A new wave of phishing attacks purporting to originate from South Korea’s National Tax Service has emerged, leveraging familiar electronic document notifications to trick recipients into divulging their Naver credentials. Distributed on August 25, 2025, the email mimics the official format used by Naver’s secure document service, displaying the sender as “National Tax Service” and […] The post Beware of Phishing Email from Kimusky Hackers With Subject Spetember Tax Return Due Date Notice appeared first on Cyber Security News.

Police-issued body cameras have become ubiquitous tools for recording law enforcement encounters, yet a recent investigation has uncovered troubling design choices in a budget-friendly system that compromise both privacy and data integrity. The Viidure mobile application, designed to transfer video evidence from the camera’s onboard Wi-Fi hotspot to cloud servers, was found to communicate over […] The post Police Body Camera Apps Sending Data to Cloud Servers Hosted in China Via TLS Port 9091 appeared first on Cyber Security News.

Cybersecurity researchers have observed the emergence of a novel Android banking trojan, RatOn in recent months that seamlessly combines remote access capabilities with NFC relay technology and Automated Transfer System (ATS) functions. Initially detected in mid-July 2025, RatOn’s multi-stage architecture leverages a dropper application to install subsequent payloads, culminating in full device takeover and fraudulent […] The post New RatOn Takes Control Over Bank Account and Initiates Automated Money Transfers appeared first on Cyber Security News.

The U.S. Department of the Treasury has unveiled a sweeping sanctions campaign against a network of cyber scam centers across Southeast Asia that collectively stole more than ten billion dollars from American victims in 2024. These operations, often masquerading as legitimate virtual currency investment platforms, relied on sophisticated social engineering techniques to coax users into […] The post Magento and Adobe SessionReaper Vulnerability Exposes Thousands of Online Stores to Automated Attacks appeared first on Cyber Security News.

A sophisticated cyber attack has emerged targeting organizations through a malicious impersonation of DeskSoft’s legitimate EarthTime application, deploying multiple malware families in a coordinated ransomware operation. The attack represents a concerning evolution in threat actor tactics, demonstrating how legitimate software can be weaponized to establish persistent access across enterprise networks. The intrusion begins when unsuspecting […] The post New Cyber Attack Weaponizes DeskSoft to Deploy Malware Leveraging RDP Access to Execute Commands appeared first on Cyber Security News.

A sophisticated malware strain targeting exposed Docker APIs has emerged with enhanced infection capabilities that go beyond traditional cryptomining operations. The threat, discovered in August 2025, demonstrates evolved tactics designed to establish persistent root access while denying other attackers access to compromised systems. The malware represents a significant evolution from a variant originally reported by […] The post New Malware Attack Leveraging Exposed Docker APIs to Maintain Persistent SSH Root Access appeared first on Cyber Security News.

Security researchers have uncovered a sophisticated campaign in recent weeks leveraging a novel Remote Access Trojan (RAT) dubbed MostereRAT that targets Windows systems by deploying legitimate remote access tools such as AnyDesk and TightVNC. The malware’s emergence represents a significant evolution from earlier banking trojans, combining social engineering with advanced evasion techniques to establish covert […] The post MostereRAT Attacking Windows Systems With AnyDesk/TightVNC to Enable Remote Access appeared first on Cyber Security News.

APT37, the North Korean-aligned threat actor also known as ScarCruft, Ruby Sleet, and Velvet Chollima, has expanded its arsenal with sophisticated new malware targeting Windows systems. Active since 2012, the group primarily focuses on South Korean individuals connected to the North Korean regime or involved in human rights activism. The threat actor has now introduced […] The post New APT37 Attacking Windows Machines With New Rust and Python Based Malware appeared first on Cyber Security News.

Cybersecurity researchers began tracking a sophisticated campaign in the closing months of 2024, targeting both government and corporate networks across multiple continents. The threat actors behind this operation, known colloquially as Salt Typhoon and UNC4841, leveraged overlapping infrastructure and shared tactics to maximize stealth and persistence. Initial infiltration was achieved through exploitation of unpatched remote […] The post Chinese Salt Typhoon and UNC4841 Hackers Teamed Up to Attack Government and Corporate Infrastructure appeared first on Cyber Security News.