A sophisticated espionage campaign targeting recruitment professionals has emerged, with the APT-C-60 threat group weaponizing VHDX files to compromise organizations. The threat actors impersonate job seekers in spear-phishing emails sent to recruitment staff, exploiting trust relationships to deliver malicious payloads. While earlier campaigns directed victims to download VHDX files from Google Drive, recent attacks have […] The post APT-C-60 Attacking Job Seekers to Download Weaponized VHDX File from Google Drive to Steal Sensitive Data appeared first on Cyber Security News.

European organizations are facing an unprecedented wave of ransomware attacks as cybercriminals increasingly integrate artificial intelligence tools into their operations. Since January 2024, big game hunting threat actors have named approximately 2,100 Europe-based victims on more than 100 dedicated leak sites, representing a 13% year-over-year increase in attacks. The region now accounts for nearly 22% […] The post Ransomware Attack on European Organizations Surge as Hackers Leveraging AI-Tools for Attacks appeared first on Cyber Security News.

A critical security vulnerability in the AI Engine WordPress plugin has put more than 100,000 active installations at risk of privilege escalation attacks. The flaw, tracked as CVE-2025-11749 with a CVSS score of 9.8, allows unauthenticated attackers to extract bearer tokens and gain complete administrative control over vulnerable WordPress sites. Security researcher Emiliano Versini discovered […] The post AI Engine WordPress Plugin Exposes 100,000 WordPress Sites to Privilege Escalation Attacks appeared first on Cyber Security News.

A sophisticated threat actor known as Curly COMrades has deployed an innovative attack methodology that leverages legitimate Windows virtualization features to establish covert, long-term access to victim networks. The campaign, which began in early July 2025, represents a significant evolution in adversary tactics as threat actors increasingly seek methods to bypass endpoint detection and response […] The post Curly COMrades Hacker Group Using New Tools to Create Hidden Remote Access on Compromised Windows 10 appeared first on Cyber Security News.

The notorious FIN7 threat group, also known by the nickname Savage Ladybug, continues to pose a significant risk to enterprise environments through an increasingly refined Windows SSH backdoor campaign. The group has been actively deploying this sophisticated backdoor mechanism to establish persistent remote access and facilitate data exfiltration operations. First documented in 2022, the malware […] The post FIN7 Hackers Using Windows SSH Backdoor to Establish Stealthy Remote Access and Persistence appeared first on Cyber Security News.

DragonForce, a ransomware-as-a-service operation active since 2023, has dramatically evolved into what researchers now describe as a structured cybercriminal cartel, leveraging the publicly leaked Conti v3 source code to establish a formidable threat infrastructure. The group initially relied on the LockBit 3.0 builder for developing encryptors before transitioning to a customized Conti v3 codebase, giving […] The post DragonForce Cartel Emerges From the Leaked Source Code of Conti v3 Ransomware appeared first on Cyber Security News.

A significant security threat has emerged from the Google Play Store, where threat actors have successfully deployed 239 malicious applications that have been collectively downloaded more than 42 million times. This discovery marks a disturbing trend in mobile malware campaigns targeting users during a period when remote and hybrid work environments have become the norm. […] The post 239 Malicious Android Apps on Google Play With Downloaded Over 40 Million Times appeared first on Cyber Security News.

Silent Lynx, a sophisticated threat group that has been tracked since 2024, continues its relentless espionage campaign against government entities across Central Asia. Seqrite analysts identified the group as the first to assign this nomenclature, distinguishing it from multiple overlapping aliases including YoroTrooper, Sturgeon Phisher, and ShadowSilk. The group has become notorious for orchestrating spear-phishing […] The post Silent Lynx APT New Attack Targeting Governmental Employees Posing as Officials appeared first on Cyber Security News.