-
A sophisticated phishing campaign is currently leveraging a subtle typographical trick to bypass user vigilance, deceiving victims into handing over sensitive login credentials. Attackers utilize the domain “rnicrosoft.com” to impersonate the tech giant. By replacing the letter ‘m’ with the combination of ‘r’ and ‘n’, fraudsters create a visual doppleganger that is nearly indistinguishable from […] The post Hackers Replace ‘m’ with ‘rn’ in Microsoft(.)com to Steal Users’ Login Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The notorious Clop ransomware gang has listed Oracle on its dark web leak site, alleging a successful breach of the tech giant’s internal systems. This development is part of a massive extortion campaign exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS), designated as CVE-2025-61882. The group, tracked as Graceful Spider, claims to have […] The post Oracle Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers have unleashed over 2.3 million malicious sessions against Palo Alto Networks’ GlobalProtect VPN portals since November 14, 2025, according to threat intelligence firm GreyNoise. This surge, which intensified dramatically within 24 hours to reach a 40-fold increase, represents the highest activity level in the past 90 days and underscores growing risks to remote access […] The post Hackers Attacking Palo Alto Networks’ GlobalProtect VPN Portals with 2.3 Million Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ANY.RUN experts recently uncovered a new XWorm campaign that uses steganography to conceal malicious payloads inside seemingly harmless PNG images. What appears to be an ordinary graphic actually contains encrypted loaders that execute entirely in memory, allowing the malware to bypass most traditional detection methods and signature-based defenses. Let’s break down how this attack works and what analysts and hunters should look […] The post New Wave of Steganography Attacks: Hackers Hiding XWorm in PNGs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The notorious Cl0p ransomware group has claimed responsibility for breaching the UK’s National Health Service (NHS), spotlighting vulnerabilities in Oracle’s E-Business Suite (EBS). The announcement, posted on Cl0p’s dark web leak site on November 11, 2026, accuses the NHS of prioritizing profits over patient security, stating, “The company doesn’t care about its customers; it ignored […] The post NHS Investigating Oracle EBS Hack Following Cl0p Ransomware Group Claim appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Black Friday 2025 represents the most dangerous shopping season in cybercrime history, with fraudsters leveraging artificial intelligence, deepfake technology, and sophisticated social engineering tactics to target millions of consumers globally. Recent cybersecurity research indicates that scam websites surged 89% year-over-year, while phishing attacks account for 42% of Black Friday-specific threats, with 32% specifically targeting digital […] The post 10 Popular Black Friday Scams – How to Detect the Red Flags and Protect your wallet and Data appeared first on Cyber…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cybercrime landscape has undergone a dramatic transformation in 2025, with artificial intelligence emerging as a cornerstone technology for malicious actors operating in underground forums. According to Google’s Threat Intelligence Group (GTIG), the underground marketplace for illicit AI tools has matured significantly this year, with multiple offerings of multifunctional tools designed to support various stages […] The post List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google Threat Intelligence Group (GTIG) has unveiled details of an experimental malware family called PROMPTFLUX, which leverages the company’s Gemini AI API to dynamically rewrite its own code, marking a chilling evolution in AI-assisted cyber threats. This development, detailed in GTIG’s latest AI Threat Tracker report released on November 4, 2025, highlights how adversaries are […] The post Google Warns of New PROMPTFLUX Malware Using Gemini API to Rewrite its Own Source Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An ongoing malicious advertising campaign is weaponizing legitimate software downloads to deploy OysterLoader malware, previously identified as Broomstick and CleanUpLoader. This sophisticated initial access tool enables cybercriminals to establish footholds in corporate networks, ultimately serving as a delivery mechanism for the notorious Rhysida ransomware gang. The Rhysida ransomware operation has targeted enterprises since emerging from […] The post Weaponized Putty and Teams Ads Deliver Malware Allowing Hackers to Access Network appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Canadian authorities have issued an urgent alert following multiple confirmed incidents where cybercriminals compromised internet-accessible Industrial Control Systems (ICS) devices protecting critical infrastructure across the nation. The Canadian Centre for Cyber Security and the Royal Canadian Mounted Police report that water treatment facilities, energy companies, and agricultural operations have fallen victim to coordinated attacks, raising […] The post Canada Warns of Hackers Breached ICS Devices Controlling Water and Energy Facilities appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
