A newly identified Android remote access trojan (RAT) dubbed KomeX has surfaced on underground hacker forums, generating widespread concern within the cybersecurity community. Marketed by a threat actor under the alias “Gendirector,” KomeX is built atop the infamous BTMOB RAT codebase and presents a formidable arsenal of spying and device control features. Recognized for its […] The post New KomeX Android RAT Advertised on Hacker Forums with Multiple Subscription Options appeared first on Cyber Security News.

A large-scale phishing campaign has emerged, exploiting Meta’s Business Suite to compromise credentials across thousands of small and medium-sized businesses worldwide. Check Point security researchers identified approximately 40,000 phishing emails distributed to more than 5,000 customers, primarily targeting industries including automotive, education, real estate, hospitality, and finance across the U.S., Europe, Canada, and Australia. The […] The post New Phishing Attack Targeting Meta Business Suite Users to Steal Login Credentials appeared first on Cyber Security News.

Ferocious Kitten has emerged as a significant cyber-espionage threat targeting Persian-speaking individuals within Iran since at least 2015. The Iranian-linked advanced persistent threat group operates with a highly focused objective, utilizing politically themed decoy documents to manipulate victims into executing weaponized files. Over the years, the group developed a sophisticated custom implant known as MarkiRAT, […] The post Ferocious Kitten APT Deploying MarkiRAT to Capture Keystroke and Clipboard Logging appeared first on Cyber Security News.

A sophisticated phishing campaign is targeting Microsoft 365 users worldwide through a newly discovered tool called Quantum Route Redirect. This advanced automation platform transforms complex phishing operations into simple one-click attacks that evade traditional security measures. The campaign has already affected victims across 90 countries, with the United States accounting for 76% of the targets. […] The post New Quantum Route Redirect Tool Lets Attackers Launch One-Click Phishing Attacks on Microsoft 365 Users appeared first on Cyber Security News.

Danabot, a notorious banking Trojan, has made a significant comeback with its new version 669 after a period of inactivity triggered by Operation Endgame’s law enforcement sweep in May 2025. This advanced malware’s resurgence signals a new threat wave targeting financial institutions, cryptocurrency users, and individual victims using sophisticated multi-stage attacks. Danabot tracks a legacy […] The post Danabot Malware Resurfaced with Version 669 Following Operation Endgame appeared first on Cyber Security News.

A new wave of security alert-themed phishing emails has recently surfaced, causing concern within both enterprise and personal email environments. These malicious emails cleverly impersonate official security notifications, often appearing to come from the victim’s own domain. Their main objective is to instill panic by warning users about “blocked messages” and prompt recipients to take […] The post Beware of Security Alert-Themed Malicious Emails that Steal Your Email Logins appeared first on Cyber Security News.

Security researchers from CyberProof have discovered significant connections between two advanced banking trojans targeting Brazilian users and financial institutions. The Maverick banking malware, identified through suspicious file downloads via WhatsApp, shares remarkable similarities with the earlier reported Coyote malware campaign. Both threats employ sophisticated infection chains and demonstrate nearly identical behavioral patterns. The discovery emerged […] The post Researchers Uncover the Strong Links Between Maverick and Coyote Banking Malwares appeared first on Cyber Security News.

VanHelsing has emerged as a sophisticated ransomware-as-a-service operation that fundamentally changes the threat landscape for organizations worldwide. First observed on March 7, 2025, this multi-platform locker represents a significant escalation in ransomware deployment strategies by providing affiliates with a streamlined service model. The operation requires a $5,000 deposit from new affiliates and rewards them with […] The post New VanHelsing Ransomware RaaS Model Attacking Windows, Linux, BSD, ARM, and ESXi Systems appeared first on Cyber Security News.

A sophisticated remote data-wipe attack targeting Android devices has emerged, exploiting Google’s Find Hub service to execute destructive operations on smartphones and tablets across South Korea. This campaign represents the first documented case where state-sponsored threat actors weaponized a legitimate device protection service to remotely erase user data and disrupt normal device operations. The malware, […] The post Android Remote Data-Wipe Malware Attacking Users Leveraging Google’s Find Hub appeared first on Cyber Security News.

A sophisticated supply chain attack has emerged, targeting industrial control systems through compromised .NET packages. The threat landscape shifted on November 5, 2025, when researchers identified nine malicious NuGet packages designed to inject destructive payloads into critical infrastructure environments. Published under the NuGet alias shanhai666 between 2023 and 2024, these packages accumulated nearly 9,500 downloads […] The post Weaponized NuGet Packages Inject Time-Delayed Destructive Payloads to Attack ICS Systems appeared first on Cyber Security News.