A sophisticated remote access trojan named SleepyDuck has infiltrated the Open VSX IDE extension marketplace, targeting developers using code editors like Cursor and Windsurf. The malware disguised itself as a legitimate Solidity extension under the identifier juan-bianco.solidity-vlang, exploiting name squatting techniques to deceive unsuspecting users. Initially published on October 31st as version 0.0.7, the extension […] The post New ‘SleepyDuck’ Malware in Open VSX Marketplace Allow Attackers to Control Windows Systems Remotely appeared first on Cyber Security News.

A sophisticated new backdoor named SesameOp has emerged with a novel approach to command-and-control communications that fundamentally challenges traditional security assumptions. Discovered in July 2025 by Microsoft’s Incident Response and Detection and Response Team, this malware represents a significant shift in how threat actors exploit legitimate cloud services for covert operations. Rather than relying on […] The post SesameOp Leveraging OpenAI Assistants API for Stealthy Communication with C2 Servers appeared first on Cyber Security News.

Cybercriminals have shifted their focus to a highly profitable target: the trucking and logistics industry. Over the past several months, a coordinated threat cluster has been actively compromising freight companies through deliberate attack chains designed to facilitate multi-million-dollar cargo theft operations. The emergence of this campaign represents a disturbing intersection of physical crime and digital […] The post Threat Actors Leverage RMM Tools to Hack Trucking Companies and Steal Cargo Freight appeared first on Cyber Security News.

Identity compromise has become one of the most significant threats facing cloud infrastructure, particularly when attackers gain access to legitimate credentials. These valid access keys enable adversaries to bypass traditional security defenses, creating opportunities for widespread exploitation. Amazon Web Services environments have witnessed a surge in such attacks, with the Simple Email Service emerging as […] The post New TruffleNet BEC Campaign Leverages AWS SES Using Stolen Credentials to Compromise 800+ Hosts appeared first on Cyber Security News.

A sophisticated phishing campaign has emerged, exploiting the trust placed in legitimate cloud hosting services. Threat actors are leveraging Cloudflare Pages and ZenDesk platforms to conduct large-scale credential theft operations targeting unsuspecting users. The campaign demonstrates a concerning trend where established infrastructure services become vectors for social engineering attacks. Security researchers have identified over 600 […] The post Beware of New Phishing Attack that Abuses Cloudflare and ZenDesk Pages to Steal Logins appeared first on Cyber Security News.

Supply chain attacks targeting the JavaScript ecosystem have evolved into sophisticated operations combining domain manipulation with social engineering. On September 8, 2025, threat actors launched a coordinated phishing campaign aimed at compromising high-profile NPM developers. The attack successfully infiltrated the accounts of developer Josh Junon, known as “qix,” and targeted at least four other maintainers, […] The post New Business Email Protection Technique Blocks the Phishing Email Behind NPM Breach appeared first on Cyber Security News.

In October 2025, threat researchers at Cyble Research and Intelligence Labs uncovered a sophisticated cyber attack leveraging weaponized military documents to distribute an advanced SSH-Tor backdoor targeting defense sector personnel. The campaign centers on a deceptively simple delivery mechanism: a ZIP archive disguised as a Belarusian military document titled “ТЛГ на убытие на переподготовку.pdf” (TLG […] The post Hackers Deliver SSH-Tor Backdoor Via Weaponized Military Documents in ZIP Files appeared first on Cyber Security News.