-
A newly observed phishing campaign is abusing fake “audit/compliance confirmation” emails to target macOS users and steal highly sensitive data. The campaign uses convincing business-themed lures and malicious attachments that masquerade as Word or PDF…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new phishing campaign is tricking people with fake party invitations that secretly install remote access software on Windows computers. The attack uses social engineering to deliver ScreenConnect, a legitimate remote support tool, allowing threat actors to gain complete control of victim systems. What appears to be a harmless invitation from a friend turns into […] The post Beware of Malicious Party Invitations that Tricks Users into Installing Remote Access Tools appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Ricochet Chollima advanced persistent threat group has launched a targeted campaign against activists and organizations focused on North Korea, beginning in March 2025. The operation, named “Operation: ToyBox Story” by Genians Security Center, relies on a clever combination of social engineering and malware delivery tactics. Attackers send spear-phishing emails that appear to come from […] The post Chollima APT Hackers Weaponize LNK File to Deploy Sophisticated Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new malware variant dubbed “PDFly” is abusing a heavily modified PyInstaller stub to hide its Python bytecode, forcing analysts to reverse-engineer a custom decryption routine before any meaningful analysis can begin. A closely related sample, “PDFCl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ASUS has discontinued the File Shredder feature in its Business Manager software following the discovery of a critical security vulnerability, CVE-2025-13348. The company issued a security bulletin on February 2, 2026, addressing a flaw affecting ASUS …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is making a significant move to strengthen Windows security by phasing out NTLM (New Technology LAN Manager). This legacy authentication protocol has been part of Windows for over 30 years. The company plans to disable NTLM by default in upco…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated social engineering campaign targeting Windows users across the UK, using fake event invitations to silently install ScreenConnect a legitimate remote access tool that attackers have weaponized to gain complete system control. The attack…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The HoneyMyte APT group, also known as Mustang Panda and Bronze President, continues expanding its cyber-espionage operations across Asia and Europe, with Southeast Asia being the most heavily targeted region. Recent investigations reveal that the grou…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical XML External Entity (XXE) vulnerability has been disclosed in the Syncope identity management console. The flaw could allow administrators to expose sensitive user data and compromise session security inadvertently. The vulnerability, tracked as CVE-2026-23795, affects multiple versions of the platform and requires immediate patching. The improper restriction of XML External Entity references in […] The post Apache Syncope Vulnerability Let Attackers Hijack User Sessions appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
APT28, the Russia-linked advanced persistent threat group, has launched a sophisticated campaign targeting Central and Eastern Europe using a zero-day vulnerability in Microsoft Office. The threat actors leveraged specially crafted Microsoft Rich Text Format (RTF) files to exploit the vulnerability and deliver malicious backdoors through a multi-stage infection chain. The campaign, tracked as Operation Neusploit, […] The post APT28 Hackers Exploiting Microsoft Office 0-Day in the Wild to Deploy Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
