A sophisticated cyberattack campaign targeting Microsoft Internet Information Services (IIS) servers has emerged, exploiting decades-old security vulnerabilities to deploy malicious modules that enable remote command execution and search engine optimization fraud. The operation, which came to light in late August and early September 2025, leverages publicly exposed ASP.NET machine keys to compromise servers worldwide, affecting […] The post Hackers Hijacking IIS Servers in The Wild Using Exposed ASP .NET Machine Keys to Inject Malicious Modules appeared first on Cyber Security…

North Korean state-sponsored hackers from the Lazarus APT group launched a cyberespionage campaign targeting European companies involved in unmanned aerial vehicle development. Starting in late March 2025, attackers compromised three defense organizations across Central and Southeastern Europe, deploying advanced malware to steal proprietary UAV technology. The campaign, tracked as Operation DreamJob, employed social engineering using […] The post North Korean Hackers Attacking Unmanned Aerial Vehicle Industry to Steal Confidential Data appeared first on Cyber Security News.

A sophisticated phishing campaign leveraging randomly generated Universal Unique Identifiers (UUIDs) has emerged, successfully bypassing Secure Email Gateways (SEGs) and evading perimeter defenses. The attack employs an advanced JavaScript-based phishing script combining random domain selection, dynamic UUID generation, and server-driven page replacement to steal credentials. Unlike conventional phishing operations relying on static redirects, this campaign […] The post New Phishing Attack Bypasses Using UUIDs Unique to Bypass Secure Email Gateways appeared first on Cyber Security News.

In 2025, ransomware attacks against the public sector continue to accelerate at an alarming rate, showing no signs of slowing down despite increased cybersecurity awareness and defensive measures. Throughout the year, approximately 196 public sector entities worldwide have fallen victim to ransomware campaigns, resulting in crippling service outages, massive data loss, erosion of public trust, […] The post Ransomware Actors Targeting Global Public Sectors and Critical Services in Targeted Attacks appeared first on Cyber Security News.

A sophisticated supply chain attack has emerged targeting cryptocurrency developers through the NuGet package ecosystem. Cybersecurity researchers have uncovered malicious packages impersonating Nethereum, a widely trusted .NET library for Ethereum blockchain interactions with tens of millions of downloads. The counterfeit packages, identified as Netherеum.All and NethereumNet, employ advanced obfuscation techniques to exfiltrate sensitive wallet credentials […] The post Malicious NuGet Packages Mimic as Popular Nethereum Project to Steal Wallet Keys appeared first on Cyber Security News.

A sophisticated malware distribution campaign leveraging over 3,000 malicious YouTube videos has been uncovered, targeting users seeking pirated software and game cheats. The YouTube Ghost Network represents a coordinated ecosystem of compromised accounts that exploit platform features to distribute information-stealing malware while creating false trust through fabricated engagement. Active since 2021, the network has dramatically […] The post YouTube Ghost Malware Network With 3,000+ Malicious Videos Attacking Users to Deploy Malware appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated ransomware campaign where Agenda group threat actors are deploying Linux-based ransomware binaries directly on Windows systems, targeting VMware virtualization infrastructure and backup environments. This cross-platform execution technique challenges traditional security assumptions and demonstrates how ransomware operators are adapting to bypass endpoint detection systems that primarily focus on Windows-native threats. […] The post Agenda Ransomware Actors Deploying Linux RAT on Windows Systems Targeting VMware Deployments appeared first on Cyber Security News.

A sophisticated text message phishing campaign originating from China has emerged as one of the most extensive cybersecurity threats targeting users worldwide. The operation, attributed to a threat collective known as the Smishing Triad, represents a massive escalation in SMS-based fraud, impersonating services across banking, healthcare, law enforcement, e-commerce, and government sectors. What began as […] The post New Text Message Based Phishing Attack from China Targeting Users Around the Globe appeared first on Cyber Security News.

A sophisticated malware operation has emerged from Brazil, leveraging advanced steganographic techniques to conceal malicious payloads within seemingly harmless image files. The Caminho loader, active since at least March 2025, represents a growing threat to organizations across South America, Africa, and Eastern Europe, delivering diverse malware families including REMCOS RAT, XWorm, and Katz Stealer through […] The post New Caminho Malware Loader Uses LSB Steganography and to Hide .NET Payloads Within Image Files appeared first on Cyber Security News.