A sophisticated cryptojacking campaign has emerged, exploiting misconfigured Redis servers across multiple continents to deploy cryptocurrency miners while systematically dismantling security defenses. The threat actor behind this operation, designated TA-NATALSTATUS, has been active since 2020 but has significantly escalated their activities throughout 2025, targeting exposed Redis instances with alarming success rates across major economies. The […] The post New Cryptojacking Attack Exploits Redis Servers to Install Miners and Disable Defenses appeared first on Cyber Security News.

The Lumma information stealer has evolved from its 2022 origins into one of the most sophisticated malware-as-a-service (MaaS) ecosystems in the cybercriminal landscape. Operating through a vast network of affiliates, Lumma has established itself as the dominant infostealer platform, accounting for approximately 92% of stolen credential listings on major underground marketplaces by late 2024. The […] The post Lumma Affiliates Using Advanced Evasion Tools Designed to Ensure Stealth and Continuity appeared first on Cyber Security News.

A sophisticated new ransomware strain named BQTLOCK has emerged in the cyberthreat landscape since mid-July 2025, operating under a comprehensive Ransomware-as-a-Service (RaaS) model that democratizes access to advanced encryption capabilities for cybercriminals. The malware, associated with ‘ZerodayX’, the alleged leader of the pro-Palestinian hacktivist group Liwaa Mohammed, represents a concerning evolution in ransomware distribution and […] The post BQTLOCK Ransomware Operates as RaaS With Advanced Evasion Techniques appeared first on Cyber Security News.

A sophisticated supply chain attack has emerged targeting developers through a malicious Go module package that masquerades as a legitimate SSH brute forcing tool while covertly stealing credentials for cybercriminal operations. The package, named “golang-random-ip-ssh-bruteforce,” presents itself as a fast SSH brute forcer but contains hidden functionality that exfiltrates successful login credentials to a Telegram […] The post Malicious Go Module Package as Fast SSH Brute Forcer Exfiltrates Passwords via Telegram appeared first on Cyber Security News.

A sophisticated South Asian Advanced Persistent Threat (APT) group has been conducting an extensive espionage campaign targeting military personnel and defense organizations across Sri Lanka, Bangladesh, Pakistan, and Turkey. The threat actors have deployed a multi-stage attack framework combining targeted phishing operations with novel Android malware to compromise the mobile devices of military-adjacent individuals. The […] The post South Asian APT Hackers Using Novel Tools to Compromise Phones of Military-Adjacent Members appeared first on Cyber Security News.