A sophisticated cyberattack campaign targeting Microsoft Internet Information Services (IIS) servers has emerged, exploiting decades-old security vulnerabilities to deploy malicious modules that enable remote command execution and search engine optimization fraud. The operation, which came to light in late August and early September 2025, leverages publicly exposed ASP.NET machine keys to compromise servers worldwide, affecting […] The post Hackers Hijacking IIS Servers in The Wild Using Exposed ASP .NET Machine Keys to Inject Malicious Modules appeared first on Cyber Security…

North Korean state-sponsored hackers from the Lazarus APT group launched a cyberespionage campaign targeting European companies involved in unmanned aerial vehicle development. Starting in late March 2025, attackers compromised three defense organizations across Central and Southeastern Europe, deploying advanced malware to steal proprietary UAV technology. The campaign, tracked as Operation DreamJob, employed social engineering using […] The post North Korean Hackers Attacking Unmanned Aerial Vehicle Industry to Steal Confidential Data appeared first on Cyber Security News.

A sophisticated phishing campaign leveraging randomly generated Universal Unique Identifiers (UUIDs) has emerged, successfully bypassing Secure Email Gateways (SEGs) and evading perimeter defenses. The attack employs an advanced JavaScript-based phishing script combining random domain selection, dynamic UUID generation, and server-driven page replacement to steal credentials. Unlike conventional phishing operations relying on static redirects, this campaign […] The post New Phishing Attack Bypasses Using UUIDs Unique to Bypass Secure Email Gateways appeared first on Cyber Security News.

In 2025, ransomware attacks against the public sector continue to accelerate at an alarming rate, showing no signs of slowing down despite increased cybersecurity awareness and defensive measures. Throughout the year, approximately 196 public sector entities worldwide have fallen victim to ransomware campaigns, resulting in crippling service outages, massive data loss, erosion of public trust, […] The post Ransomware Actors Targeting Global Public Sectors and Critical Services in Targeted Attacks appeared first on Cyber Security News.

A sophisticated supply chain attack has emerged targeting cryptocurrency developers through the NuGet package ecosystem. Cybersecurity researchers have uncovered malicious packages impersonating Nethereum, a widely trusted .NET library for Ethereum blockchain interactions with tens of millions of downloads. The counterfeit packages, identified as Netherеum.All and NethereumNet, employ advanced obfuscation techniques to exfiltrate sensitive wallet credentials […] The post Malicious NuGet Packages Mimic as Popular Nethereum Project to Steal Wallet Keys appeared first on Cyber Security News.