-
New Spear-Phishing Attack Delivers DarkCloud Malware to Steal Keystrokes, FTP Credentials and Others
A newly observed spear-phishing campaign is leveraging sophisticated social engineering lures to distribute DarkCloud, a modular malware suite designed to harvest keystrokes, exfiltrate FTP credentials and gather system information. Over the past month, targeted emails masquerading as legitimate software updates or corporate invoices have reached unsuspecting recipients across various industries. These messages carry a weaponized […] The post New Spear-Phishing Attack Delivers DarkCloud Malware to Steal Keystrokes, FTP Credentials and Others appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As attackers increasingly leverage Scalable Vector Graphics (SVG) for stealthy code injection, security researchers face mounting challenges in detecting obfuscated payloads embedded within SVG assets. The SVG Security Analysis Toolkit by HackingLZ offers a comprehensive solution: a suite of four Python-based tools designed to reveal hidden scripts, decode obfuscated URLs, and verify protection mechanisms, all […] The post SVG Security Analysis Toolkit to Detect Malicious Scripts Hidden in SVG Files appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Adversaries don’t work 9–5 and neither do we. At eSentire, our 24/7 SOCs are staffed with elite threat hunters and cyber analysts who hunt, investigate, contain and respond to threats within minutes. Backed by threat intelligence, tactical threat respo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malware campaign has emerged that weaponizes seemingly legitimate productivity tools to infiltrate systems and steal sensitive information. The TamperedChef malware represents a concerning evolution in threat actor tactics, utilizing trojanized applications disguised as calendar tools and image viewers to bypass traditional security defenses. This campaign demonstrates how cybercriminals increasingly exploit user trust in […] The post New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Jaguar Land Rover (JLR) has confirmed it will begin a phased restart of its manufacturing operations in the coming days, nearly a month after a significant cyber attack forced the company to halt production across the United Kingdom. The luxury carmaker, owned by India’s Tata Motors, is taking gradual steps to bring its facilities back […] The post JLR Confirms Phased Restart of Operations Following Cyber Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cybersecurity community is currently observing a surge in interest around Olymp Loader, a recently unveiled Malware-as-a-Service (MaaS) platform written entirely in Assembly. First advertised on underground forums and Telegram channels in early June 2025, Olymp Loader has rapidly evolved from a rudimentary botnet concept into a sophisticated loader and crypter suite. Its author, operating […] The post New Malware-as-a-Service Olymp Loader Promises Defender-Bypass With Automatic Certificate Signing appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Jaguar Land Rover (JLR) has announced the controlled resumption of manufacturing operations following a significant cyberattack that disrupted its production facilities. The British luxury automaker confirmed that some sections of its manufacturing ope…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malware campaign dubbed “TamperedChef” is exploiting trojanized productivity tools—disguised as seemingly benign applications—to bypass security controls, establish persistence, and siphon sensitive information from targeted systems. On…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered zero-click remote code execution (RCE) vulnerability in WhatsApp is putting millions of Apple users at risk. Researchers from DarkNavyOrg have demonstrated a proof-of-concept (PoC) exploit that leverages two distinct flaws …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent months, cybersecurity teams have observed an alarming trend in which malicious actors exploit Facebook and Google advertising channels to masquerade as legitimate financial services. By promoting free or premium access to well-known trading platforms, these threat actors have successfully lured unsuspecting users into downloading trojanized applications. The campaign’s social engineering tactics leverage familiar […] The post Threat Actors Weaponizing Facebook and Google Ads as Financial Platforms to Steal Sensitive Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶