A sophisticated Remote Access Trojan labeled EndClient RAT has emerged as a significant threat targeting human rights defenders in North Korea, marking another escalation in advanced malware operations attributed to the Kimsuky threat group. This newly discovered malware represents a concerning shift in attack sophistication, utilizing stolen code-signing certificates to evade antivirus protections and bypass […] The post New EndClient RAT Attacking Users by Leveraging Stolen Code-Signing to Bypass AV Detections appeared first on Cyber Security News.

The Gootloader malware campaign has resurfaced with sophisticated evasion techniques that allow it to bypass automated security analysis. This persistent threat has been targeting victims for over five years using legal-themed search engine optimization poisoning tactics. The malware operators deploy thousands of unique keywords across more than 100 compromised websites to lure unsuspecting users into […] The post Gootloader is Back with New ZIP File Trickery that Decive the Malicious Payload appeared first on Cyber Security News.

On November 3, 2025, blockchain security monitoring systems detected a sophisticated exploit targeting Balancer V2’s ComposableStablePool contracts. An attacker executed a precision loss vulnerability to drain $128.64 million across six blockchain networks in under 30 minutes. The attack leveraged a rounding error in the _upscaleArray function combined with carefully crafted batchSwap operations, allowing the attacker […] The post Checkpoint Details on How Attackers Drained $128M from Balancer Pools Within 30 Minutes appeared first on Cyber Security News.

Cl0p, a prominent ransomware group operating since early 2019, has emerged as one of the most dangerous threats in the cybersecurity landscape. With over 1,025 confirmed victims and more than $500 million in extorted funds, this Russian-linked group has consistently targeted corporate and private networks worldwide while strategically avoiding CIS countries. The group earned its […] The post Clop Ransomware Actors Exploiting the Latest 0-Day Exploits in the Wild appeared first on Cyber Security News.

Three well-known threat groups have consolidated into a unified cybercriminal entity that represents a significant shift in underground tactics. Scattered LAPSUS$ Hunters (SLH) emerged in early August 2025 as a federated alliance combining Scattered Spider, ShinyHunters, and LAPSUS$, creating what researchers describe as the first consolidated alliance among mature cybercriminal clusters. This consolidation marks a […] The post Three Infamous Cybercriminal Groups Form a New Alliance Dubbed ‘Scattered LAPSUS$ Hunters’ appeared first on Cyber Security News.

The cybersecurity landscape stands at a critical inflection point as organizations prepare for unprecedented challenges in 2026. Google Cloud researchers have released their annual Cybersecurity Forecast, revealing a stark reality: threat actors are transitioning from experimenting with advanced technologies to embedding them as standard operational tools. This shift represents a fundamental change in how attacks […] The post Cybersecurity Forecast 2026 – Google Warns Threat Actors Use AI to Enhance Speed and Effectiveness appeared first on Cyber Security News.

A sophisticated Android-based NFC relay attack dubbed NGate has emerged as a serious threat to banking security across Poland, targeting financial institutions and their customers through coordinated social engineering and technical exploitation. Cert.PL analysts identified new malware samples in recent months that orchestrate unauthorized ATM cash withdrawals without requiring physical theft of payment cards. Rather […] The post NGate Malware Enables Unauthorized Cash Withdrawals at ATMs Using Victims’ Payment Cards appeared first on Cyber Security News.

A sophisticated espionage campaign targeting recruitment professionals has emerged, with the APT-C-60 threat group weaponizing VHDX files to compromise organizations. The threat actors impersonate job seekers in spear-phishing emails sent to recruitment staff, exploiting trust relationships to deliver malicious payloads. While earlier campaigns directed victims to download VHDX files from Google Drive, recent attacks have […] The post APT-C-60 Attacking Job Seekers to Download Weaponized VHDX File from Google Drive to Steal Sensitive Data appeared first on Cyber Security News.

European organizations are facing an unprecedented wave of ransomware attacks as cybercriminals increasingly integrate artificial intelligence tools into their operations. Since January 2024, big game hunting threat actors have named approximately 2,100 Europe-based victims on more than 100 dedicated leak sites, representing a 13% year-over-year increase in attacks. The region now accounts for nearly 22% […] The post Ransomware Attack on European Organizations Surge as Hackers Leveraging AI-Tools for Attacks appeared first on Cyber Security News.