Over the past month, a targeted campaign dubbed Operation Silk Lure has surfaced, exploiting the Windows Task Scheduler to deploy a novel variant of ValleyRAT. Emerging in mid-2025, the operation hinges on spear-phishing emails that carry malicious LNK attachments masquerading as candidate resumes. When victims open these attachments, a hidden PowerShell command initiates the download […] The post Operation Silk Lure Weaponizing Windows Scheduled Tasks to Drop ValleyRAT appeared first on Cyber Security News.

The Qilin ransomware group has emerged as one of the most prolific and dangerous threat actors in the cybersecurity landscape, exploiting sophisticated bulletproof hosting infrastructure to conduct devastating attacks on organizations across multiple sectors. Operating under a Ransomware-as-a-Service (RaaS) model, Qilin first surfaced in mid-2022 under the name “Agenda” before rebranding later that year. The […] The post Qilin Ransomware Using Ghost Bulletproof Hosting to Attack Organizations Worldwide appeared first on Cyber Security News.

In recent months, a new advanced persistent threat (APT) group known as Mysterious Elephant has emerged as a formidable adversary targeting government and diplomatic institutions across the Asia-Pacific region. First identified by Kaspersky’s Global Research and Analysis Team (GReAT) in 2023, the group has continued to refine its toolkit, employing both custom-built malware and modified […] The post Mysterious Elephant APT Hackers Infiltrate Organization to Steal Sensitive Information appeared first on Cyber Security News.

Early October 2025 witnessed the resurgence of a retro phishing technique that exploits legacy Basic Authentication URLs to deceive users into divulging sensitive credentials. Threat actors crafted links in the format https://username:password@domain.com, embedding a trusted institution’s domain in the username field to visually mimic legitimate services. When users click these links, their browsers authenticate to […] The post New Phishing Attack Uses Basic Auth URLs to Trick Users and Steal Login Credentials appeared first on Cyber Security News.

A sophisticated multi-stage malware campaign is targeting organizations globally, utilizing the PhantomVAI Loader to distribute dangerous information-stealing malware. The attack chain, which begins with carefully crafted phishing emails, has emerged as a significant threat to businesses across manufacturing, education, healthcare, technology, utilities, and government sectors. This malware family, previously known as Katz Stealer Loader, has […] The post PhantomVAI Loader Attacking Organizations Worldwide to Deliver AsyncRAT, XWorm, FormBook and DCRat appeared first on Cyber Security News.