A new phishing campaign has emerged that weaponizes Microsoft Entra guest user invitations to deceive recipients into making phone calls to attackers posing as Microsoft support. The attack leverages a critical security gap in how Microsoft Entra communicates with external users, turning a legitimate collaboration feature into a delivery mechanism for sophisticated social engineering attacks. […] The post Hackers Leverages Microsoft Entra Tenant Invitations to Launch TOAD Attacks appeared first on Cyber Security News.

In November 2025, a new malware campaign emerged that combines social engineering tricks with advanced stealing tools. The attack starts when criminals trick users into running commands through the Windows Run window, a technique known as ClickFix. Once users follow these instructions, their computers become infected with Amatera Stealer, an advanced piece of malware designed […] The post EVALUSION Campaign Using ClickFix Technique to deploy Amatera Stealer and NetSupport RAT appeared first on Cyber Security News.

A dangerous espionage campaign is targeting senior government and defense officials worldwide. Iranian hackers are using fake conference invitations and meeting requests to trick victims. The attackers spend weeks building trust before striking. They reach out through WhatsApp to make their messages look legitimate. This campaign, known as SpearSpecter, combines patience with powerful malware to […] The post Iranian SpearSpecter Attacking High-Value Officials Using Personalized Social Engineering Tactics appeared first on Cyber Security News.

Outlook NotDoor backdoor malware first appeared in threat campaigns identified by Lab52, the intelligence arm of Spanish firm S2 Grupo. Linked to APT28/Fancy Bear, NotDoor leverages malicious Outlook macros for persistent access and data theft. Attackers embed these macro payloads within Outlook’s data files to monitor incoming emails and trigger hidden code on infected systems. […] The post Researchers Detailed Techniques to Detect Outlook NotDoor Backdoor Malware appeared first on Cyber Security News.

A serious security flaw in Cisco Catalyst Center Virtual Appliance has been discovered that allows attackers with low-level access to gain full administrator control over affected systems. The vulnerability, tracked as CVE-2025-20341, impacts virtual appliances running on VMware ESXi and carries a high severity rating with a CVSS score of 8.8. This flaw poses a […] The post Cisco Catalyst Center Vulnerability Let Attackers Escalate Priveleges appeared first on Cyber Security News.

A new threat targeting Chinese users has appeared with a dangerous ability to shut down security tools. RONINGLOADER, a multi-stage loader spreading a modified version of the gh0st RAT, uses clever tricks to bypass antivirus protection. The malware arrives through fake software installers that pretend to be legitimate programs like Google Chrome and Microsoft Teams. […] The post RONINGLOADER Weaponizes Signed Drivers to Disable Defender and Evade EDR Tools appeared first on Cyber Security News.

Attackers are using fake invoice emails to spread XWorm, a remote-access trojan that quietly steals login credentials, passwords, and sensitive files from infected computers. When a user opens the attached Visual Basic Script file, the malware begins working silently in the background without any visible warnings or alerts. This makes it extremely dangerous because victims […] The post Hackers are Weaponizing Invoices to Deliver XWorm That Steals Login Credentials appeared first on Cyber Security News.

A new malware family targeting macOS systems has emerged with advanced detection evasion techniques and multi-stage attack chains. Named DigitStealer, this information stealer uses multiple payloads to steal sensitive data while leaving minimal traces on infected machines. The malware disguises itself as legitimate software and uses clever methods to bypass Apple’s security protections. DigitStealer spreads […] The post Highly Sophisticated macOS DigitStealer Employs Multi-Stage Attacks to Evade detection appeared first on Cyber Security News.

A new wave of Formbook malware attacks has appeared, using weaponized ZIP archives and multiple script layers to bypass security controls. The attacks begin with phishing emails containing ZIP files that hold VBS scripts disguised as payment confirmation documents. These scripts trigger a chain of events that downloads and installs the malware on victim systems. […] The post Formbook Malware Delivered Using Weaponized Zip Files and Multiple Scripts appeared first on Cyber Security News.