A sophisticated attack technique was uncovered where cybercriminals exploit free trials of Endpoint Detection and Response (EDR) software to disable existing security protections on compromised systems. This method, dubbed BYOEDR (Bring Your Own EDR), represents a concerning evolution in defense…
Tag: Cyber Security News
Threat Actors Embed Malicious RMM Tools to Gain Silent Initial Access to Organizations
A sophisticated cyber campaign leveraging legitimate Remote Monitoring and Management (RMM) tools has emerged as a significant threat to European organizations, particularly those in France and Luxembourg. Since November 2024, threat actors have been deploying carefully crafted PDF documents containing…
Unit 42 Unveils Attribution Framework to Classify Threat Actors Based on Activity
Palo Alto Networks’ Unit 42 threat research team has introduced a groundbreaking systematic approach to threat actor attribution, addressing longstanding challenges in cybersecurity intelligence analysis. The Unit 42 Attribution Framework, unveiled on July 31, 2025, transforms what has traditionally been…
New Banking Malware DoubleTrouble Attacking Users Via Phishing Sites To Steal Banking Credentials
A sophisticated new banking trojan dubbed DoubleTrouble has emerged as a significant threat to mobile users across Europe, employing advanced evasion techniques and expanding its attack surface through novel distribution channels. The malware initially spread through phishing websites impersonating well-known…
First AI-Powered Malware LAMEHUG Attacking Organizations With Compromised Official Email Account
The cybersecurity landscape has witnessed a groundbreaking and concerning development with the emergence of LAMEHUG, the first publicly documented malware to integrate artificial intelligence capabilities for automated cyberattacks. This sophisticated malware, developed by the notorious Russian threat actor group APT28…
Anubis Ransomware Attacking Android and Windows Users to Encrypt Files and Steal Login Credentials
A sophisticated new ransomware threat has emerged from the cybercriminal underground, targeting both Android and Windows platforms with dual capabilities that extend far beyond traditional file encryption. Anubis ransomware, first identified in November 2024, represents a concerning evolution in malware…
Silver Fox Hackers Using Weaponized Google Translate Tools to Deploy Windows Malware
A sophisticated malware campaign has emerged targeting unsuspecting users through weaponized versions of popular online tools, particularly Google Translate interfaces. The Silver Fox threat actors have developed an intricate attack chain that leverages social engineering tactics to deliver the notorious…
Navigating APTs – Singapore’s Cautious Response to State-Linked Cyber Attacks
Singapore’s cybersecurity landscape faced a significant challenge in July 2025 when Coordinating Minister K. Shanmugam disclosed that the nation was actively defending against UNC3886, a highly sophisticated Advanced Persistent Threat (APT) group targeting critical infrastructure. The revelation, announced during the…
North Korean APT Hackers Poison CI/CD Pipelines To Exfiltrate Sensitive Data
A sophisticated espionage campaign orchestrated by the North Korea-backed Lazarus Group has successfully infiltrated open source software ecosystems on an unprecedented scale, transforming trusted developer tools into weapons of cyber espionage. The campaign represents a strategic evolution in state-sponsored cyber…
Ransomware Groups Using TrickBot Malware to Exfiltrate US$724 Million in Cryptocurrency
The cybersecurity landscape continues to evolve as ransomware groups adopt increasingly sophisticated tactics to maximize their financial gains. The TrickBot malware family has emerged as a central component in a massive cryptocurrency extortion scheme, with ransomware-as-a-service (RaaS) groups leveraging this…
NOVABLIGHT as Educational Tool Attacking Users to Steal Login Credentials and Compromise Wallets
A sophisticated new threat has emerged in the cybercriminal landscape, masquerading as an educational tool while orchestrating large-scale credential theft and wallet compromise operations. NOVABLIGHT, a NodeJS-based Malware-as-a-Service (MaaS) information stealer, represents a concerning evolution in cybercrime accessibility, allowing virtually…
Chinese Silk Typhoon Hackers Filed 10+ Patents for Highly Intrusive Hacking Tools
Chinese state-sponsored hackers associated with the notorious Silk Typhoon group have filed over ten patents for sophisticated cyber espionage tools, revealing the unprecedented scope of their offensive capabilities. These patent applications, registered by companies linked to China’s Ministry of State…
Hackers Delivering Cobalt Strike Beacon Leveraging GitHub and Social Media
A sophisticated cyberattack campaign targeting the Russian IT industry has emerged, demonstrating how threat actors are increasingly leveraging legitimate online platforms to distribute the notorious Cobalt Strike Beacon malware. The campaign, which peaked during November and December 2024 and continued…
CISA Open-sources Malware and Forensic Analysis Tool Thorium to Public Availability
The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with Sandia National Laboratories, today announced the public release of Thorium, a highly scalable and distributed platform designed for automated file analysis and result aggregation. The new tool aims to significantly…
Researchers Detailed North Korean Threat Actors Technical Strategies to Uncover Illicit Access
North Korean threat actors have evolved their cybercriminal operations into a sophisticated digital deception campaign that has successfully siphoned at least $88 million USD from organizations worldwide. These operatives, masquerading as legitimate freelance developers, IT staff, and contractors, have exploited…
17K+ SharePoint Servers Exposed to Internet – 840 Servers Vulnerable to 0-Day Attacks
A massive exposure of Microsoft SharePoint servers to internet-based attacks has been identified, with over 17,000 servers exposed and 840 specifically vulnerable to the critical zero-day vulnerability CVE-2025-53770, according to new findings from Shadowserver Foundation. The vulnerability, dubbed “ToolShell” by…
5 Best IT Infrastructure Modernisation Services In 2025
In 2025, modernizing outdated IT infrastructure is key for organizations aiming to stay competitive, secure, and scalable. Finding a reliable partner is not easy, so for this guide, we’ve prepared the list of the 5 best IT infrastructure modernisation services…
Hacker Arrested for Stealing Users Personal Data from Spanish Banks
Spanish authorities have successfully apprehended a sophisticated cybercriminal operating from Girona province, who allegedly orchestrated multiple data breaches targeting financial institutions, educational organizations, and private companies. The arrest represents a significant victory in the ongoing fight against cybercrime in Spain,…
Lenovo IdeaCentre and Yoga Laptop BIOS Vulnerabilities Let Attackers Execute Arbitrary Code
Critical vulnerabilities in Lenovo’s IdeaCentre and Yoga All-In-One systems could allow privileged local attackers to execute arbitrary code and access sensitive system information. The vulnerabilities affect InsydeH2O BIOS implementations used in specific Lenovo desktop and all-in-one computer models, with CVSS…
20 Best Inventory Management Tools in 2025
Inventory management tools streamline tracking and managing stock levels, orders, sales, and deliveries. It provides real-time visibility into inventory across multiple locations, ensuring accurate stock levels and reducing the risk of overstocking or stockouts. These tools often include features for…