-
Dashcams have become essential devices for drivers worldwide, serving as reliable witnesses in case of accidents or roadside disputes. However, a team of Singaporean cybersecurity researchers has uncovered a disturbing reality: these seemingly harmless devices can be hijacked within seconds and turned into powerful surveillance tools. The findings, presented at the Security Analyst Summit 2025, […] The post Hackers can Hijack Your Dash Cams in Seconds and Weaponize it for Future Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Insider threats remain one of the most challenging security problems that organizations face today. These threats typically do not show obvious warning signs at first. Instead, they reveal themselves through small, unusual activities that often blend into normal daily operations. Many companies struggle to identify these early indicators because they occur within legitimate user accounts […] The post Nisos Details Earlier Signs of Insider Detection via Authentication and Access Controls appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ukraine-linked hackers are stepping up cyberattacks against Russian aerospace and wider defence-related companies, using new custom malware to steal designs, schedules, and internal emails. The campaign targets both prime contractors and smaller suppliers, aiming to map production chains and expose weak points in Russia’s war industry. The tools used in this campaign are simple, but […] The post Ukraine Hackers Attacking Russian Aerospace Companies and Other Defence-Related Sectors appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are turning to Evilginx, a powerful adversary-in-the-middle tool, to get around multi-factor authentication and take over cloud accounts. The framework acts as a reverse proxy between the victim and real single sign-on pages, so the login screen looks and behaves just like the real thing. To the user, the fake site feels normal, with […] The post Hackers Leverage Evilginx to Undermine MFA Security Mimicking Legitimate SSO Sites appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new type of phishing attack that combines two different phishing kits: Salty2FA and Tycoon2FA. This marks a significant change in the Phishing-as-a-Service (PhaaS) landscape. While phishing kits typically maintain unique signatures in their code and delivery mechanisms, recent campaigns targeting enterprise users have begun deploying payloads that combine elements from both frameworks. This convergence […] The post Salty2FA and Tycoon2FA Phishing Kits Attacking Enterprise Users to Steal Login Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals targeting Brazilian users have aggressively escalated their tactics, launching a highly sophisticated campaign dubbed “Water Saci.” This new wave of attacks weaponizes WhatsApp Web, a platform implicitly trusted by millions, to deliver banking trojans and steal sensitive financial data. By compromising user accounts, the attackers send convincing messages to trusted contacts, creating a rapid, […] The post Water Saci Hackers Leveraging AI Tools to Attack WhatsApp Web Users appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A collaborative investigation by Mauro Eldritch of BCA LTD, ANYRUN, and NorthScan has provided unprecedented visibility into how North Korean threat actors from the Lazarus Group recruit and operate against Western companies. Researchers documented the complete attack cycle in real-time, capturing live footage of attackers using compromised systems. This breakthrough reveals the human side of […] The post Researchers Expose Lazarus Recruitment Pipeline Live on Camera Through Honeypot Operation appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Android TV community faces a significant security crisis as SmartTube, a popular third-party YouTube client, has been compromised due to exposed signing keys. Security researchers have identified malicious code embedded within official releases, prompting Google to forcibly disable the application on affected devices. The incident, which came to light through extensive community analysis, demonstrates […] The post SmartTube YouTube App for Android TV Compromised Following Exposure of Signing Keys appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Arkanix stealer is a new malware family now spreading in the wild. It targets home users and small offices that rely on VPN clients and wireless networks for daily work. Once active, it focuses on stealing VPN account data, Wi‑Fi profiles, browser credentials, and desktop screenshots. This gives attackers direct access to private networks […] The post New Arkanix Stealer Attacking Users to Steal VPN Accounts, Screenshots and Wi-Fi Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Candiru, an Israeli-based spyware vendor, has deployed sophisticated malware infrastructure across multiple countries to target high-value individuals including politicians, journalists, and business leaders. The mercenary spyware, known as DevilsTongue, represents a growing threat to Windows users globally, with eight distinct operational clusters identified across Hungary, Saudi Arabia, Indonesia, and Azerbaijan. This modular Windows malware combines […] The post Candiru’s DevilsTongue Spyware Attacking Windows Users in Multiple Countries appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
