Cybercriminals are increasingly exploiting legitimate remote monitoring and management (RMM) tools to establish persistent access to compromised systems through sophisticated phishing campaigns. Joint research conducted by Red Canary Intelligence and Zscaler threat hunters has identified multiple malicious campaigns utilizing ITarian (also known as Comodo), PDQ, SimpleHelp, and Atera RMM solutions as attack vectors. The appeal […] The post Threat Actors Leverage Several RMM Tools in Phishing Attack to Maintain Remote Access appeared first on Cyber Security News.

A sophisticated pro-Russian cybercriminal group known as SectorJ149 (also identified as UAC-0050) has emerged as a significant threat to critical infrastructure worldwide, conducting targeted attacks against manufacturing, energy, and semiconductor companies across multiple nations. The group’s activities represent a strategic shift from traditional financially motivated cybercrime to geopolitically driven operations that align with broader Russian […] The post Pro-Russian Hackers Attacking Key Industries in Major Countries Around The World appeared first on Cyber Security News.

In mid-July 2025, a novel campaign emerged in which cybercriminals weaponized generative AI to fabricate deepfake images of government IDs, embedding them within spear-phishing messages that bypassed traditional antivirus safeguards. These emails impersonated military and security institutions, complete with convincing visual assets generated by ChatGPT. Recipients were urged to review “draft” ID cards, triggering the […] The post Hackers Using Generative AI ‘ChatGPT’ to Evade Anti-virus Defenses appeared first on Cyber Security News.

The BlackNevas ransomware group has emerged as a significant threat since November 2024, continuously launching devastating attacks against businesses and critical infrastructure organizations across Asia, North America, and Europe. This sophisticated malware operation combines file encryption with data theft tactics, threatening to leak stolen information if ransom demands are not met within seven days. The […] The post BlackNevas Ransomware Encrypts Files and Steals Sensitive Data From Affected Companies appeared first on Cyber Security News.

The cybersecurity landscape witnessed a significant escalation in July 2025 when the China-aligned threat actor Hive0154, commonly known as Mustang Panda, deployed sophisticated new malware variants designed to breach air-gapped systems. This advanced persistent threat group introduced SnakeDisk, a novel USB worm, alongside an updated Toneshell9 backdoor, representing a calculated evolution in their cyber espionage […] The post Mustang Panda With SnakeDisk USB Worm and Toneshell Backdoor Seeking to Penetrate Air-Gap Systems appeared first on Cyber Security News.