AI-powered malware, known as ‘MalTerminal’, uses OpenAI’s GPT-4 model to dynamically generate malicious code, including ransomware and reverse shells, marking a significant shift in how threats are developed and deployed. This discovery follows the recent analysis of PromptLock, another AI-driven…
Tag: Cyber Security News
Threat Actors Selling New Undetectable RAT as ’ScreenConnect FUD Alternative’
A threat actor has been observed advertising a new Remote Access Trojan (RAT) on underground forums, marketing it as a fully undetectable (FUD) alternative to the legitimate remote access tool, ScreenConnect. The malware is being sold with a suite of…
SystemBC Botnet Hacked 1,500 VPS Servers Daily to Hire for DDoS Attack
The emergence of the SystemBC botnet marks a significant evolution in proxy-based criminal infrastructure. Rather than co-opt residential devices for proxying, SystemBC operators have shifted to compromising large commercial Virtual Private Servers (VPS), enabling high-volume proxy services with minimal disruption…
Researchers Uncover Link Between Belsen and ZeroSeven Cybercriminal Groups
Cybersecurity researchers have identified a potential connection between two Yemen-based cybercriminal organizations, the Belsen Group and ZeroSevenGroup, following an extensive investigation into their operational patterns and attack methodologies. The discovery comes amid growing concerns about sophisticated network intrusion campaigns targeting…
Beware of Weaponized ScreenConnect App That Delivers AsyncRAT and PowerShell RAT
The emergence of a new campaign weaponizing legitimate remote monitoring and management software has alarmed security teams worldwide. Attackers are distributing trojanized installers for ConnectWise ScreenConnect—now known as ConnectWise Control—to deliver dual payloads: the widely used AsyncRAT and a custom…
ChatGPT Tricked Into Bypassing CAPTCHA Security and Enterprise Defenses
ChatGPT agents can be manipulated into bypassing their own safety protocols to solve CAPTCHA, raising significant concerns about the robustness of both AI guardrails and widely used anti-bot systems. The SPLX findings show that through a technique known as prompt…
CISA Warns of Hackers Exploiting Ivanti Endpoint Manager Mobile Vulnerabilities to Deploy Malware
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding sophisticated malware campaigns targeting Ivanti Endpoint Manager Mobile (EPMM) systems. Cybercriminals are actively exploiting two critical vulnerabilities, CVE-2025-4427 and CVE-2025-4428, to deploy advanced persistent threats that enable…
Luxury Jewelry Creator Tiffany Confirms Data breach – Hackers Stolen Users Personal Information
Luxury jewelry brand Tiffany and Company has confirmed a data breach that resulted in the theft of customers’ personal information. The company is in the process of sending out notification letters to affected individuals, detailing the scope of the incident…
HubSpot’s Jinjava Engine Vulnerability Exposes Thousands of Websites to RCE Attacks
A newly disclosed flaw in HubSpot’s open-source Jinjava template engine could allow attackers to bypass sandbox restrictions and achieve remote code execution (RCE) on thousands of websites relying on versions prior to 2.8.1. Tracked as CVE-2025-59340 and rated Critical with…
Critical GoAnywhere MFT Platform Vulnerability Exposes Enterprises to Remote Exploitation
A deserialization flaw in the License Servlet component of Fortra GoAnywhere Managed File Transfer (MFT) platform. Identified as CVE-2025-10035, this vulnerability permits an unauthenticated attacker who can deliver a forged license response signature to trigger Java deserialization of attacker-supplied objects,…
RDP vs SSH Comparison – Features, Protocols, Security, And Use Cases
Remote Desktop Protocol (RDP) and Secure Shell (SSH) have changed how organizations manage their IT systems. These tools allow employees to access and control their computers from anywhere, which helps teams work together better. By enabling secure connections to work…
Qilin Led Ransomware Attack Claimed to Compromised 104 Organizations in August
The ransomware threat landscape witnessed a dramatic shift in August 2025 as the Qilin group claimed responsibility for 104 separate attacks worldwide. Emerging earlier this year, Qilin quickly cemented its position through aggressive double-extortion tactics and a broad affiliate recruitment…
New Malware Loader ‘CountLoader’ Weaponized PDF File to Deliver Ransomware
In recent months, security teams have observed the emergence of a sophisticated malware loader, dubbed CountLoader, which leverages weaponized PDF files to deliver ransomware payloads. First detected in late August 2025, CountLoader is linked to multiple Russian-speaking cybercriminal groups, including…
Global Spyware Markets to Identify New Entities Entering The Market
The global spyware market continues its alarming expansion, with new research revealing the emergence of 130 additional entities spanning 46 countries between 1992 and 2024. This shadowy ecosystem of surveillance technologies has grown from 435 documented entities in the initial…
New iOS Video Injection Tool Bypasses Biometric Verification with Jailbroken iPhones
A sophisticated new attack tool targeting jailbroken iOS devices has emerged, representing a significant escalation in digital identity fraud capabilities. The discovery by iProov’s threat intelligence team reveals a highly specialized tool designed to perform advanced video injection attacks on…
Splunk Releases Guide to Detect Remote Employment Fraud Within Your Organization
Detecting remote employment fraud has become a critical priority for organizations striving to secure their digital onboarding processes and safeguard sensitive systems. In recent months, threat actors posing as legitimate hires have leveraged sophisticated tactics to bypass pre-hire screenings and…
UK Arrested 2 Scattered Spider Hackers Linked to London Transport System Breach
UK law enforcement has arrested two individuals linked to the notorious Scattered Spider cybercriminal group, including 19-year-old Thalha Jubair from London, who faces charges in connection with over 120 network intrusions that resulted in more than $115 million in ransom…
Russian Airline Suffered Cyberattack Website and Other Systems Affected
Krasnoyarsk Regional Airlines (KrasAvia) confirmed a sophisticated cyberattack that has rendered its primary online services inoperable. The breach targeted the airline’s web portal and associated back-end systems, including the Passenger Service System (PSS) and flight planning applications. As a result,…
New Phishing Attack Targets Facebook Users to Steal Login Credentials
A sophisticated phishing campaign has recently emerged, targeting Facebook users with carefully crafted emails designed to harvest login credentials. Attackers leverage the platform’s own external URL warning system to cloak malicious links, presenting URLs that appear legitimate while redirecting victims…
SolarWinds Releases Advisory on Salesloft Drift Security Incident
SolarWinds has released an advisory regarding a security incident involving the Salesloft Drift integration for Salesforce, which led to unauthorized data access. The company confirmed that its own systems were not impacted by the breach, but is treating the matter…