-
A sophisticated phishing kit dubbed Tykit, which impersonates Microsoft 365 login pages to harvest corporate credentials. First detected in May 2025, the kit has surged in activity during September and October, exploiting SVG files as a stealthy delivery mechanism. Unlike basic phishing lures, Tykit demonstrates maturity through consistent obfuscation techniques and multi-stage command-and-control (C2) interactions, […] The post New Tykit Phishing Kit Mimics Microsoft 365 Login Pages to Steal Corporate Account Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Since its emergence in August 2022, Lumma Infostealer has rapidly become a cornerstone of malware-as-a-service platforms, enabling even unskilled threat actors to harvest high-value credentials. Delivered primarily via phishing sites masquerading as cracked software installers, the malicious payload is encapsulated within a Nullsoft Scriptable Install System (NSIS) package designed to evade signature-based detection. Upon execution, […] The post Lumma Infostealer Malware Attacks Users to Steal Browser Cookies, Cryptocurrency Wallets and VPN/RDP Accounts appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals continue to evolve their email phishing arsenals, reviving legacy tactics while layering on advanced evasions to slip past automated filters and human scrutiny. In 2025, attackers are noted tried-and-true approaches—like password-protect…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has urgently released patch versions 18.5.1, 18.4.3, and 18.3.5 for its Community Edition (CE) and Enterprise Edition (EE) to address multiple critical security flaws, including several high-severity denial-of-service (DoS) vulnerabilities. These updates fix issues allowing specially crafted payloads to overwhelm systems, alongside access control and authorization bugs affecting authenticated users. The company emphasizes immediate […] The post Multiple Gitlab Security Vulnerabilities Let Attackers Trigger DoS Condition appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
When users authenticate to Microsoft cloud services, their activities generate authentication events recorded across multiple logging systems. Microsoft Entra sign-in logs and Microsoft 365 audit logs capture identical authentication events but represent this critical security data using different formats. Security analysts investigating incidents frequently encounter the UserAuthenticationMethod field in Microsoft 365 sign-in events, which displays […] The post Decoding Microsoft 365 Audit Log Events Using Bitfield Mapping Technique – Investigation Report appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CyberProof researchers detected a significant surge in Remcos (Remote Control & Surveillance Software) campaigns throughout September and October 2025, exploiting sophisticated fileless techniques to evade endpoint detection and response (EDR) solu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
China-based threat actors have exploited the critical ToolShell vulnerability in Microsoft SharePoint servers to infiltrate networks across multiple continents, targeting government agencies and critical infrastructure in a suspected espionage campaign. This vulnerability, identified as CVE-2025-53770, enables unauthenticated remote code execution and has been actively used since its disclosure in July 2025, despite Microsoft’s rapid patching […] The post Chinese Hackers Using ToolShell Vulnerability To Compromise Networks Of Government Agencies appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Oracle has disclosed two critical vulnerabilities in its E-Business Suite’s Marketing product that could hand full control to remote attackers. Dubbed CVE-2025-53072 and CVE-2025-62481, these flaws affect the Marketing Administration component and carry a perfect storm CVSS score of 9.8, marking them as among the most severe threats disclosed this year. Organizations relying on Oracle’s […] The post Critical Vulnerability In Oracle E-Business Suite’s Marketing Product Allows Full Access To Attackers appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are increasingly targeting Azure Blob Storage, Microsoft’s flagship object storage solution, to infiltrate organizational repositories and disrupt critical workloads. With its capacity to handle exabytes of unstructured data for AI, high …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SharkStealer, a Golang-based information stealer, has been observed leveraging the Binance Smart Chain (BSC) Testnet as a covert dead-drop mechanism for command-and-control (C2) communications. By adopting an “EtherHiding” pattern, the malware retrieve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
