-
A new malware campaign targeting macOS users has emerged with a dangerous focus on cryptocurrency wallet theft. The malware, called Nova Stealer, uses a clever approach to trick victims by replacing genuine cryptocurrency applications with fake versions that steal wallet recovery phrases. This bash-based stealer has been identified attacking users of popular cryptocurrency wallets, including […] The post New Nova Stealer Attacking macOS Users by Swapping Legitimate Apps to Steal Cryptocurrency Wallet Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ESET researchers have uncovered a sophisticated attack chain orchestrated by the China-aligned threat actor PlushDaemon, revealing how the group leverages a previously undocumented network implant, EdgeStepper, to conduct adversary-in-the-middle attack…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have uncovered an active global hacking campaign leveraging a known flaw in Ray, an open-source AI framework widely used for managing distributed computing tasks. Dubbed ShadowRay 2.0, this attack exploits vulnerability CVE-2023-48022 to silently seize control of powerful AI computing clusters and turn them into cryptocurrency mining operations. The campaign represents a significant […] The post New ShadowRay Attack Exploit Ray AI-Framework Vulnerability to Attack AI Systems appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical vulnerability affecting Fortinet FortiWeb appliances that threat actors are currently exploiting in active attacks. The agency added CVE-2025-58034 to its Known Exploited Vulnerabilities (KEV) catalog on November 18, 2025, signaling immediate risk to organizations using the affected product. The vulnerability […] The post CISA Warns of Fortinet FortiWeb OS Command Injection Vulnerability Exploited in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In October 2025, Morphisec’s anti-ransomware prevention platform detected and neutralized a sophisticated cyberattack targeting a major U.S. real estate company. The campaign showcased the emerging threat posed by the Tuoni C2 framework a free, m…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is introducing a new capability in Teams that allows users to report messages they believe were mistakenly flagged as security threats. The feature represents a significant step toward improving detection accuracy and reducing false positives across organizations worldwide. Completion of availability is expected by the end of November 2025. The reporting feature enables users […] The post Microsoft Teams New Feature Let Users Report Messages Incorrectly Flagged as Security Threats appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Multiple critical vulnerabilities affect D-Link DIR-878 routers across all models and firmware revisions. These devices reached the end of life on January 31, 2021. They will no longer receive security updates or technical support from D-Link Corporation. The vulnerabilities allow remote attackers to gain complete control of affected routers without requiring authentication. Two of the […] The post Multiple Vulnerabilities in D-Link EoL/EoS Routers Allows Remote Code Execution Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malware campaign targeting the npm ecosystem has emerged, deploying a clever detection system that distinguishes between regular users and security researchers. The threat actor, operating under the alias dino_reborn, created seven malicious npm packages designed to redirect users to crypto-themed scam sites while evading security detection. This intricate operation represents a new frontier […] The post New npm Malware Campaign Verifies if the Visitor is a Victim or a Researcher Before Triggering Infection appeared first on Cyber Security…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity threats continue to evolve with sophisticated evasion methods. A new .NET-based malware loader has emerged that demonstrates an advanced approach to concealing the notorious Lokibot trojan within image files. This multi-stage payload delivery system uses steganography, a technique that embeds hidden data inside legitimate-looking files, making detection significantly more challenging for security tools and […] The post New .NET Malware Hides Lokibot Malware within PNG/BMP Files to Evade Detection appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated Akira ransomware attack orchestrated by the Howling Scorpius group recently left a global data storage and infrastructure company grappling with massive operational disruption all triggered by a single, seemingly innocent click on a web…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
