025, the group’s dark web affiliate panels were defaced with the message “Don’t do crime CRIME IS BAD xoxo from Prague,” accompanied by a link to a MySQL database…
Hackers Weaponizing PDF Invoices to Attack Windows, Linux & macOS Systems
A sophisticated multilayered email attack campaign has emerged, utilizing weaponized PDF invoices as the initial vector to deliver remote access trojan (RAT) malware across multiple platforms. The attack primarily targets Windows systems but can also affect Linux and macOS devices…
Hackers Using Windows Remote Management to Stealthily Navigate Active Directory Network
Threat actors increasingly leverage Windows Remote Management (WinRM) to move stealthily within Active Directory (AD) environments, evading traditional detection mechanisms while escalating privileges and deploying malicious payloads. WinRM, Microsoft’s implementation of the WS-Management protocol, is a core component of Windows…
Critical Azure & Power Apps Vulnerabilities Let Attackers Escalate Privileges
Microsoft has patched four critical security vulnerabilities affecting several core cloud services including Azure DevOps, Azure Automation, Azure Storage, and Microsoft Power Apps. These high-severity flaws, disclosed on May 9, 2025, could potentially allow attackers to escalate privileges and compromise…
25 Best Cloud Service Providers (Public and Private) in 2025
As technology advances, more and more organizations are turning to cloud computing as a necessary solution for their data storage and processing needs. Cloud computing is a widely accepted trend in the information technology industry, and it allows users to…
FBI Warns of Hackers Compromising End-of-Life Routers to Hide Their Activity
The Federal Bureau of Investigation has issued an urgent public service announcement warning that cybercriminals are actively exploiting outdated routers to build extensive proxy networks for illicit activities. According to a recent FBI FLASH report, threat actors are targeting end-of-life…
Indirect Prompt Injection Leverage LLMs as They Lack Informational Context
Cybersecurity researchers have identified a growing threat vector targeting artificial intelligence systems through a technique known as indirect prompt injection. Unlike traditional attacks that directly manipulate an LLM’s user interface, these sophisticated attacks embed malicious instructions within external content that…
FreeDrain Phishing Attack Users to Steal Users Financial Login Credentials
A sprawling phishing operation dubbed “FreeDrain” has emerged as an industrial-scale cryptocurrency theft network that systematically targets and drains digital wallets. This sophisticated campaign leverages search engine manipulation and free-tier web hosting services to create an extensive web of malicious…