Lunar Spider, a newly observed malware strain, has emerged as a potent threat to Windows environments by compromising systems in a single click. First detected in mid-September 2025, its operators have quickly refined delivery and payload strategies to evade traditional defenses. Initial reports show that victims receive a seemingly innocuous link via phishing emails or […] The post Lunar Spider Infected Windows Machine in Single Click and Harvested Login Credentials appeared first on Cyber Security News.

A newly observed spear-phishing campaign is leveraging sophisticated social engineering lures to distribute DarkCloud, a modular malware suite designed to harvest keystrokes, exfiltrate FTP credentials and gather system information. Over the past month, targeted emails masquerading as legitimate software updates or corporate invoices have reached unsuspecting recipients across various industries. These messages carry a weaponized […] The post New Spear-Phishing Attack Delivers DarkCloud Malware to Steal Keystrokes, FTP Credentials and Others appeared first on Cyber Security News.

A sophisticated malware campaign has emerged that weaponizes seemingly legitimate productivity tools to infiltrate systems and steal sensitive information. The TamperedChef malware represents a concerning evolution in threat actor tactics, utilizing trojanized applications disguised as calendar tools and image viewers to bypass traditional security defenses. This campaign demonstrates how cybercriminals increasingly exploit user trust in […] The post New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data appeared first on Cyber Security News.

The cybersecurity community is currently observing a surge in interest around Olymp Loader, a recently unveiled Malware-as-a-Service (MaaS) platform written entirely in Assembly. First advertised on underground forums and Telegram channels in early June 2025, Olymp Loader has rapidly evolved from a rudimentary botnet concept into a sophisticated loader and crypter suite. Its author, operating […] The post New Malware-as-a-Service Olymp Loader Promises Defender-Bypass With Automatic Certificate Signing appeared first on Cyber Security News.

In recent months, cybersecurity teams have observed an alarming trend in which malicious actors exploit Facebook and Google advertising channels to masquerade as legitimate financial services. By promoting free or premium access to well-known trading platforms, these threat actors have successfully lured unsuspecting users into downloading trojanized applications. The campaign’s social engineering tactics leverage familiar […] The post Threat Actors Weaponizing Facebook and Google Ads as Financial Platforms to Steal Sensitive Data appeared first on Cyber Security News.

A sophisticated new cross-platform information stealer known as ModStealer has emerged, targeting macOS users and demonstrating concerning capabilities to evade Apple’s built-in security mechanisms. The malware represents the latest evolution in macOS-focused threats, which have seen a dramatic surge throughout 2024 and continue accelerating into the current year. ModStealer follows established patterns seen in other […] The post New ModStealer Evade Antivirus Detection to Attack macOS Users and Steal Sensitive Data appeared first on Cyber Security News.

Acreed emerged in early 2025 as a lean, stealthy infostealer that quickly gained favor among Russian-speaking cybercriminal forums. First spotted on February 14, 2025, bundled with log packages sold by the threat actor “Nuez,” Acreed distinguishes itself from bulkier rivals by producing minimalistic logs that avoid revealing infection vectors. In several incidents analyzed by Intrinsec […] The post Acreed Infostealer Used Widely by Cybercriminals With C2 Via Steam Platform appeared first on Cyber Security News.

In recent weeks, a sophisticated phishing campaign has emerged, targeting organizations in Ukraine with malicious Scalable Vector Graphics (SVG) files designed to propagate the PureMiner cryptominer and a data-stealing payload dubbed Amatera Stealer. Attackers masquerade as the Ukrainian police, sending emails that claim recipients have pending appeals. When victims open the attached SVG, it triggers […] The post Hackers Weaponizing SVG Files to Deliver PureMiner Malware and Steal Sensitive Information appeared first on Cyber Security News.