-
A new threat has emerged in the cybersecurity landscape as security experts discover a private Out-of-Band Application Security Testing (OAST) service operating on Google Cloud infrastructure. This mystery operation stands out from typical exploit scanning activities because it uses custom infrastructure rather than relying on public services. The attackers have been running a focused campaign […] The post Mystery OAST With Exploit for 200 CVEs Leveraging Google Cloud to Launch Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Pakistan-based threat actor APT36, also known as Transparent Tribe, has launched a sophisticated cyber-espionage campaign against Indian government institutions using a newly developed Python-based ELF malware. The attack marks a significant escalation in the group’s capabilities, demonstrating their growing technical maturity and adaptability to Linux-based operating systems. The campaign centers on spear-phishing emails containing weaponized […] The post APT36 Hackers Used Python-Based ELF Malware to Target Indian Government Entities appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The 2025 holiday season has unleashed an unprecedented wave of cyber threats, with attackers deploying industrialized infrastructure to exploit the global surge in online commerce. This year’s threat landscape is characterized by a calculated expansion of deceptive digital assets, where criminals leverage automated tools to scale their operations across multiple merchant categories. The primary vector […] The post Hackers Registered 18,000 Holiday-Themed Domains Targeting ‘Christmas,’ ‘Black Friday,’ and ‘Flash Sale’ appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Handala hacker group has launched a targeted campaign against Israeli high-tech and aerospace professionals, marking a concerning shift in geopolitically motivated cyber operations. The group recently published a list of individuals working in these critical sectors, accompanied by hostile descriptions that falsely label them as criminals. This campaign represents a significant escalation from traditional […] The post Handala Hacker Group Attacking Israeli High-Tech and Aerospace Professionals appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated, complex new cyber offensive has emerged from the “Scattered Lapsus$ Hunters,” a threat collective that has aggressively shifted toward exploiting supply-chain vulnerabilities. This latest campaign targets Zendesk, a critical customer support platform, effectively turning a trusted business tool into a launchpad for corporate spying. The attackers have successfully registered over 40 typosquatted domains, […] The post Scattered Lapsus$ Hunters Registered 40+ Domains Mimicking Zendesk Environments appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hidden vulnerabilities in legacy code often create unseen risks for modern development environments. One such issue recently surfaced within the Python ecosystem, where outdated bootstrap scripts associated with the zc.buildout tool expose users to domain takeover attacks. These scripts, designed to automate the installation of package dependencies, contain hardcoded references to external domains that are […] The post Vulnerable Codes in Legacy Python Packages Enables Attacks on Python Package Index Via Domain Compromise appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Digital calendars have become indispensable tools for managing personal and professional schedules. Users frequently subscribe to external calendars for public holidays, sports schedules, or community events to keep their agendas up to date. While these subscriptions offer convenience, they create a persistent connection between a user’s device and an external server. If the domain hosting […] The post Over 390 Abandoned iCalendar Sync Domains Could Expose ~4 Million Devices to Security Risks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The software supply chain is under siege from “Shai Hulud v2,” a sophisticated malware campaign that has compromised 834 packages across the npm and Maven ecosystems. This new wave specifically targets GitHub Actions workflows, exploiting pull_request_target triggers to inject malicious code into widely used libraries. The attack has impacted major projects like PostHog, Zapier, and […] The post Shai Hulud v2 Exploits GitHub Actions Workflows as Attack Vector to Steal Secrets appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The “Korean Leaks” campaign has emerged as one of the most sophisticated supply chain attacks targeting South Korea’s financial sector in recent memory. This operation combined the capabilities of the Qilin Ransomware-as-a-Service (RaaS) group with potential involvement from North Korean state-affiliated actors known as Moonstone Sleet. The attackers leveraged a compromised Managed Service Provider (MSP) […] The post Qilin RaaS Exposed 1 Million Files and 2 TB of Data Linked to Korean MSP Breach appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A major security threat has emerged targeting software developers worldwide. North Korean state-sponsored threat actors, operating under the “Contagious Interview” campaign, are systematically spreading malicious packages across npm, GitHub, and Vercel infrastructure to deliver OtterCookie malware. This sophisticated multi-stage operation demonstrates how threat actors have adapted their tools to target modern JavaScript and Web3 development […] The post North Korean Hackers Exploiting npm, GitHub, and Vercel to Deliver OtterCookie Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
