A sophisticated cryptojacking campaign has emerged, exploiting misconfigured Redis servers across multiple continents to deploy cryptocurrency miners while systematically dismantling security defenses. The threat actor behind this operation, designated TA-NATALSTATUS, has been active since 2020 but has significantly escalated their activities throughout 2025, targeting exposed Redis instances with alarming success rates across major economies. The […] The post New Cryptojacking Attack Exploits Redis Servers to Install Miners and Disable Defenses appeared first on Cyber Security News.

The Lumma information stealer has evolved from its 2022 origins into one of the most sophisticated malware-as-a-service (MaaS) ecosystems in the cybercriminal landscape. Operating through a vast network of affiliates, Lumma has established itself as the dominant infostealer platform, accounting for approximately 92% of stolen credential listings on major underground marketplaces by late 2024. The […] The post Lumma Affiliates Using Advanced Evasion Tools Designed to Ensure Stealth and Continuity appeared first on Cyber Security News.

A sophisticated new ransomware strain named BQTLOCK has emerged in the cyberthreat landscape since mid-July 2025, operating under a comprehensive Ransomware-as-a-Service (RaaS) model that democratizes access to advanced encryption capabilities for cybercriminals. The malware, associated with ‘ZerodayX’, the alleged leader of the pro-Palestinian hacktivist group Liwaa Mohammed, represents a concerning evolution in ransomware distribution and […] The post BQTLOCK Ransomware Operates as RaaS With Advanced Evasion Techniques appeared first on Cyber Security News.

A sophisticated supply chain attack has emerged targeting developers through a malicious Go module package that masquerades as a legitimate SSH brute forcing tool while covertly stealing credentials for cybercriminal operations. The package, named “golang-random-ip-ssh-bruteforce,” presents itself as a fast SSH brute forcer but contains hidden functionality that exfiltrates successful login credentials to a Telegram […] The post Malicious Go Module Package as Fast SSH Brute Forcer Exfiltrates Passwords via Telegram appeared first on Cyber Security News.

A sophisticated South Asian Advanced Persistent Threat (APT) group has been conducting an extensive espionage campaign targeting military personnel and defense organizations across Sri Lanka, Bangladesh, Pakistan, and Turkey. The threat actors have deployed a multi-stage attack framework combining targeted phishing operations with novel Android malware to compromise the mobile devices of military-adjacent individuals. The […] The post South Asian APT Hackers Using Novel Tools to Compromise Phones of Military-Adjacent Members appeared first on Cyber Security News.

A sophisticated cyber espionage campaign has emerged targeting Ukrainian and Polish organizations through weaponized PDF invitation files designed to execute malicious shell scripts. The campaign, active since April 2025, demonstrates a calculated approach to infiltrating government and private sector networks through carefully crafted social engineering tactics. The threat actors behind this operation have leveraged seemingly […] The post UAC-0057 Hackers Weaponizing PDF Invitation Files to Execute Shell Scripts appeared first on Cyber Security News.

Cyber threat actors have launched sophisticated phishing operations aimed at military and government personnel in South Asia, leveraging defense-related lures to distribute malicious archives and applications. Recent detections include ZIP files like &…

Cybersecurity researchers have identified a sophisticated social engineering technique called ClickFix that has been rapidly gaining traction among threat actors since early 2024. This deceptive attack method targets both Windows and macOS devices, tricking users into executing malicious commands through seemingly legitimate technical troubleshooting procedures. The technique has been observed in campaigns affecting thousands of […] The post Microsoft Warns of Hackers Using ClickFix Technique to Attack Windows and macOS Devices appeared first on Cyber Security News.

Linux environments, long considered bastions of security, are facing a sophisticated new threat that challenges traditional assumptions about operating system safety. A recently discovered malware campaign exploits an ingenious attack vector that weaponizes RAR archive filenames to deliver the VShell backdoor, demonstrating how attackers are evolving beyond conventional exploitation techniques to target scripting patterns and […] The post New Linux Malware With Weaponized RAR Archive Deploys VShell Backdoor appeared first on Cyber Security News.

The Anatsa banking trojan, also known as TeaBot, continues to evolve as one of the most sophisticated Android malware threats targeting financial institutions worldwide. First discovered in 2020, this malicious software has demonstrated remarkable persistence in infiltrating Android devices through the official Google Play Store, where it masquerades as legitimate document reading applications to steal […] The post Anatsa Malware Attacking Android Devices to Steal Login Credentials and Monitor Keystrokes appeared first on Cyber Security News.