A novel phishing kit has surfaced that enables threat actors to craft sophisticated lures with minimal technical expertise. This “point-and-click” toolkit combines an intuitive web interface with powerful payload delivery mechanisms. Attackers can select from preconfigured templates, customize branding elements, and target specific organizations or individuals. Once a phishing page is deployed, victims are presented […] The post New ‘Point-and-Click’ Phishing Kit Bypasses User Awareness and Security Filters to Deliver Malicious Payloads appeared first on Cyber Security News.

Cybercriminals have launched a sophisticated campaign that leverages brand impersonation techniques to distribute malware through deceptive SMS phishing (smishing) attacks. This emerging threat demonstrates an evolution in social engineering tactics, where attackers strategically craft URLs containing trusted brand names to bypass user skepticism and security filters. The attack methodology centers on manipulating URL structures to […] The post Threat Actors Mimic Popular Brands to Deceive Users and Deploy Malware in New Wave of Attacks appeared first on Cyber Security News.

Rhadamanthys, a sophisticated multi-modular information stealer, first emerged in September 2022 and has since evolved into one of the most commercially advanced malware offerings on underground forums. Originally advertised by the actor “kingcrete2022,” its initial design drew heavily on the earlier Hidden Bee project, enabling rapid feature growth and professional polish. Over time, Rhadamanthys steadily […] The post Rhadamanthys Stealer Available on Dark Web Prices Ranging from $299 to $499 appeared first on Cyber Security News.

Mobile VPN apps promise to protect privacy and secure communications on smartphones, but a comprehensive analysis of nearly 800 free Android and iOS VPN applications reveals a troubling reality: many of these tools expose sensitive information rather than shield it. From insecure configurations to dangerous permissions and outdated libraries, the apps that millions trust are […] The post Hundreds of Free VPN Apps for Both Android and iOS Leaks Users Personal Data appeared first on Cyber Security News.

The Confucius hacker group, active since 2013, has recently escalated its operations by weaponizing malicious Office documents to compromise Windows endpoints with a new Python-based backdoor, dubbed AnonDoor. Historically known for deploying document stealers such as WooperStealer, the threat actor has now shifted to a sophisticated multi-stage infection chain that leverages OLE-embedded scripts, VBScript droppers, […] The post Confucius Hacker Group Attacking Weaponizing Documents to Compromised Windows Systems With AnonDoor Malware appeared first on Cyber Security News.

Ukrainian security agencies have issued an urgent warning regarding a sophisticated malware campaign targeting government and critical infrastructure sectors through weaponized XLL files distributed via compressed archives. The malicious campaign leverages Microsoft Excel add-in files containing the CABINETRAT backdoor, representing a significant evolution in targeted cyber operations against Ukrainian entities. The attack methodology involves distributing […] The post Ukraine Warns of Weaponized XLL Files Delivers CABINETRAT Malware Via Zip Files appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated Android malware campaign targeting seniors through fraudulent travel and social activity promotions on Facebook. The newly identified Datzbro malware represents a dangerous evolution in mobile threats, combining advanced spyware capabilities with remote access tools designed to facilitate financial fraud. This campaign, first detected in August 2025, has expanded beyond […] The post Threat Actors Leveraging Senior Travel Scams to Deliver Datzbro Malware appeared first on Cyber Security News.

A sophisticated malicious package has infiltrated the Python Package Index (PyPI), masquerading as a legitimate SOCKS5 proxy tool while harboring backdoor capabilities that target Windows systems. The SoopSocks package, tracked as XRAY-725599, presents itself as a benign networking utility that creates SOCKS5 proxy services and reports server information to configurable Discord webhooks. However, beneath this […] The post Malicious PyPI Package Mimics as SOCKS5 Proxy Tool Attacking Windows Platforms appeared first on Cyber Security News.