A sophisticated cyber espionage campaign dubbed “Operation CargoTalon” has emerged, specifically targeting Russia’s aerospace and defense sectors through carefully crafted spear-phishing attacks. The operation, which surfaced in late June 2025, employs a multi-stage infection chain designed to deploy the EAGLET…
Tag: Cyber Security News
New ACRStealer Abuses Google Docs and Steam for C2 Server Via DDR Technique
A sophisticated new variant of the ACRStealer information-stealing malware has emerged, demonstrating advanced evasion techniques and leveraging legitimate platforms for covert command-and-control operations. The malware, which has been actively distributed since early 2024, represents a significant evolution in cybercriminal tactics…
Threat Actor Mimo Attacking Magento CMS to Steal Card Details and Bandwidth Monetization
The cybersecurity landscape faces a new threat as the notorious Mimo threat actor, previously known for targeting Craft content management systems, has significantly evolved its operations to compromise Magento ecommerce platforms. This expansion represents a dangerous shift toward high-value targets…
Weaponized LNK File Disguised as Credit Card Security Email Steals User Data
Cybercriminals have evolved their social engineering tactics with a sophisticated malware campaign that exploits users’ trust in financial institutions. The latest threat involves a malicious LNK file masquerading as a credit card security email authentication popup, specifically targeting unsuspecting users…
Lumma Stealer Via Fake Cracked Software Steals Login Credentials and Private Files
The brief lull following May’s multinational takedown of the Lumma Stealer infrastructure proved deceptive. Within weeks, telemetry again lit up with fresh command-and-control (C2) beacons, revealing that the information-stealing malware had swapped overt marketplace promotion for quieter channels while expanding…
Jetflicks Illegal Paid Streaming Service Operators Jailed for 7 Years
Five Nevada men, including a German citizen, received prison sentences of up to 84 months for operating Jetflicks, one of the largest illegal television streaming services in United States history. The defendants generated millions in criminal profits by distributing copyrighted…
New ZuRu Malware Variant Weaponizes Termius SSH Client to Attack macOS Users
A fresh strain of the long-running macOS.ZuRu family has surfaced, hiding inside a doctored of the popular Termius SSH client and quietly turning developer workstations into remote footholds. First seen in late May 2025, the 248 MB rogue disk image…
Key Administrator of World’s Most Popular Dark Web Cybercrime Platform Arrested
An investigation led by the French Police and Paris Prosecutor, in close cooperation with their Ukrainian counterparts and Europol, has resulted in the arrest of the suspected administrator of xss[.]is, one of the world’s most influential Russian-speaking cybercrime platforms. The…
Silicon Valley Engineer Pleads Guilty to Stealing Missile Detection Data for China
A dual U.S.-China citizen and former Silicon Valley engineer has pleaded guilty to stealing critical military technology secrets designed to protect American national security interests. Chenguang Gong, 59, of San Jose, admitted to transferring over 3,600 classified files containing advanced…
How Businesses Prevent Credential Theft with Early Phishing Detection
Phishing attacks are evolving rapidly, allowing cybercriminals to bypass traditional security systems like email filters and static defenses. As a result, many businesses are left vulnerable to credential theft, often without realizing the threat until it’s too late. Early detection is key, and…
Critical Vulnerability in JavaScript Library Exposes Millions of Apps to Code Execution Attacks
A critical security vulnerability has been discovered in the widely-used JavaScript form-data library, potentially exposing millions of applications to code execution attacks. The vulnerability, assigned CVE-2025-7783, stems from the library’s use of the predictable Math.random() function to generate boundary values…
Brave Browser Blocks Microsoft Recall by Default Due to Privacy Concerns
A significant privacy protection measure with the Brave browser now blocks Microsoft’s controversial Recall feature by default starting in version 1.81 for Windows users. The decision reflects growing concerns about user privacy and data security, as Microsoft’s Recall system automatically…
Windows 11 Gets New AI-Powered Features – Discover What’s New
Microsoft has unveiled a comprehensive suite of AI-powered enhancements for Windows 11, marking a significant leap forward in personal computing experiences. With nearly 60% of users now employing generative AI for work purposes and 64% for personal projects, Windows 11…
Coyote Malware Abuses Microsoft’s UI Automation in Wild to Exfiltrate Login Credentials
A groundbreaking cybersecurity threat has emerged as researchers document the first confirmed case of malware exploiting Microsoft’s User Interface Automation (UIA) framework in active attacks. The Coyote banking trojan, initially discovered in February 2024, has evolved to incorporate this sophisticated…
CISA Warns of Chinese Hackers Exploiting SharePoint 0-Day Flaws in Active Exploitation
CISA has issued an urgent alert regarding active exploitation of critical Microsoft SharePoint vulnerabilities by suspected Chinese threat actors. The attack campaign, dubbed “ToolShell,” leverages a vulnerability chain involving CVE-2025-49706 (network spoofing) and CVE-2025-49704 (remote code execution) to gain unauthorized…
US Nuclear Weapons Agency Breached by Hackers Using SharePoint 0-Day Vulnerability
The National Nuclear Security Administration (NNSA) has fallen victim to a sophisticated cyber attack exploiting a previously unknown vulnerability in Microsoft SharePoint, marking one of the most significant security breaches targeting critical US defense infrastructure this year. Chinese government-affiliated hacking…
Firefox 141 Released With Fix for Multiple Vulnerabilities – Update Now
Mozilla has released Firefox 141 to address 17 security vulnerabilities, including several high-impact flaws that could potentially allow arbitrary code execution. The Mozilla Foundation Security Advisory, announced on July 22, 2025, urges users to update immediately to protect against these…
Clorox Sues IT Provider Cognizant For Simply Giving Employee Password to Hackers
The Clorox Company, a leading household goods manufacturer, has filed a $380 million lawsuit against IT services provider Cognizant Technology Solutions. The lawsuit accuses Cognizant’s help-desk agents of inadvertently providing hackers with access to Clorox’s network during a security breach…
Ransomware Gangs Leveraging RMM Tools to Attack Organizations and Exfiltrate Data
Remote Monitoring and Management (RMM) software has long been the silent partner of help-desk engineers, automating patch cycles and troubleshooting sessions across sprawling enterprises. Over the past year, however, the same remote consoles have been quietly repurposed by ransomware gangs…
CISA Warns of Microsoft SharePoint Code Injection and Authentication Vulnerability Exploited in Wild
CISA has issued an urgent warning regarding two critical Microsoft SharePoint vulnerabilities that threat actors are actively exploiting in the wild. The vulnerabilities, designated as CVE-2025-49704 and CVE-2025-49706, pose significant risks to organizations running on-premises SharePoint servers and have been…