-
Water Gamayun, a persistent threat group, has recently intensified its efforts by exploiting a newly identified MSC EvilTwin vulnerability (CVE-2025-26633) in Windows systems. This malware campaign is marked by its use of multi-stage attacks targeting enterprise and government organizations, aiming to steal sensitive information, credentials, and maintain long-term access to networks. Emerging in 2025, these […] The post Water Gamayun APT Hackers Exploit MSC EvilTwin Vulnerability to Inject Malicious Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has confirmed that FIDO2 security keys on Windows 11 may now prompt users to set up a PIN during authentication following specific recent updates, aligning with WebAuthn standards for enhanced user verification. The change began with the September 29, 2025, preview update KB5065789 for OS Builds 26200.6725 and 26100.6725, rolling out gradually to Windows […] The post Microsoft Security Keys May Require PIN After Recent Windows Updates appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Building analyst expertise is a race against time that many Security Operations Centers (SOCs) are losing. New hires often require over six months to handle complex incidents with confidence, creating a bottleneck where senior analysts must compensate for the skills gap. Traditional training, reliant on theories and simulations, struggles to keep pace with the speed […] The post Scaling SOC Team Expertise With AI-powered Insights for Faster, Easier Understanding of Threats appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A dangerous malware campaign has targeted thousands of developers through a fake extension on the Visual Studio Code Marketplace. On November 21, 2025, security researchers discovered a malicious extension named “prettier-vscode-plus” designed to trick developers into installing it by mimicking the legitimate Prettier code formatter. The extension exploited brand recognition and targeted developers seeking formatting […] The post Malicious Prettier Extension on VSCode Marketplace Delivers Anivia Stealer Malware to Exfiltrate Login Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Federal Bureau of Investigation (FBI) has issued urgent warnings about cybercriminals spoofing the official Internet Crime Complaint Center (IC3) website to conduct phishing attacks and steal sensitive personal information. These fake sites mimic the legitimate www.ic3.gov portal with near-perfect replicas, borrowing content, layouts, and visuals to deceive users into submitting names, addresses, phone numbers, […] The post FBI Warns of Fake Internet Crime Complaint Center (IC3) Website Used for Phishing Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Akira ransomware group has begun weaponizing vulnerabilities in SonicWall SSL VPN devices, turning merger-and-acquisition (M&A) processes into high-speed launchpads for cyberattacks. This trend exposes dangerous blind spots for businesses acquiring smaller companies, as inherited SonicWall devices often serve as easy entry points for attackers. How Akira Ransomware Targets M&A Environments During mergers and acquisitions, […] The post Akira Ransomware Uses SonicWall VPN Exploit to Exfiltrate Sensitive Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Socket have uncovered a deceptive Chrome extension called Crypto Copilot that masquerades as a legitimate Solana trading tool while secretly siphoning SOL from users’ swap transactions. The malicious extension, published o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated ClickFix campaign dubbed “JackFix” that uses fake adult websites to hijack screens with realistic Windows Update prompts, tricking users into running multistage malware payloads. Attackers mimic popular adult sites like xHamster clones to lure victims, likely via malvertising on shady platforms. Interaction with the phishing page triggers a full-screen overlay resembling a critical […] The post New “JackFix” Attack Leverages Windows Updates into Executing Malicious Commands appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A cybercriminal operating under the alias ByteToBreach has emerged as a prominent figure in the underground data trade, orchestrating a series of high-profile breaches targeting critical sectors worldwide. Active since at least June 2025, ByteToBreach …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
More than two decades after its initial discovery, the NTLM authentication protocol continues to plague Windows systems worldwide. What started in 2001 as a theoretical vulnerability has evolved into a widespread security crisis, with attackers actively weaponizing multiple NTLM flaws to compromise networks across different regions. The New Technology LAN Manager (NTLM) protocol was designed […] The post Hackers Exploit NTLM Authentication Flaws to Target Windows Systems appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
