The Russia-aligned Sandworm threat group has intensified its destructive cyberattacks against Ukrainian organizations, deploying sophisticated data wiper malware designed to cripple critical infrastructure and economic operations. Unlike traditional cyberespionage campaigns, Sandworm’s recent operations focus exclusively on destruction, targeting governmental entities, energy providers, logistics companies, and the grain sector with malicious tools named ZEROLOT and Sting. […] The post Sandworm Hackers Attacking Ukranian Organizations with Data Wiper Malwares appeared first on Cyber Security News.

The emergence of advanced AI browsing platforms such as OpenAI’s Atlas and Perplexity’s Comet has created a sophisticated challenge for digital publishers worldwide. These tools leverage agentic capabilities designed to execute complex, multistep tasks that fundamentally transform how content is accessed and consumed online. Unlike traditional search engines, AI browsers can navigate paywalls and content […] The post AI Browsers Bypass Content PayWall Mimicking as a Human-User appeared first on Cyber Security News.

The cybersecurity landscape continues to evolve as new ransomware variants emerge from the remnants of previous campaigns. Midnight ransomware represents one such development, drawing substantial inspiration from the notorious Babuk ransomware family that first appeared in early 2021. Like its predecessor, Midnight employs sophisticated encryption techniques and targeted file selection strategies to maximize damage across […] The post Midnight Ransomware Decrypter Flaws Opens the Door to File Recovery appeared first on Cyber Security News.

A previously unidentified Iranian threat actor has emerged with sophisticated social engineering tactics aimed at academics and foreign policy experts across the United States. Operating between June and August 2025, this campaign demonstrates the evolving landscape of state-sponsored cyber espionage, where attackers blend traditional phishing techniques with legitimate remote management tools to compromise high-value targets. […] The post Iranian Hackers Targeting Academics and Foreign Policy Experts Using RMM Tools appeared first on Cyber Security News.

North Korean threat actors are evolving their attack strategies by leveraging developer-focused tools as infection vectors. Recent security discoveries reveal that Kimsuky, a nation-state group operating since 2012, has been utilizing JavaScript-based malware to infiltrate systems and establish persistent command and control infrastructure. The threat group traditionally focuses on espionage operations against government entities, think […] The post Threat Actors May Abuse VS Code Extensions to Deploy Ransomware and Use GitHub as C2 Server appeared first on Cyber Security News.

Security researchers have uncovered a sophisticated new malware family targeting enterprise environments through a supply chain compromise. The malware, tracked as Airstalk, represents a significant shift in how attackers exploit legitimate enterprise management tools to evade detection and maintain persistent access to compromised systems. This discovery highlights the growing vulnerability of business process outsourcing organizations […] The post Airstalk Malware Leverages AirWatch API MDM Platform to Establish Covert C2 Communication appeared first on Cyber Security News.

A sophisticated Remote Access Trojan labeled EndClient RAT has emerged as a significant threat targeting human rights defenders in North Korea, marking another escalation in advanced malware operations attributed to the Kimsuky threat group. This newly discovered malware represents a concerning shift in attack sophistication, utilizing stolen code-signing certificates to evade antivirus protections and bypass […] The post New EndClient RAT Attacking Users by Leveraging Stolen Code-Signing to Bypass AV Detections appeared first on Cyber Security News.