-
Reports of a possible law enforcement operation against Rhadamanthys Stealer infrastructure have created waves in the cybersecurity community. The information stealer, which has been active in the threat landscape for several months, appears to have suffered a major disruption to its command and control servers. Users of the malware-as-a-service platform have reported difficulties accessing their […] The post Rhadamanthys Stealer Servers Possibly Seized – Admin Urges to Reinstall Servers appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The English-speaking cybercriminal ecosystem, commonly known as “The COM,” has transformed from a niche community of social media account traders into a sophisticated, organized operation fueling some of the world’s most damaging cyberattacks. What started as simple forums for trading rare social media handles has evolved into a professional, service-driven criminal marketplace targeting multinational corporations, […] The post English-Speaking Cybercriminal Ecosystem ‘The COM’ Drives a Wide Spectrum of Cyberattacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Law enforcement agencies disrupted a vast network of cybercrime tools between November 10 and 14, 2025, coordinated from Europol’s headquarters in The Hague, Netherlands. Dubbed the latest phase of Operation Endgame, the effort targeted three notorious malware families: the infostealer Rhadamanthys, the Remote Access Trojan (RAT) VenomRAT, and the Elysium botnet. These stealers and botnets […] The post Operation Endgame – 1,000+ Servers Used by Rhadamanthys, VenomRAT, and Elysium Dismantled appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Between November 10 and 14, 2025, law enforcement agencies executed one of the most significant coordinated operations against cybercriminals in recent history. Operation Endgame, coordinated from Europol’s headquarters in The Hague, successfully…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Elastic has released a security advisory addressing an origin validation error in Kibana that could expose systems to Server-Side Request Forgery (SSRF) attacks. The vulnerability, tracked as CVE-2025-37734, affects multiple versions of the popular dat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new ClickFix campaign is tricking users with a fake Windows update that runs in their browser. Called “Fake OS Update,” this scam takes advantage of people’s trust in the familiar blue screen of death (BSOD) from Microsoft. It delivers malware and shows how social engineering can be more effective than technical tricks. Cybersecurity researcher […] The post New ClickFix Attack Tricks Users with ‘Fake OS Update’ to Execute Malicious Commands appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a sophisticated supply chain attack disguised as a legitimate cryptocurrency wallet. Socket’s Threat Research Team discovered a malicious Chrome extension called “Safery: Ethereum Wallet,” published…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Dell Technologies has disclosed a critical security vulnerability in its Data Lakehouse platform that could allow remote attackers to escalate privileges and compromise system integrity. The flaw, tracked as CVE-2025-46608, affects all versions before 1.6.0.0 and has been assigned a CVSS score of 9.1, placing it in the critical severity category. The security flaw stems from an improper […] The post Critical Dell Data Lakehouse Vulnerability Let Remote Attacker Escalate Privileges appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has released critical security patches addressing nine vulnerabilities across Community Edition (CE) and Enterprise Edition (EE), including a concerning prompt injection flaw in GitLab Duo that could expose sensitive information from confidentia…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Businesses today are dealing with faster, stealthier email threats that look routine yet unleash aggressively malicious scripts the moment a user engages. This is especially true when the lure arrives as an attachment that resembles a harmless image file. The perception gap is exactly what attackers exploit with SVG phishing, whereby what appears to be […] The post How Attackers Turn SVG Files Into Phishing Lures appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
