Tag: Cyber Security News

Emerging from a recent wave of targeted campaigns, SnakeKeylogger has surfaced as a potent infostealer that capitalizes on PowerShell and social engineering. The malware’s operators craft convincing spear-phishing e-mails under aliases such as “CPA-Payment Files,” impersonating reputable financial and research…

Read more →

Cybersecurity researchers have identified what is believed to be the earliest known instance of malware that leverages a Large Language Model (LLM) to generate malicious code at runtime. Dubbed ‘MalTerminal’ by SentinelLABS, the malware uses OpenAI’s GPT-4 to dynamically create…

Read more →

A sophisticated Android spyware campaign dubbed ClayRat has emerged as one of the most concerning mobile threats of 2025, masquerading as popular applications including WhatsApp, Google Photos, TikTok, and YouTube to infiltrate devices and steal sensitive user data. The malware…

Read more →

The cybersecurity landscape faces a new and significant threat as the notorious CL0P ransomware group has launched a large-scale extortion campaign targeting Oracle E-Business Suite (EBS) environments. Starting September 29, 2025, security researchers began tracking a sophisticated operation where threat…

Read more →

Two high-severity vulnerabilities have been discovered in the popular open-source file archiver, 7-Zip, which could allow remote attackers to execute arbitrary code. Identified as CVE-2025-11001 and CVE-2025-11002, the flaws affect all versions of the software prior to the latest release…

Read more →

International law enforcement agencies have seized the latest clearnet domain of the notorious cybercrime marketplace, BreachForums. The domain, breachforums[.]hn, now displays a seizure notice from the U.S. Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI), alongside French…

Read more →

Two high-severity vulnerabilities have been discovered in the popular open-source file archiver, 7-Zip, which could allow remote attackers to execute arbitrary code. Identified as CVE-2025-11001 and CVE-2025-11002, the flaws affect all versions of the software prior to the latest release…

Read more →

A sophisticated phishing campaign has emerged targeting job seekers through legitimate Zoom document-sharing features, demonstrating how cybercriminals exploit trusted platforms to harvest Gmail credentials. The attack leverages social engineering tactics by impersonating HR departments and using authentic Zoom notifications to…

Read more →

Over the past two months, threat actors have weaponized a critical authentication bypass flaw in the Service Finder Bookings WordPress plugin, enabling them to hijack any account on compromised sites. First disclosed on July 31, 2025, the vulnerability emerged after…

Read more →

Microsoft users are facing a novel quishing campaign that leverages weaponized QR codes embedded in malicious emails. Emerging in early October 2025, this attack exploits trust in QR-based authentication and device pairing workflows, tricking targets into scanning codes that deliver…

Read more →

In recent weeks, security teams worldwide have grappled with a new ransomware strain that has shattered expectations for speed and sophistication. First detected in late September 2025, this variant encrypts critical data within seconds of execution, leaving little time for…

Read more →

The ransomware landscape witnessed unprecedented upheaval in Q3 2025 as cyberthreat actors ushered in a new era of aggression and sophistication. The quarter marked a pivotal moment with the emergence of Scattered Spider’s inaugural ransomware-as-a-service offering, ShinySp1d3r RaaS, representing the…

Read more →

A recently discovered Python-based remote access trojan (RAT) exhibits unprecedented polymorphic behavior, altering its code signature each time it runs. First observed on VirusTotal, the sample, dubbed nirorat.py, initially scored only 26/100 on detection engines, despite containing a full suite…

Read more →

Cybersecurity researchers have uncovered a sophisticated evolution of the ClickFix attack methodology, where threat actors are leveraging cache smuggling techniques to avoid traditional file download detection mechanisms. This innovative campaign targets enterprise networks by masquerading as a Fortinet VPN compliance…

Read more →

Microsoft Azure, one of the world’s leading cloud computing platforms, experienced a significant service outage on Thursday, October 9, 2025, leaving customers across Europe and Africa unable to access their services. The disruption began at approximately 07:40 UTC, with the…

Read more →

In recent weeks, a sophisticated malware campaign has emerged that leverages conversational chatbots as covert entry points into enterprise systems. Initially observed in mid-September 2025, the threat actors targeted organizations running customer-facing chat applications built on large language models. By…

Read more →

SonicWall has confirmed that an unauthorized party accessed and stole the entire repository of customer firewall configuration backup files from its cloud service. The confirmation comes after the completion of an investigation with the cybersecurity firm Mandiant, which determined that…

Read more →

The cybersecurity community has witnessed the rapid emergence of a novel phishing toolkit that automates the creation of “ClickFix” attack pages, enabling threat actors with minimal technical expertise to deploy sophisticated social engineering lures. Dubbed the IUAM ClickFix Generator, this…

Read more →

Security researchers at Cisco Talos have confirmed that ransomware operators are actively exploiting Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in their attacks. This marks the first definitive link between a legitimate security tool and a ransomware…

Read more →

A proof-of-concept (PoC) exploit has been released for a critical vulnerability in the secure boot chain of the Nothing Phone (2a) and CMF Phone 1, potentially affecting other devices using MediaTek systems-on-a-chip (SoCs). The exploit, named Fenrir and published by…

Read more →