Security researchers have recently observed a surge in sophisticated fileless malware campaigns targeting enterprise environments. AsyncRAT, a powerful Remote Access Trojan, leverages legitimate system tools to execute malicious payloads entirely in memory, effectively sidestepping traditional disk-based defenses. Emergence of this threat underscores the evolving tactics employed by cyber adversaries to maintain stealth and persistence on […] The post AsyncRAT Uses Fileless Loader to Bypass Detections and Gain Remote Access appeared first on Cyber Security News.

Malicious actors have launched a sophisticated malvertising campaign on Facebook that coerces unsuspecting users into installing a fake “Meta Verified” browser extension. Promoted through seemingly legitimate video tutorials, these ads promise to unlock the coveted blue verification tick without paying Meta’s subscription fee. In reality, the extension is engineered to harvest sensitive user data, including […] The post Beware of Malicious Facebook Ads With Meta Verified Steals User Account Details appeared first on Cyber Security News.

A recent incident uncovered how a threat actor inadvertently exposed its entire operational workflow by installing a popular endpoint detection and response (EDR) agent on their own attacking infrastructure. The scenario unfolded when the adversary, while evaluating various security platforms, triggered alerts that led Huntress analysts to investigate unusual telemetry data. Initial observations of system […] The post Threat Actor Installed EDR on Their Systems, Revealing Workflows and Tools Used appeared first on Cyber Security News.

A sophisticated phishing campaign has emerged targeting Google Workspace organizations through fraudulent emails impersonating Google’s AppSheet platform. The attack demonstrates how cybercriminals exploit legitimate cloud services to bypass traditional email security measures and steal user credentials. Discovered in September 2025, this campaign represents a significant escalation in social engineering tactics, leveraging the inherent trust organizations […] The post New Phishing Attack Mimics Google AppSheet to Steal Login Credentials appeared first on Cyber Security News.

In recent weeks, security teams have observed a sophisticated new strain of malware—dubbed GONEPOSTAL—that subverts Microsoft Outlook to relay command and control (C2) instructions. Emerging through spear-phishing campaigns targeting corporate environments, GONEPOSTAL disguises itself as a benign Office document. Upon opening the weaponized attachment, victims unknowingly activate a multi-stage payload that interfaces directly with Outlook’s […] The post New GONEPOSTAL Malware Hijacking Outlook to Enable Command and Control Communication appeared first on Cyber Security News.

Security researchers have observed a sophisticated campaign in recent weeks targeting critical infrastructure and government entities across South Asia. Dubbed the DarkSamural operation, this attack chain leverages deceptively crafted LNK and PDF files to infiltrate networks, establish persistence, and exfiltrate sensitive information. Initial reconnaissance indicates that the adversaries disguise malicious MSC (Microsoft Management Console) files […] The post DarkSamural APT Group Malicious LNK and PDF Files to Steal Critical Data appeared first on Cyber Security News.

The North Korea-backed APT group Kimsuky has escalated its cyber operations by weaponizing GitHub repositories for malware delivery and data exfiltration, marking a sophisticated evolution in their attack methodology. This latest campaign demonstrates the group’s growing expertise in abusing legitimate cloud infrastructure to evade traditional security measures while maintaining persistent access to compromised systems. The […] The post Kimsuky Hackers Via Weaponized LNK File Abuses GitHub for Malware Delivery appeared first on Cyber Security News.