-
A sophisticated DNS-based malware campaign has emerged, utilizing thousands of compromised websites worldwide to deliver the Strela Stealer information-stealing malware through an unprecedented technique involving DNS TXT records. The threat, tracked as Detour Dog by security researchers, represents a significant evolution in malware distribution methods that leverages the Domain Name System as both a command-and-control […] The post New DNS Malware Detour Dog Delivers Strela Stealer Using DNS TXT Records appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent weeks, security analysts have observed a new wave of macOS attacks leveraging legitimately issued Extended Validation (EV) certificates to sign malicious disk images (DMGs). This technique allows malware authors to evade detection by VirusTotal and built-in macOS security checks. The campaign first surfaced when multiple samples appeared on threat intelligence feeds, each bearing […] The post Hackers Abuse EV Certificates to Sign Completely Undetectable DMG Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Allianz Life Insurance Company of North America has reported a significant data security incident that has exposed the sensitive personal information of an estimated 1.5 million customers, financial professionals, and employees. The breach involved unauthorized access to a cloud-based system, compromising highly sensitive data, including Social Security numbers. The incident occurred on July 16, 2025, […] The post Allianz Life Data Breach Exposes Personal Records of 1.5 Million Users appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new ransomware strain, dubbed FunkLocker, is leveraging artificial intelligence to expedite its development, while relying on the abuse of legitimate Windows utilities to disable security defenses and disrupt systems. The ransomware, attributed to a group known as FunkSec, highlights a growing trend of threat actors using AI to piece together malware with varying degrees […] The post AI-Powered FunkLocker Ransomware Leverages Windows utilities to Disable Defenses appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has published a comprehensive guide aimed at fortifying organizational defenses against UNC6040, a sophisticated threat actor known for targeting cloud environments and enterprise networks. Emerging in late 2024, UNC6040 quickly garnered attention for its highly coordinated campaigns, which leverage advanced payload delivery methods and custom malware loaders. Initial investigations linked the group’s activity to […] The post Google Releases Guide to Harden Security Strategy and Detection Capabilities Against UNC6040 appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In today’s fast-paced digital environment, organizations face constant threats from cybercriminals exploiting weaknesses in IT systems. Vulnerability management software is one of the most crucial elements in safeguarding a network, as it helps identif…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco’s Simple Network Management Protocol (SNMP) implementations in IOS and IOS XE have come under intense scrutiny following reports of active exploitation in the wild. First disclosed in August 2025, CVE-2025-20352 describes a critical buffer overflow in the SNMP engine that allows unauthenticated remote attackers to execute arbitrary code. The vulnerability arises when an oversized […] The post CISA Warns of Cisco IOS and IOS XE SNMP Vulnerabilities Exploited in Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ukraine’s national cyber incident response team, CERT-UA, has issued an urgent warning about a new malware campaign that weaponizes Excel add-in (XLL) files to deploy the CABINETRAT backdoor. Throughout September 2025, CERT-UA analysts discovered multi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent weeks, a novel malware campaign dubbed MatrixPDF has surfaced, targeting Gmail users with carefully crafted emails that slip past conventional spam and phishing filters. This campaign has been active since mid-September 2025 and leverages PDF attachments that, when opened, initiate a stealthy infection chain designed to exfiltrate sensitive information and deliver additional payloads. […] The post MatrixPDF Attacks Gmail Users Bypassing Email Filters and Fetch Malicious Payload appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WestJet announced a cybersecurity incident in which a sophisticated third-party actor gained unauthorized access to internal systems, exposing personal information of some customers. The breach, discovered on June 13, 2025, has since been contained and remediated, but not before sensitive data elements were exfiltrated. WestJet Passenger Data Exposed WestJet’s security team first detected anomalous activity […] The post WestJet Confirms Data Breach – Customers Personal Information Exposed appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
