Over the past year, a shadowy threat actor known as TAG-144—also tracked under aliases Blind Eagle and APT-C-36—has intensified operations against South American government institutions. First observed in 2018, this group has adopted an array of commodity remote access trojans (RATs) such as AsyncRAT, REMCOS RAT, and XWorm, often delivered through highly targeted spearphishing campaigns […] The post TAG-144 Actors Attacking Government Entities With New Tactics, Techniques, and Procedures appeared first on Cyber Security News.

A sophisticated malware campaign has emerged, targeting Indonesia’s most vulnerable digital citizens through a calculated exploitation of trust in the nation’s pension fund system. The malicious operation impersonates PT Dana Tabungan dan Asuransi Pegawai Negeri (TASPEN), the state-owned pension fund managing over $15.9 billion in assets for millions of Indonesian civil servants and retirees. This […] The post New Malware Attack Exploiting TASPEN’s Legacy to Target Indonesian Senior Citizens appeared first on Cyber Security News.

Over the past year, the Underground ransomware gang has emerged as a formidable threat to organizations across diverse industries and geographies. First identified in July 2023, the group resurfaced in May 2024 with a Dedicated Leak Site (DLS), signaling a renewed and more sophisticated operational phase. Their campaigns now span from the United Arab Emirates […] The post Underground Ransomware Gang With New Tactics Against Organizations Worldwide appeared first on Cyber Security News.

A sophisticated global cybercrime campaign dubbed “ShadowCaptcha” has emerged as a significant threat to organizations worldwide, leveraging fake Google and Cloudflare CAPTCHA pages to trick victims into executing malicious commands. Discovered by researchers at the Israel National Digital Agency in August 2025, this large-scale operation has been active for at least one year, exploiting hundreds […] The post New ShadowCaptcha Attack Exploiting Hundreds of WordPress Sites to Tricks Victims into Executing Malicious Commands appeared first on Cyber Security News.

A newly observed variant of the Zip Slip vulnerability has emerged, enabling threat actors to exploit path traversal flaws in widely used decompression utilities. Exploits leveraging this vulnerability craft malicious archives containing specially constructed file names with relative paths. When an unsuspecting user or automated system extracts these archives, files are written outside the intended […] The post New Zip Slip Vulnerability Allows Attackers to Manipulate ZIP Files During Decompression appeared first on Cyber Security News.

In recent weeks, a sophisticated phishing operation known as the ZipLine campaign has targeted U.S.-based manufacturing firms, leveraging supply-chain criticality and legitimate-seeming business communications to deploy an advanced in-memory implant dubbed MixShell. This threat actor reverses traditional phishing workflows by initiating contact through corporate “Contact Us” web forms, prompting victims to reach out first. Once […] The post New ZipLine Campaign Attacks Critical Manufacturing Companies to Deploy In-memory Malware MixShell appeared first on Cyber Security News.