-
A new type of phishing attack that combines two different phishing kits: Salty2FA and Tycoon2FA. This marks a significant change in the Phishing-as-a-Service (PhaaS) landscape. While phishing kits typically maintain unique signatures in their code and delivery mechanisms, recent campaigns targeting enterprise users have begun deploying payloads that combine elements from both frameworks. This convergence […] The post Salty2FA and Tycoon2FA Phishing Kits Attacking Enterprise Users to Steal Login Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A collaborative investigation by Mauro Eldritch of BCA LTD, ANYRUN, and NorthScan has provided unprecedented visibility into how North Korean threat actors from the Lazarus Group recruit and operate against Western companies. Researchers documented the complete attack cycle in real-time, capturing live footage of attackers using compromised systems. This breakthrough reveals the human side of […] The post Researchers Expose Lazarus Recruitment Pipeline Live on Camera Through Honeypot Operation appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new, highly sophisticated malware campaign has been identified targeting remote workers and organizations through a fake Google Meet landing page. Hosted on the deceptive domain gogl-meet[.]com, this attack leverages the “ClickFix” social engineering technique to bypass traditional browser security controls and deliver a Remote Access Trojan (RAT) directly to the victim’s system. The attack […] The post Beware of Weaponized Google Meet Page uses ClickFix Technique to Deliver Malicious Payload appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Three West London councils are struggling with significant disruption to IT systems and phone lines after a cyberattack on a shared services provider, which officials are publicly describing only as an “IT incident”. The Royal Borough of Kensington and Chelsea (RBKC), Westminster City Council (WCC), and Hammersmith and Fulham Council have all been affected. According […] The post London Councils’ IT Systems Impacted by CyberAttack, Including Phone Lines appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
KawaiiGPT emerges as an accessible, open-source tool that mimics the controversial WormGPT, providing unrestricted AI assistance via jailbroken large language models. Hosted on GitHub with over 188 stars and 52 forks, it requires no API keys and installs quickly on Linux or Termux environments. Users can deploy KawaiiGPT in minutes by updating packages, installing Python […] The post KawaiiGPT – Free WormGPT Variant Leveraging DeepSeek, Gemini, and Kimi-K2 AI Models appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A significant gap in Microsoft Teams’ B2B guest access allows attackers to bypass Defender for Office 365 protections, creating unprotected zones for phishing and malware delivery. At Cybersecurity News, we recently highlighted how Microsoft Teams’ New “Chat with Anyone” Feature Exposes Users to Phishing and Malware Attacks. This architectural issue, highlighted by Ontinue, stems from […] The post Microsoft Teams Guest Chat Vulnerability Exposes Users to Malware Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated ClickFix campaign dubbed “JackFix” that uses fake adult websites to hijack screens with realistic Windows Update prompts, tricking users into running multistage malware payloads. Attackers mimic popular adult sites like xHamster clones to lure victims, likely via malvertising on shady platforms. Interaction with the phishing page triggers a full-screen overlay resembling a critical […] The post New “JackFix” Attack Leverages Windows Updates into Executing Malicious Commands appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Canon has officially confirmed that it was targeted during the widespread hacking campaign exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, orchestrated by the notorious Clop ransomware gang, has impacted dozens of major organizations worldwide. The group listed Canon on its dark web leak site, publishing the company’s domain alongside other […] The post Canon Allegedly Breached by Clop Ransomware via Oracle E-Business Suite 0-Day Hack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A massive resurgence of the Sha1-Hulud supply chain malware has struck the open-source ecosystem, compromising over 800 npm packages and tens of thousands of GitHub repositories in a campaign the attackers have dubbed “The Second Coming.” This sophisticated wave targets high-profile dependencies from major organizations, including AsyncAPI, Postman, PostHog, Zapier, and ENS, affecting an estimated […] The post Sha1-Hulud Supply Chain Attack: 800+ npm Packages and Thousands of GitHub Repos Compromised appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A massive supply chain attack targeting the NPM accounts of automation giant Zapier and the Ethereum Name Service (ENS). Identified by Aikido Security, the campaign is being orchestrated by the same threat actors responsible for the “Shai Hulud” self-propagating worm that first surfaced in September. This latest wave, self-titled “Shai Hulud: The Second Coming,” has […] The post Zapier’s NPM Account Hacked and Multiple Packages Infected with Self-propogating Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
