Zloader, a sophisticated Zeus-based modular trojan that first emerged in 2015, has undergone a significant transformation from its original banking-focused operations to become a dangerous entry point for ransomware attacks in corporate environments. Originally designed to facilitate financial fraud, this malware family has evolved into a powerful tool for initial access brokers who specialize in […] The post Zloader Malware Repurposed to Act as Entry Point Into Corporate Environments to Deploy Ransomware appeared first on Cyber Security News.

A sophisticated malware campaign has emerged that leverages fake online speed test applications to deploy obfuscated JavaScript payloads on Windows systems. These malicious utilities masquerade as legitimate network speed testing tools, manual readers, PDF utilities, and various search frontends to deceive unsuspecting users into installing dangerous code that operates covertly in the background. The attack […] The post Beware of Fake Online Speedtest Application With Obfuscated JS Codes appeared first on Cyber Security News.

The Iranian threat actor known as Nimbus Manticore has intensified its campaign targeting defense manufacturing, telecommunications, and aviation sectors across Western Europe with sophisticated new malware variants. This mature advanced persistent threat group, also tracked as UNC1549 and Smoke Sandstorm, has evolved its tactics to include previously undocumented techniques for evading detection and maintaining persistence […] The post Nimbus Manticore Attacking Defense and Telecom Sectors With New Malware appeared first on Cyber Security News.

Cybercriminals have embraced a new deceptive technique that transforms seemingly harmless vector graphics into dangerous malware delivery systems. A recent campaign targeting Latin America demonstrates how attackers are exploiting oversized SVG files containing embedded malicious payloads to distribute AsyncRAT, a potent remote access trojan capable of comprehensive system compromise. The campaign begins with carefully crafted […] The post Hackers Weaponizing SVG Files to Stealthily Deliver Malicious Payloads appeared first on Cyber Security News.

In recent months, a sophisticated campaign has emerged in which state-linked threat actors are leveraging fake job offers to ensnare unsuspecting job seekers and deliver advanced malware. These attackers craft convincing phishing emails that direct victims to look-alike career portals, impersonating leading aerospace and defense firms. The lure often begins with a personalized outreach on […] The post Threat Actors with Fake Job Lures Attacking Job Seekers to Deploy Advanced Malware appeared first on Cyber Security News.

In recent weeks, security researchers have uncovered an elaborate phishing campaign that leverages legitimate GitHub notification mechanisms to deliver malicious content. Victims receive seemingly authentic repository alerts, complete with real-looking commit messages and collaborator updates. Upon closer inspection, the notification headers reveal altered sender addresses and obfuscated links. The campaign’s sophistication has allowed it to […] The post Hackers Abusing GitHub Notifications to Deliver Phishing Emails appeared first on Cyber Security News.