-
A sophisticated phishing campaign that uses a multi-stage approach to bypass email filtering and content-scanning systems. The attack exploits trusted platforms, benign file formats, and layered redirection techniques to harvest user credentials from u…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Firefox 148 introduces comprehensive AI controls, giving users greater control over artificial intelligence features built into the browser. The new security-focused setting provides a centralized toggle to block current and future generative AI functionalities. Addressing growing privacy and security concerns among users who reject AI integration in their browsing environment. The “Block AI enhancements” toggle […] The post Mozilla Unveils Kill Switch to Disable All Firefox AI features appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly observed phishing campaign is abusing fake “audit/compliance confirmation” emails to target macOS users and steal highly sensitive data. The campaign uses convincing business-themed lures and malicious attachments that masquerade as Word or PDF…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new phishing campaign is tricking people with fake party invitations that secretly install remote access software on Windows computers. The attack uses social engineering to deliver ScreenConnect, a legitimate remote support tool, allowing threat actors to gain complete control of victim systems. What appears to be a harmless invitation from a friend turns into […] The post Beware of Malicious Party Invitations that Tricks Users into Installing Remote Access Tools appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Ricochet Chollima advanced persistent threat group has launched a targeted campaign against activists and organizations focused on North Korea, beginning in March 2025. The operation, named “Operation: ToyBox Story” by Genians Security Center, relies on a clever combination of social engineering and malware delivery tactics. Attackers send spear-phishing emails that appear to come from […] The post Chollima APT Hackers Weaponize LNK File to Deploy Sophisticated Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new malware variant dubbed “PDFly” is abusing a heavily modified PyInstaller stub to hide its Python bytecode, forcing analysts to reverse-engineer a custom decryption routine before any meaningful analysis can begin. A closely related sample, “PDFCl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ASUS has discontinued the File Shredder feature in its Business Manager software following the discovery of a critical security vulnerability, CVE-2025-13348. The company issued a security bulletin on February 2, 2026, addressing a flaw affecting ASUS …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is making a significant move to strengthen Windows security by phasing out NTLM (New Technology LAN Manager). This legacy authentication protocol has been part of Windows for over 30 years. The company plans to disable NTLM by default in upco…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated social engineering campaign targeting Windows users across the UK, using fake event invitations to silently install ScreenConnect a legitimate remote access tool that attackers have weaponized to gain complete system control. The attack…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The HoneyMyte APT group, also known as Mustang Panda and Bronze President, continues expanding its cyber-espionage operations across Asia and Europe, with Southeast Asia being the most heavily targeted region. Recent investigations reveal that the grou…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
