-
A sophisticated new tool called IAmAntimalware, designed to inject malicious code directly into antivirus software processes, potentially turning protective defenses into hidden backdoors for attackers. Released on October 11, 2025, by developer Two Seven One Three on GitHub, the tool exploits Windows service cloning and digital signature manipulation to bypass antivirus self-protection mechanisms. This development […] The post New IAmAntimalware Tool Injects Malicious Code Into Processes Of Popular Antiviruses appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Malicious packages on popular registries are abusing Discord webhooks to exfiltrate sensitive files and host telemetry, bypassing traditional C2 infrastructure and blending into legitimate HTTPS traffic. Discord webhooks are simple HTTPS URLs that acce…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed vulnerability in SAP NetWeaver AS ABAP and ABAP Platform (CVE-2025-42902) allows unauthenticated attackers to crash server processes by sending malformed SAP Logon or SAP Assertion Tickets. Rated Medium severity with a …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In October 2025, security researchers uncovered an unprecedented phishing campaign that weaponizes the npm ecosystem—not by infecting developers during package installation, but by abusing the unpkg.com CDN as a disposable hosting platform for maliciou…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SimonMed Imaging, a leading U.S. provider of outpatient medical imaging services, has disclosed a major cybersecurity incident that compromised the personal and health data of approximately 1.2 million patients. The breach, which occurred earlier this year, was linked to a ransomware attack claimed by the notorious Medusa group, highlighting ongoing vulnerabilities in the healthcare sector. […] The post SimonMed Data Breach Exposes 1.2 Million Patients Sensitive Information appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Remote monitoring and management (RMM) tools have long served as indispensable assets for IT administrators, providing seamless remote control, unattended access, and scripted automation across enterprise endpoints. In recent months, security researchers have observed a surge in adversaries repurposing ScreenConnect—a ConnectWise RMM solution—as a clandestine backdoor for initial intrusion and ongoing control. Emerging from widespread […] The post ScreenConnect Abused by Threat Actors to Gain Unauthorized Remote Access to Your Computer appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers have launched a sophisticated phishing campaign impersonating both OpenAI and the recently released Sora 2 AI service. By cloning legitimate-looking landing pages, these actors are duping users into submitting their login credentials, participa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SimonMed Imaging has confirmed that an external hacking incident compromised the personal data of 1,275,669 patients, making it one of the largest healthcare breaches of the year. The breach, which occurred on January 21, 2025, but was not discovered u…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a sprawling network of covert remote labor, more than 10,000 North Korean IT professionals have infiltrated global technology and freelance marketplaces by exploiting VPNs, virtual private servers (VPS), and so-called “laptop farms” to conceal their…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ivanti has disclosed 13 vulnerabilities in its Endpoint Manager (EPM) software, including two high-severity flaws that could enable remote code execution and privilege escalation, urging customers to apply mitigations while patches remain in development. The announcement comes amid growing scrutiny of enterprise management tools, as attackers increasingly target them for supply chain compromises. Although no […] The post Ivanti Patches 13 Vulnerabilities in Endpoint Manager Allowing Remote Code Execution appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
