Tag: Cyber Security News

A malicious Visual Studio Code extension posing as the popular “Material Icon Theme” has been used to attack Windows and macOS users, turning the add-on into a hidden backdoor. The fake extension shipped through the marketplace with backdoored files, giving…

Read more →

A sophisticated cyberespionage campaign dubbed “Operation Hanoi Thief” has surfaced, specifically targeting IT professionals and recruitment teams in Vietnam. Discovered on November 3, 2025, this threat activity employs a complex multi-stage infection chain designed to harvest sensitive browser credentials and…

Read more →

A new remote access trojan dubbed KimJongRAT has surfaced, posing a severe threat to Windows users. This sophisticated malware is believed to be orchestrated by the Kimsuky group, a threat actor with alleged state backing. The campaign typically begins with…

Read more →

Advanced steganography techniques are becoming increasingly central to state-sponsored cyber operations. Recent analysis has exposed two Chinese technology companies, BIETA and CIII, that allegedly provide sophisticated steganography solutions to support advanced persistent threat campaigns. These organizations operate as front companies…

Read more →

With the holiday shopping season kicking into high gear, a massive cybersecurity threat has emerged, putting online shoppers at significant risk. A coordinated campaign has been discovered, involving the registration of over 2,000 fake holiday-themed online stores. These malicious sites…

Read more →

South Korean e-commerce giant Coupang has confirmed a massive security incident affecting approximately 33.7 million customers, nearly the company’s entire user base. The breach, which exposed names, phone numbers, email addresses, shipping addresses, and order histories, has been traced back…

Read more →

A sophisticated Advanced Persistent Threat group known as Bloody Wolf has intensified its cyber espionage operations across Central Asia, targeting government and private sectors. Since late June 2025, the group has orchestrated spear-phishing campaigns primarily focusing on organizations within Kyrgyzstan…

Read more →

Microsoft has acknowledged a frustrating new issue affecting users of the “new Outlook” for Windows, where Excel attachments fail to open if their filenames contain non-ASCII characters. The technical glitch, tracked under the reference ID EX1189359, triggers a vague error…

Read more →

A newly discovered Windows malware packer named TangleCrypt has emerged as a serious threat in ransomware attacks, specifically designed to evade endpoint detection and response (EDR) solutions. The packer was first observed during a September 2025 ransomware incident involving Qilin…

Read more →

OpenAI has patched a command injection flaw in its Codex CLI tool that allowed attackers to execute arbitrary commands on developers’ machines simply by getting a malicious configuration file into a project repository. The issue, now fixed in Codex CLI…

Read more →

Cybercriminals have found a more effective method to compromise Windows computers while evading detection by security software. Ivan Spiridonov observed that uploading malicious tools, hackers are now using legitimate Windows programs already installed on target systems, a tactic known as…

Read more →

“ShadyPanda,” a sophisticated threat actor responsible for a seven-year campaign that has successfully infected 4.3 million Chrome and Edge users. By exploiting the inherent trust in browser marketplaces, ShadyPanda weaponized “Featured” and “Verified” extensions to deploy remote code execution (RCE)…

Read more →

The Tomiris hacker group has resurfaced with a sophisticated campaign targeting foreign ministries and government entities worldwide. Beginning in early 2025, this advanced persistent threat (APT) actor shifted its operational strategy to focus on high-value diplomatic infrastructure. By leveraging a…

Read more →

A critical security vulnerability in Microsoft Azure API Management (APIM) Developer Portal enables attackers to register accounts across different tenant instances, even when administrators have explicitly disabled user signup through the portal interface. The flaw, which Microsoft has classified as…

Read more →

A new threat has emerged in the cybersecurity landscape as security experts discover a private Out-of-Band Application Security Testing (OAST) service operating on Google Cloud infrastructure. This mystery operation stands out from typical exploit scanning activities because it uses custom…

Read more →

Pakistan-based threat actor APT36, also known as Transparent Tribe, has launched a sophisticated cyber-espionage campaign against Indian government institutions using a newly developed Python-based ELF malware. The attack marks a significant escalation in the group’s capabilities, demonstrating their growing technical…

Read more →

Microsoft has confirmed a bizarre user interface bug affecting Windows 11 version 24H2 devices that renders the password sign-in icon invisible on the lock screen. The issue, stemming from the August 2025 non-security preview update (KB5064081) and persisting in subsequent…

Read more →

A threat actor known as “zestix” has claimed responsibility for a significant data breach affecting Mercedes-Benz USA (MBUSA), allegedly exfiltrating 18.3 GB of sensitive legal and customer information. The threat actor posted the dataset for sale on a dark web…

Read more →

A Proof-of-Concept (PoC) exploit code has been released for a critical remote code execution (RCE) vulnerability in Microsoft Outlook, identified as CVE-2024-21413. Dubbed “MonikerLink,” this flaw allows attackers to bypass Outlook’s security mechanisms, specifically the “Protected View,” to execute malicious…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has officially updated its Known Exploited Vulnerabilities (KEV) catalog to include a critical flaw in OpenPLC ScadaBR, confirming that threat actors are actively weaponizing it in the wild. The security defect, identified as…

Read more →