The SmartApeSG campaign, also known as ZPHP or HANEY MANEY, continues to evolve its attack methods to compromise Windows systems with malicious remote access tools. First reported in June 2024, this campaign has shifted from using fake browser update pages to deploying sophisticated ClickFix-style techniques. The new approach tricks users into thinking they need to […] The post SmartApeSG Campaign Leverages ClickFix Technique to Deploy NetSupport RAT appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated campaign where threat actors abuse legitimate JSON storage services to deliver malware to software developers. The campaign, known as Contagious Interview, represents a significant shift in how attackers are concealing malicious payloads within seemingly legitimate development projects. By exploiting platforms such as JSON Keeper, JSONsilo, and npoint.io, threat actors […] The post Threat Actors Leverage JSON Storage Services to Host and Deliver Malware Via Trojanized Code Projects appeared first on Cyber Security News.

Security researcher Paul McCarty uncovered a significant coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, as it has been named, consists of more than 43,000 spam packages published across at least eleven user accounts over almost two years. These packages have survived undetected, representing more than one percent of the entire npm registry […] The post Hackers Flooded npm Registry Over 43,000 Spam Packages Survived for Almost Two Years appeared first on Cyber Security News.

A deceptive Chrome extension named Safery: Ethereum Wallet has emerged as a serious threat to cryptocurrency users. Published on the Chrome Web Store on November 12, 2024, this extension masquerades as a secure Ethereum wallet while secretly stealing user seed phrases. The malware’s sophisticated design allows attackers to gain complete control over victims’ cryptocurrency wallets […] The post Malicious Chrome Extension as Ethereum Wallet Enables Full Wallet Takeover appeared first on Cyber Security News.

In August 2025, a new ransomware threat emerged with capabilities that fundamentally changed how organizations should approach enterprise security. Kraken, a Russian-speaking cybercriminal group, began executing sophisticated attacks targeting large organizations across multiple continents. What makes Kraken particularly dangerous is its ability to attack Windows, Linux, and VMware ESXi systems with platform-specific tools, making it […] The post Kraken Cross-Platform Ransomware Attacking Windows, Linux, and VMware ESXi Systems in Enterprise Environments appeared first on Cyber Security News.

A growing social engineering technique called ClickFix has emerged as one of the most successful methods for distributing malware in recent months. This attack tricks users into copying and running commands directly into their operating systems command line interface, ultimately installing dangerous information-stealing software. The technique has proven remarkably effective because it bypasses traditional email […] The post New ClickFix Attack Targeting Windows and macOS Users to Deploy Infostealer Malware appeared first on Cyber Security News.

Digital photo frames have become a standard household device for displaying family memories, and most users assume these simple gadgets prioritize simplicity over complexity. However, a troubling discovery reveals that specific Android photo frames running the Uhale app automatically download and execute malware as soon as they boot. Quokka security analysts noted or identified this […] The post Android Photo Frames App Downloads Malware, Giving Hackers Control of The Device Without User Interaction appeared first on Cyber Security News.

The rise of cryptocurrency has created new opportunities for cybercriminals to exploit unsuspecting users. Attackers are now disguising the notorious DarkComet remote access trojan as Bitcoin-related applications, targeting cryptocurrency enthusiasts who download tools from unverified sources. This malware campaign demonstrates how old threats continue to resurface with modern social engineering techniques. DarkComet RAT is a […] The post Beware of Fake Bitcoin Tool That Hides DarkComet RAT Malware With it appeared first on Cyber Security News.

Cybercriminals are now exploiting remote monitoring and management tools to spread dangerous malware while avoiding detection by security systems. The attack campaign targets users who download what appears to be popular software, such as Notepad++, 7-Zip, or ChatGPT, from fake websites. Instead of getting the real program, victims unknowingly install LogMeIn Resolve or PDQ Connect, […] The post Hackers Exploiting RMM Tools LogMeIn and PDQ Connect to Deploy Malware as a Normal Program appeared first on Cyber Security News.