-
DPRK IT workers have leveraged popular code-sharing platforms such as GitHub, CodeSandbox, and Medium to cultivate convincing developer portfolios and land remote positions under fabricated identities. Investigations reveal approximately 50 active GitH…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Emerging in mid-2025, a sophisticated campaign attributed to the Silver Fox APT has begun exploiting a previously unreported vulnerable driver to compromise modern Windows environments. This campaign leverages the WatchDog Antimalware driver (amsdk.sys, version 1.0.600), a Microsoft-signed component built on the Zemana Anti-Malware SDK. By abusing its arbitrary process termination capability, threat actors bypass endpoint […] The post Silver Fox APT Hackers Leveraging Vulnerable driver to Attack Windows 10 and 11 Systems by Evading EDR/AV appeared first on Cyber Security…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated supply chain attack has compromised the popular Nx build platform, affecting millions of weekly downloads and resulting in widespread credential theft. The attack, dubbed “s1ngularity,” represents one of the most comprehensive credential harvesting campaigns targeting the developer ecosystem in 2025. GitGuardian observed that malicious actors infiltrated multiple Nx package versions (20.9.0 through 21.8.0) […] The post Nx Packages With Millions of Weekly Downloads Hacked With Credential Stealer Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals are increasingly turning their sights from desktop to mobile, exploiting Meta’s advertising platform to distribute a sophisticated Android banking trojan disguised as a free TradingView Premium app. Bitdefender Labs warns that these thre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new Mac malware campaign has emerged that exploits users’ trust in free online PDF conversion tools, demonstrating how cybercriminals continue to evolve their tactics to bypass modern security measures. Cybersecurity firm Mosyle h…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated campaign by the Silver Fox APT group that exploits a previously unknown vulnerable driver to bypass endpoint detection and response (EDR) and antivirus solutions on fully updated Windows 10 and 11 systems. Check Point Research (CPR) rev…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated phishing campaign has been identified, where threat actors impersonate IT helpdesk personnel through Teams’ external communication features, exploiting the platform’s default configuration to bypass traditional email security measures and gain unauthorized screen-sharing and remote-control capabilities. The attacks leverage Teams’ external collaboration features, which are enabled by default in Microsoft 365 tenants, allowing attackers […] The post Hackers Exploit Microsoft Teams, Posing as IT Help Desk for Screen Sharing and Remote Access appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The escalation of sophisticated cyberattacks targeting Salesforce environments has emerged as one of the most concerning trends in enterprise cybersecurity. As organizations increasingly rely on customer relationship management (CRM) platforms to store their most sensitive business data, threat actors have recognized the immense value these systems represent. Recent intelligence indicates that attackers are successfully compromising […] The post Threat Actors Breach High Value Targets like Google in Salesforce Attacks – What Organizations Need to Know appeared first on Cyber Security…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a sophisticated campaign uncovered during a recent Advanced Continual Threat Hunt (ACTH) by Trustwave’s SpiderLabs team, threat actors weaponized a legitimate remote management tool, ScreenConnect, to deploy the Xworm Remote Access Trojan (RAT) through a deceptive, multi-stage infection chain. By abusing fake AI-themed content and manipulating digital signatures, the attackers bypassed Endpoint Detection and […] The post Weaponized ScreenConnect RMM Tool Tricks Users into Downloading Xworm RAT appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
South Korean authorities have successfully extradited a Chinese national suspected of orchestrating one of the most sophisticated hacking operations targeting high-profile individuals and financial institutions. The 34-year-old suspect, identified only as Mr. G, was repatriated from Bangkok, Thailand, on August 22, 2025, following a four-month international manhunt that resulted in his arrest for allegedly stealing […] The post South Korea Arrests Suspected Chinese Hacker Stolen Tens of Millions of Dollars from Victims appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
