Email-based threats have reached a critical inflection point in the third quarter of 2025. Threat actors are systematically exploiting weaknesses in traditional email security defenses by targeting the world’s two largest email ecosystems: Microsoft Outlook and Google Gmail. The Q3 Email Threat Trends Report reveals that over 90 percent of phishing attacks now concentrate on […] The post Threat Actors Attacking Outlook and Google Bypassing Traditional Email Defenses appeared first on Cyber Security News.

A sophisticated wave of ransomware attacks targeting UK organizations has emerged in 2025, exploiting vulnerabilities in the widely-used SimpleHelp Remote Monitoring and Management platform. Two prominent ransomware groups, Medusa and DragonForce, have weaponized three critical vulnerabilities (CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728) to gain unauthorized access through trusted third-party vendors and Managed Service Providers. The attack campaigns […] The post Threat Actors Leverage RMM Tools to Deploy Medusa & DragonForce Ransomware appeared first on Cyber Security News.

Cybercriminals are increasingly targeting websites to inject malicious links and boost their search engine optimization rankings through sophisticated blackhat SEO tactics. This campaign primarily focuses on online casino spam, which has become the most prevalent type of spam content affecting compromised websites. Attackers exploit vulnerabilities in WordPress installations to insert spam content promoting online casinos, […] The post Threat Actors Actively Hacking Websites to Inject Malicious Links and Boost their SEO appeared first on Cyber Security News.

Francesco Nicodemo, a prominent political communications strategist and former Democratic Party communications director, has been identified as a new target in the expanding Paragon spyware surveillance campaign. The revelation marks a concerning escalation in the scope of sophisticated digital espionage operations targeting political figures in Italy. Nicodemo, who currently leads the communications agency Lievito, discovered […] The post Italian Adviser Becomes Latest Target in Expanding Paragon Graphite Spyware Surveillance Case appeared first on Cyber Security News.

The construction industry has emerged as a lucrative target for advanced persistent threat groups and organized cybercriminal networks seeking unauthorized access to corporate systems. State-sponsored APT groups from China, Russia, Iran, and North Korea are increasingly focusing their operations on the building and construction sector, exploiting the industry’s rapid digital transformation and heavy reliance on […] The post APT Groups Attacking Construction Industry Networks to Steal RDP, SSH and Citrix Logins appeared first on Cyber Security News.

In early November 2025, Knownsec, one of China’s largest cybersecurity firms with direct government ties, experienced a catastrophic data breach that exposed over 12,000 classified documents. The incident revealed the scale and sophistication of state-sponsored cyber operations, including detailed information about cyber weapons, internal hacking tools, and a comprehensive global surveillance target list. This breach […] The post Chinese Cybersecurity Firm Data Breach Exposes State-Sponsored Hackers Cyber Weapons and Target List appeared first on Cyber Security News.

The manufacturing sector faces an escalating threat landscape as cybercriminals increasingly exploit cloud-based platforms and artificial intelligence services to conduct sophisticated attacks. A comprehensive analysis by Netskope Threat Labs reveals that approximately 22 out of every 10,000 manufacturing users encounter malicious content monthly, marking a significant rise in targeted campaigns specifically designed to compromise industrial […] The post New Report Warns of Threat Actors Actively Adopting AI Platforms to Attack Manufacturing Companies appeared first on Cyber Security News.

German hosting provider aurologic GmbH has emerged as a central facilitator within the global malicious infrastructure ecosystem, providing upstream transit and data center services to numerous high-risk hosting networks. Operating from its primary facility at Tornado Datacenter GmbH & Co. KG in Langen, Germany, aurologic markets itself as a high-capacity European carrier offering dedicated server […] The post German ISP Aurologic GmbH has Become a Central Nexus for Hosting Malicious Infrastructure appeared first on Cyber Security News.