A sophisticated information-stealing malware named Anivia Stealer has emerged on underground forums, marketed by a threat actor known as ZeroTrace. The malware represents a dangerous evolution in credential theft operations, specifically designed to compromise Windows systems from legacy XP installations through the latest Windows 11 environments. Built using C++17, Anivia Stealer incorporates advanced evasion techniques […] The post Threat Actors Advertising Anivia Stealer Malware on Dark Web bypassing UAC Controls appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated phishing campaign that combines two emerging attack techniques to bypass conventional security defenses. The hybrid approach merges FileFix social engineering tactics with cache smuggling to deliver malware payloads without triggering network-based detection systems. This evolution represents a significant shift in how threat actors are circumventing endpoint detection and response […] The post Threat Actors Merging FileFix and Cache Smuggling Attacks to Evade Security Controls appeared first on Cyber Security News.

A sophisticated Android banking trojan dubbed GhostGrab has emerged in the threat landscape, targeting financial institutions across multiple regions with advanced credential theft capabilities. The malware operates silently on infected devices, harvesting sensitive banking credentials while intercepting one-time passwords through SMS messages. Security teams have observed active campaigns distributing GhostGrab through compromised application stores and […] The post New GhostGrab Android Malware Silently Steals Banking Login Details and Intercept SMS for OTPs appeared first on Cyber Security News.

The BlueNoroff threat group, also tracked as Sapphire Sleet, APT38, and TA444, has significantly evolved its targeting capabilities with sophisticated new infiltration strategies designed specifically to compromise C-level executives and senior managers within the Web3 and blockchain sectors. The group, historically focused on financial gain through cryptocurrency theft, has unveiled two coordinated campaigns dubbed GhostCall […] The post BlueNoroff Hackers Adopts New Infiltration Strategies To Attack C-Level Executives, and Managers appeared first on Cyber Security News.

A sophisticated malware campaign targeting Brazilian users has emerged with alarming capabilities. The Water Saci campaign, identified by Trend Micro analysts as leveraging the SORVEPOTEL malware, exploits WhatsApp as its primary distribution vector for rapid propagation across victim networks. First identified in September 2025, the campaign evolved dramatically by October 2025, introducing a new script-based […] The post Water Saci Hackers Leverage WhatsApp to Deliver Multi-Vector Persistent SORVEPOTEL Malware appeared first on Cyber Security News.

The cybersecurity landscape continues to evolve with increasingly sophisticated distribution mechanisms, and one trend gaining alarming momentum is the delivery of infostealer malware through seemingly innocent video game cheats and mod tools. These applications, marketed as performance enhancers or gameplay assistants, have become a Trojan horse for credential theft campaigns targeting both casual gamers and […] The post New Gamaredon Phishing Attack Targeting Govt Entities Exploiting WinRAR Vulnerability appeared first on Cyber Security News.

The competitive nature of gaming drives millions of players to seek advantages against their opponents. With esports tournaments boasting prize pools exceeding $1.25 million, the stakes have never been higher. However, this competitive spirit has created an opportunity for cybercriminals to exploit unsuspecting players through weaponized game cheats that deliver devastating malware payloads. The reality […] The post Beware of Free Video Game Cheats That Delivers Infostealer Malwares appeared first on Cyber Security News.

In late 2025, a staggering 81% of broadband users were found to have never changed their router’s default administrative password, opening the door to significant malware risk. This widespread negligence was revealed in Broadband Genie’s fourth major router security survey, where 3,242 users were polled to gauge progress on consumer cybersecurity awareness. Despite regulatory pushes […] The post 81% Router Usres Have Not Changed Default Admin Passwords, Exposing Devices to Hackers appeared first on Cyber Security News.

The emergence of Pegasus and Predator spyware over the past several years has transformed the landscape of mobile device security. These advanced malware strains—deployed by sophisticated threat actors for surveillance and espionage—have repeatedly demonstrated their ability to exploit zero-click vulnerabilities, leaving high-profile individuals and at-risk communities exposed. Critical forensic analysis has long relied on remnants […] The post iOS 26 Deletes Pegasus and Predator Spyware Infection Evidence by Overwriting The ‘shutdown.log’ file on Reboot appeared first on Cyber Security News.