The digital advertising ecosystem has become a prime hunting ground for cybercriminals, who are increasingly exploiting advertising technology companies to distribute malware and conduct malicious campaigns. Rather than simply abusing legitimate platforms, threat actors are now operating as the platforms themselves, creating a sophisticated web of deception that leverages the inherent complexity and fragmentation of […] The post Threat Actors Abuse Adtech Companies to Target Users With Malicious Ads appeared first on Cyber Security News.

The PureHVNC remote administration tool (RAT) has emerged as a sophisticated component of the Pure malware family, gaining prominence in mid-2025 amid an uptick in targeted intrusion campaigns. Originating from underground forums and Telegram channels, PureHVNC is marketed by its author, known as PureCoder, alongside companion tools such as PureCrypter, PureLogs, and PureMiner. Its adoption […] The post PureHVNC RAT Developers Leverage GitHub Host Source Code appeared first on Cyber Security News.

In recent weeks, cybersecurity researchers have observed the emergence of XillenStealer, a Python-based information stealer publicly hosted on GitHub and rapidly adopted by threat actors. First reported in mid-September 2025, the stealer leverages a user-friendly builder GUI to lower the bar for malicious deployment. Operators can configure exfiltration channels, such as a Telegram bot, and […] The post Python Based XillenStealer Attacking Windows Users to Steal Sensitive Data appeared first on Cyber Security News.

A sophisticated cyberthreat campaign has emerged that represents a significant evolution in social engineering attacks, introducing the first real-world implementation of FileFix attack methodology beyond proof-of-concept demonstrations. This advanced threat leverages steganography techniques to conceal malicious payloads within seemingly innocent JPG images, ultimately delivering the StealC information stealer to compromised systems. The attack campaign represents […] The post New Innovative FileFix Attack in The Wild Leverages Steganography to Deliver StealC Malware appeared first on Cyber Security News.

The cybersecurity landscape has witnessed an unprecedented surge in API-focused attacks during the first half of 2025, with threat actors launching over 40,000 documented incidents against application programming interfaces across 4,000 monitored environments. This alarming escalation represents a fundamental shift in attack methodology, as cybercriminals have identified APIs as the most lucrative and vulnerable entry […] The post 40,000+ Cyberattacks Targeting API Environments To Inject Malicious Code appeared first on Cyber Security News.

The KillSec ransomware strain has rapidly emerged as a formidable threat targeting healthcare IT infrastructures across Latin America and beyond. First observed in early September 2025, KillSec operators have leveraged compromised software supply chain relationships to deploy their payloads at scale. Initial indicators of compromise were detected when several Brazilian healthcare providers reported unusual network […] The post KillSec Ransomware Attacking Healthcare Industry IT Systems appeared first on Cyber Security News.

RevengeHotels, a financially motivated threat group active since 2015, has escalated its operations against hospitality organizations by integrating large language model–generated code into its infection chain. Initially known for deploying bespoke RAT families such as RevengeRAT and NanoCoreRAT via phishing emails targeting hotel front-desk systems, the group’s latest campaigns pivot on delivering VenomRAT implants through […] The post RevengeHotels Leveraging AI To Attack Windows Users With VenomRAT appeared first on Cyber Security News.