A seemingly innocent patch update for the popular 2D platformer game BlockBlasters has transformed into a sophisticated malware campaign, exposing hundreds of Steam users to data theft and system compromise. The malicious patch, deployed on August 30, 2025, demonstrates how threat actors are increasingly exploiting the gaming ecosystem to distribute information-stealing malware while users remain […] The post BlockBlasters Steam Game Downloads Malware to Computer Disguised as Patch appeared first on Cyber Security News.

In recent weeks, security researchers have observed a surge in attacks exploiting Oracle Database Scheduler’s External Jobs feature to gain a foothold in corporate environments. This technique abuses the scheduler’s ability to execute arbitrary commands on Windows-based database servers, allowing adversaries to bypass perimeter defenses. Initial intrusion vectors involve probing publicly exposed Oracle listener ports […] The post Threat Actors Leverage Oracle Database Scheduler to Gain Access to Corporate Environments appeared first on Cyber Security News.

A sophisticated Iran-nexus espionage group known as Subtle Snail has emerged as a significant threat to European telecommunications, aerospace, and defense organizations through an elaborate recruitment-themed social engineering campaign. The group, also identified as UNC1549 and linked to the broader Unyielding Wasp network, has successfully compromised 34 distinct devices across 11 organizations since June 2022 […] The post Subtle Snail Mimic as HR Representatives to Engage Employees and Steal Login Credentials appeared first on Cyber Security News.

A sophisticated new ransomware group has emerged from the shadows, targeting multinational organizations across diverse sectors with precision and systematic approach. Kawa4096, first detected in June 2025, has rapidly established itself as a formidable threat to enterprises spanning finance, education, and service industries, particularly focusing on victims in Japan and the United States. The group’s […] The post Kawa4096 Ransomware Attacking Multinational Organizations to Exfiltrate Sensitive Data appeared first on Cyber Security News.

The cybersecurity landscape faces a growing threat from sophisticated Phishing-as-a-Service (PhaaS) platforms that are democratizing cybercrime by lowering technical barriers for fraudsters worldwide. Among these emerging threats, the Lucid PhaaS platform has established itself as a formidable force in the underground economy, enabling massive-scale phishing operations across multiple continents and industry sectors. Security researchers have […] The post Lucid PhaaS With 17,500 Phishing Domains Mimics 316 Brands From 74 Countries appeared first on Cyber Security News.