-
In recent months, security teams have observed the emergence of a highly versatile Android backdoor, Android.Backdoor.916.origin, masquerading as a legitimate antivirus application. Distributed via private messaging services under the guise of “GuardCB,” its icon closely mimics the emblem of the Central Bank of the Russian Federation against a shield background. Although the interface displays only […] The post New Android Spyware Disguised as an Antivirus Attacking Business Executives appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In late June 2025, a significant operational dump from North Korea’s Kimsuky APT group surfaced on a dark-web forum, exposing virtual machine images, VPS infrastructure, customized malware and thousands of stolen credentials. This leak offers an unprecedented window into the group’s espionage toolkit, revealing how Kimsuky conducts phishing campaigns, maintains persistence and evades detection within […] The post Kimsuky APT Data Leak – GPKI Certificates, Rootkits and Cobalt Strike Personal Uncovered appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A significant data dump surfaced on DDoSecrets.com, purportedly extracted from a workstation belonging to a threat actor targeting organizations in South Korea and Taiwan. The leak, detailed in an accompanying article, attributes the activity to the No…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated Android malware campaign has resurfaced, exploiting deceptive websites that perfectly mimic legitimate Google Play Store application pages to distribute the notorious SpyNote Remote Access Trojan (RAT). This malicious operation targets unsuspecting users by creating static HTML clones of popular Android application install pages, complete with copied CSS styling and JavaScript functionality designed to […] The post Beware of Website Mimicking Google Play Store Pages to Deliver Android Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As students return to campus and online learning platforms, cybercriminals are increasingly leveraging artificial intelligence to create sophisticated scams targeting the education sector. These AI-enhanced attacks have become more convincing and harder to detect, making them particularly dangerous for students, parents, and educational institutions. The integration of machine learning algorithms, natural language processing, and deepfake […] The post 5 Common Back-to-School Online Scams Powered Using AI and How to Avoid Them appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A novel adaptation of the ClickFix social engineering technique has been identified, leveraging invisible prompt injection to weaponize AI summarization systems in email clients, browser extensions, and productivity platforms. By embedding malicious step-by-step instructions within hidden HTML elements—using CSS obfuscation methods such as zero-width characters, white-on-white text, tiny font sizes, and off-screen positioning—attackers can poison […] The post Threat Actors Weaponizes AI Generated Summaries With Malicious Payload to Execute Ransomware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in Zendesk’s Android SDK implementation that allows attackers to perform mass account takeovers without any user interaction. The flaw, which earned a $3,000 bug bounty payout, stems from predictable token generation mechanisms that enable unauthorized access to all Zendesk support tickets across affected organizations. Key Takeaways1. Predictable JWT […] The post 0-Click Zendesk Account Takeover Vulnerability Enables Access to all Zendesk Tickets appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A large-scale phishing campaign was conducted by threat actors who abused Google Classroom to distribute over 115,000 malicious emails to more than 13,500 organizations globally. The campaign uncovered by Check Point unfolded in five distinct waves between August 6 and August 12, 2025, and weaponized the trusted educational platform to bypass conventional security filters. The […] The post Hackers Leverage Google Classroom for 115,000+ Phishing Emails Targeting 13,500+ Organizations appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly observed malware campaign has emerged targeting a broad range of network appliances, including routers from DrayTek, TP-Link, Raisecom, and Cisco. Throughout July 2025, threat researchers observed a stealthy loader spread by exploiting unauthenticated command injection flaws in embedded web services. Initial compromise is achieved through straightforward HTTP requests, which silently deliver a downloader […] The post New Stealthy Malware Exploiting Cisco, TP-Link and Other Routers to Gain Remote Control appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A comprehensive security analysis of vtenext CRM version 25.02 has revealed multiple critical vulnerabilities that allow unauthenticated attackers to bypass authentication mechanisms through three distinct attack vectors, ultimately leading to remote code execution on target systems. The Italian CRM solution, utilized by numerous small and medium enterprises across Italy, faces significant security exposure despite attempted […] The post Multiple vtenext Vulnerabilities Let Attackers Bypass Authentication and Execute Remote Codes appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
