-
Mozilla has announced a significant transparency initiative for its Firefox browser ecosystem, implementing mandatory data disclosure requirements for extension developers. Starting November 3rd, 2025, all newly submitted Firefox extensions must explic…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new remote access trojan called Atroposia has emerged in underground cybercrime marketplaces, offering attackers a comprehensive toolkit for hidden remote desktop access, credential theft, and network manipulation at an accessible price…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
AI language models like ChatGPT, DeepSeek, and Copilot are transforming business operations at lightning speed. They help us generate documents, summarise meetings, and even make decisions faster than ever before. But this rapid adoption comes at a pri…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated Android banking trojan named Herodotus has emerged on the mobile threat landscape, introducing groundbreaking techniques to evade detection systems. During routine monitoring of malicious distribution channels, the Mobile Threat Intelligence service discovered unknown malicious samples distributed alongside notorious malware variants like Hook and Octo. Despite sharing distribution infrastructure, these samples revealed closer similarities […] The post New Android Malware Herodotus Mimic Human Behaviour to Bypass Biometrics Detection appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals have developed a sophisticated phishing technique that exploits invisible characters embedded within email subject lines to evade automated security filters. This attack method leverages MIME encoding combined with Unicode soft hyphens to disguise malicious intent while appearing legitimate to human readers. The technique represents an evolution in social engineering tactics, targeting email filtering mechanisms […] The post New Phishing Attack Using Invisible Characters Hidden in Subject Line Using MIME Encoding appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researcher Eaton Zveare has disclosed critical vulnerabilities in Tata Motors’ systems that exposed over 70 terabytes of sensitive data, including customer personal information, financial reports, and fleet management details. The flaws, uncovered during ethical hacking in 2023 but publicly shared only now, involved hardcoded AWS access keys on public-facing websites, granting unauthorized access to […] The post Tata Motors Data Leak – 70+ TB of Sensitive Info and Test Drive Data Exposed via AWS Keys appeared first on Cyber…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Pentest Copilot is an innovative open-source tool that leverages AI to help ethical hackers streamline penetration testing workflows. This browser-based assistant integrates large language models to automate tasks while preserving human oversight, marking a significant advancement over traditional methods. Pentest Copilot addresses key challenges in penetration testing by combining AI-driven automation with practical tools for […] The post Pentest Copilot – AI-based Ethical Hacking Tool to Streamline Penetration Testing appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated information-stealing malware named Anivia Stealer has emerged on underground forums, marketed by a threat actor known as ZeroTrace. The malware represents a dangerous evolution in credential theft operations, specifically designed to compromise Windows systems from legacy XP installations through the latest Windows 11 environments. Built using C++17, Anivia Stealer incorporates advanced evasion techniques […] The post Threat Actors Advertising Anivia Stealer Malware on Dark Web bypassing UAC Controls appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have uncovered a sophisticated phishing campaign that combines two emerging attack techniques to bypass conventional security defenses. The hybrid approach merges FileFix social engineering tactics with cache smuggling to deliver malware payloads without triggering network-based detection systems. This evolution represents a significant shift in how threat actors are circumventing endpoint detection and response […] The post Threat Actors Merging FileFix and Cache Smuggling Attacks to Evade Security Controls appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated Android banking trojan dubbed GhostGrab has emerged in the threat landscape, targeting financial institutions across multiple regions with advanced credential theft capabilities. The malware operates silently on infected devices, harvesting sensitive banking credentials while intercepting one-time passwords through SMS messages. Security teams have observed active campaigns distributing GhostGrab through compromised application stores and […] The post New GhostGrab Android Malware Silently Steals Banking Login Details and Intercept SMS for OTPs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
