Cybersecurity researchers have uncovered a sophisticated Android malware campaign targeting seniors through fraudulent travel and social activity promotions on Facebook. The newly identified Datzbro malware represents a dangerous evolution in mobile threats, combining advanced spyware capabilities with remote access tools designed to facilitate financial fraud. This campaign, first detected in August 2025, has expanded beyond […] The post Threat Actors Leveraging Senior Travel Scams to Deliver Datzbro Malware appeared first on Cyber Security News.

A sophisticated malicious package has infiltrated the Python Package Index (PyPI), masquerading as a legitimate SOCKS5 proxy tool while harboring backdoor capabilities that target Windows systems. The SoopSocks package, tracked as XRAY-725599, presents itself as a benign networking utility that creates SOCKS5 proxy services and reports server information to configurable Discord webhooks. However, beneath this […] The post Malicious PyPI Package Mimics as SOCKS5 Proxy Tool Attacking Windows Platforms appeared first on Cyber Security News.

The cybersecurity landscape witnessed the emergence of a sophisticated rootkit variation, FlipSwitch, targeting modern Linux kernels. First surfacing in late September 2025, FlipSwitch exploits recent changes in syscall dispatching to implant stealthy hooks directly into kernel code. Early indicators suggest attackers leverage this novel approach to evade traditional detection, compromising critical infrastructure and cloud environments. […] The post New FlipSwitch Hooking Technique Bypasses Linux Kernel Defenses appeared first on Cyber Security News.

A sophisticated DNS-based malware campaign has emerged, utilizing thousands of compromised websites worldwide to deliver the Strela Stealer information-stealing malware through an unprecedented technique involving DNS TXT records. The threat, tracked as Detour Dog by security researchers, represents a significant evolution in malware distribution methods that leverages the Domain Name System as both a command-and-control […] The post New DNS Malware Detour Dog Delivers Strela Stealer Using DNS TXT Records appeared first on Cyber Security News.

In recent weeks, security analysts have observed a new wave of macOS attacks leveraging legitimately issued Extended Validation (EV) certificates to sign malicious disk images (DMGs). This technique allows malware authors to evade detection by VirusTotal and built-in macOS security checks. The campaign first surfaced when multiple samples appeared on threat intelligence feeds, each bearing […] The post Hackers Abuse EV Certificates to Sign Completely Undetectable DMG Malware appeared first on Cyber Security News.

Google has published a comprehensive guide aimed at fortifying organizational defenses against UNC6040, a sophisticated threat actor known for targeting cloud environments and enterprise networks. Emerging in late 2024, UNC6040 quickly garnered attention for its highly coordinated campaigns, which leverage advanced payload delivery methods and custom malware loaders. Initial investigations linked the group’s activity to […] The post Google Releases Guide to Harden Security Strategy and Detection Capabilities Against UNC6040 appeared first on Cyber Security News.