-
A new ransomware group, Cephalus, has emerged in the cybersecurity threat landscape, targeting organizations through compromised Remote Desktop Protocol (RDP) accounts. First detected in mid-June 2025, this group represents a growing threat to business…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ClickFix attacks have surged dramatically over the past year, cementing their position as pivotal tools in the modern attacker’s arsenal. These sophisticated social engineering campaigns coerce users into executing malicious code on their own devices, …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated supply-chain attack has emerged targeting Windows systems through compromised npm packages, marking a critical vulnerability in open-source software distribution. Between October 21 and 26, 2025, threat actors published 17 malicious npm packages containing 23 releases designed to deliver Vidar infostealer malware. The campaign exploited the trust developers place in package registries, leveraging legitimate-appearing […] The post 15+ Weaponized npm Packages Attacking Windows Systems to Deliver Vidar Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new threat has surfaced in the mobile banking landscape Herodotus, a sophisticated Android banking Trojan that has been wreaking havoc in recent weeks. Offered under the notorious Malware-as-a-Service (MaaS) model, Herodotus leverages social engineer…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated phishing campaign is actively targeting hotel establishments and their guests through compromised Booking.com accounts, according to research uncovered by security experts. The campaign, dubbed “I Paid Twice” due to evidence of victims paying twice for their reservations, has been operating since at least April 2025 and remains active as of October 2025. The […] The post New Phising Attack Targeting Travellers from Hotel’s Compromised Booking.com Account appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Congressional Budget Office (CBO), which serves as Congress’s official financial advisor, has been targeted in a suspected cyberattack by suspected foreign actors. The breach exposed sensitive financial research data that lawmakers rely on to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
LockBit has remained one of the most dominant ransomware-as-a-service (RaaS) groups in the world since its emergence as ABCD ransomware in 2019 and official launch as LockBit in 2020. Despite high-profile setbacks including international law enforcemen…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
China-linked threat actors have intensified their focus on influencing American governmental decision-making processes by targeting organizations involved in shaping international policy. In April 2025, a sophisticated intrusion into a U.S. non-profit organization revealed the persistent efforts of these attackers to establish long-term network access and gather intelligence related to policy matters. The threat actors demonstrated […] The post Chinese Hackers Organization Influence U.S. Government Policy on International Issues appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have successfully evaded Elastic EDR’s call stack signature detection by exploiting a technique involving “call gadgets” to bypass the security tool’s behavioral analysis. The Almond research builds on Elastic’s transparent approach to security, as the company publicly shares its detection logic and allows researchers to test against their protections. Elastic EDR relies heavily […] The post Researchers Evaded Elastic EDR’s Call Stack Signatures by Exploiting Call Gadgets appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Russian-based threat actors are actively distributing a sophisticated Android Remote Access Trojan called “Fantasy Hub” via Telegram-based Malware-as-a-Service channels, marking a significant escalation in mobile-focused cybercrime. Fantasy…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
