-
A sophisticated backdoor malware campaign has emerged targeting Windows users through a weaponized version of SteamCleaner, a legitimate open-source utility designed to clean junk files from the Steam gaming platform. The malware establishes persistent access to compromised systems by deploying malicious Node.js scripts that maintain continuous communication with command-and-control servers, enabling attackers to execute arbitrary […] The post Beware of Malicious Steam Cleanup Tool Attack Windows Machines to Deploy Backdoor Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The advanced persistent threat group APT-C-08, also known as Manlinghua or BITTER, has launched a sophisticated campaign targeting government organizations across South Asia by exploiting a critical directory traversal vulnerability in WinRAR. Security researchers have identified the group’s first operational use of CVE-2025-6218, a flaw affecting WinRAR versions 7.11 and earlier that allows attackers to […] The post APT-C-08 Hackers Exploiting WinRAR Vulnerability to Attack Government Organizations appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated phishing campaign has emerged, targeting organizations across Central and Eastern Europe by impersonating legitimate global brands to deceive users into surrendering their login credentials. The attack utilizes self-contained HTML files delivered as email attachments, eliminating the need for external server hosting or suspicious URLs that traditional security systems typically detect. Once opened, these […] The post New Phishing Attack Leverages Popular Brands to Harvest Login Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors continue to evolve their techniques for bypassing macOS security controls, shifting away from traditional attack vectors that Apple has systematically patched. Following Apple’s removal of the “right-click and open” Gatekeeper override in August 2024, attackers have identified and weaponized a new delivery mechanism using compiled AppleScript files with deceptive naming conventions. These .scpt […] The post Hackers Weaponize AppleScript to Creatively Deliver macOS Malware Mimic as Zoom/Teams Updates appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Authentication coercion represents a sophisticated and evolving threat targeting Windows and Active Directory environments across organizations globally. This attack method exploits the fundamental communication mechanisms embedded within every Windows operating system, manipulating machines into automatically transmitting sensitive credentials to attacker-controlled infrastructure. The emergence of this threat vector reflects a significant shift in how threat actors […] The post Authentication Coercion Attack Tricks Windows Machines into Revealing Credentials to Attack-controlled Servers appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly identified Android remote access trojan (RAT) dubbed KomeX has surfaced on underground hacker forums, generating widespread concern within the cybersecurity community. Marketed by a threat actor under the alias “Gendirector,” KomeX is built atop the infamous BTMOB RAT codebase and presents a formidable arsenal of spying and device control features. Recognized for its […] The post New KomeX Android RAT Advertised on Hacker Forums with Multiple Subscription Options appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A large-scale phishing campaign has emerged, exploiting Meta’s Business Suite to compromise credentials across thousands of small and medium-sized businesses worldwide. Check Point security researchers identified approximately 40,000 phishing emails distributed to more than 5,000 customers, primarily targeting industries including automotive, education, real estate, hospitality, and finance across the U.S., Europe, Canada, and Australia. The […] The post New Phishing Attack Targeting Meta Business Suite Users to Steal Login Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ferocious Kitten has emerged as a significant cyber-espionage threat targeting Persian-speaking individuals within Iran since at least 2015. The Iranian-linked advanced persistent threat group operates with a highly focused objective, utilizing politically themed decoy documents to manipulate victims into executing weaponized files. Over the years, the group developed a sophisticated custom implant known as MarkiRAT, […] The post Ferocious Kitten APT Deploying MarkiRAT to Capture Keystroke and Clipboard Logging appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated phishing campaign is targeting Microsoft 365 users worldwide through a newly discovered tool called Quantum Route Redirect. This advanced automation platform transforms complex phishing operations into simple one-click attacks that evade traditional security measures. The campaign has already affected victims across 90 countries, with the United States accounting for 76% of the targets. […] The post New Quantum Route Redirect Tool Lets Attackers Launch One-Click Phishing Attacks on Microsoft 365 Users appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Danabot, a notorious banking Trojan, has made a significant comeback with its new version 669 after a period of inactivity triggered by Operation Endgame’s law enforcement sweep in May 2025. This advanced malware’s resurgence signals a new threat wave targeting financial institutions, cryptocurrency users, and individual victims using sophisticated multi-stage attacks. Danabot tracks a legacy […] The post Danabot Malware Resurfaced with Version 669 Following Operation Endgame appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
