A sophisticated malware distribution campaign leveraging over 3,000 malicious YouTube videos has been uncovered, targeting users seeking pirated software and game cheats. The YouTube Ghost Network represents a coordinated ecosystem of compromised accounts that exploit platform features to distribute information-stealing malware while creating false trust through fabricated engagement. Active since 2021, the network has dramatically […] The post YouTube Ghost Malware Network With 3,000+ Malicious Videos Attacking Users to Deploy Malware appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated ransomware campaign where Agenda group threat actors are deploying Linux-based ransomware binaries directly on Windows systems, targeting VMware virtualization infrastructure and backup environments. This cross-platform execution technique challenges traditional security assumptions and demonstrates how ransomware operators are adapting to bypass endpoint detection systems that primarily focus on Windows-native threats. […] The post Agenda Ransomware Actors Deploying Linux RAT on Windows Systems Targeting VMware Deployments appeared first on Cyber Security News.

A sophisticated text message phishing campaign originating from China has emerged as one of the most extensive cybersecurity threats targeting users worldwide. The operation, attributed to a threat collective known as the Smishing Triad, represents a massive escalation in SMS-based fraud, impersonating services across banking, healthcare, law enforcement, e-commerce, and government sectors. What began as […] The post New Text Message Based Phishing Attack from China Targeting Users Around the Globe appeared first on Cyber Security News.

A sophisticated malware operation has emerged from Brazil, leveraging advanced steganographic techniques to conceal malicious payloads within seemingly harmless image files. The Caminho loader, active since at least March 2025, represents a growing threat to organizations across South America, Africa, and Eastern Europe, delivering diverse malware families including REMCOS RAT, XWorm, and Katz Stealer through […] The post New Caminho Malware Loader Uses LSB Steganography and to Hide .NET Payloads Within Image Files appeared first on Cyber Security News.

A sophisticated malware campaign targeting WordPress sites has emerged, utilizing PHP variable functions and cookie-based obfuscation to evade traditional security detection mechanisms. The attack represents an evolution in obfuscation techniques, where threat actors fragment malicious code across multiple HTTP cookies and dynamically reconstruct executable functions at runtime. This approach makes static analysis significantly more challenging, […] The post New Malware Attack Using Variable Functions and Cookies to Evade and Hide Their Malicious Scripts appeared first on Cyber Security News.

An international ecosystem of sophisticated scam operations has emerged, targeting vulnerable populations through impersonation tactics and fraudulent financial aid promises. The campaign, dubbed “Vulnerability Vultures,” primarily focuses on older adults who represent lucrative targets for threat actors. According to the FBI’s Internet Crime Complaint Center, the 60-plus age group filed the highest number of complaints […] The post Threat Actors Tricks Target Users Via Impersonation and Fictional Financial Aid Offers appeared first on Cyber Security News.

TransparentTribe, a Pakistani-nexus intrusion set active since at least 2013, has intensified its cyber espionage operations targeting Linux-based systems of Indian military and defense organizations. The campaign, initially documented in July 2025 by CYFIRMA with activity traced back to June 2025, has evolved significantly with the development of a sophisticated Golang-based remote access trojan dubbed […] The post TransparentTribe Attack Linux-Based Systems of Indian Military Organizations to Deliver DeskRAT appeared first on Cyber Security News.

As the festive season approaches, organizations are witnessing a disturbing increase in targeted attacks on digital gift card systems. The Jingle Thief campaign, orchestrated by financially motivated threat actors based in Morocco, has emerged as a notorious campaign exploiting seasonal vulnerabilities to steal and monetize gift cards at scale. By leveraging tailored phishing and smishing […] The post Jingle Thief Attackers Exploiting Festive Season with Weaponized Gift Card Attacks appeared first on Cyber Security News.

The cybersecurity landscape experienced a significant shift in July 2025 when threat actors associated with Warlock ransomware began exploiting a critical zero-day vulnerability in Microsoft SharePoint. Discovered on July 19, 2025, the ToolShell vulnerability, tracked as CVE-2025-53770, became a primary vector for deploying the notorious Warlock ransomware across multiple organizations globally. This exploitation marked a […] The post Warlock Ransomware Actors Exploiting Sharepoint ToolShell Zero-Day Vulnerability in New Attack Wave appeared first on Cyber Security News.

A sophisticated Python-based remote access trojan has emerged in the gaming community, disguising itself as a legitimate Minecraft client to compromise unsuspecting users. The malware, identified as a multi-function RAT, leverages the Telegram Bot API as its command and control infrastructure, enabling attackers to exfiltrate stolen data and remotely interact with victim machines. By masquerading […] The post New Python RAT Mimic as Legitimate Minecraft App Steals Sensitive Data from Users Computer appeared first on Cyber Security News.