In Caracas this week, President Nicolás Maduro unveiled the Huawei Mate X6 gifted by China’s Xi Jinping, declaring the device impervious to U.S. espionage efforts. The announcement coincides with heightened tensions between Washington and Beijing, as the United States enforces stringent controls on Chinese telecom equipment. Beyond its political symbolism, the Mate X6 has become […] The post Venezuela’s Maduro Says Huawei Mate X6 Gift From China is Unhackable by U.S. Spies appeared first on Cyber Security News.

Security researchers first observed LunaLock in early September 2025, a sophisticated ransomware strain targeting independent illustrators and digital artists. Leveraging compromised credentials and social engineering, the group behind LunaLock has zeroed in on a niche marketplace—Artists & Clients—where freelance creators exchange custom commissions. Initial intrusion involved spear-phishing campaigns disguised as royalty notifications, enticing victims to […] The post LunaLock Ransomware Attacking Artists to Steal and Encrypt Data appeared first on Cyber Security News.

A massive data breach in early September 2025 attributed to a cyber actor known simply as “Kim” laid bare an unprecedented view into the operational playbook of Kimsuky (APT43). The leak, comprising terminal history files, phishing domains, OCR workflows, compiled stagers, and a full Linux rootkit, revealed a credential-centric campaign that targeted South Korean government […] The post Exposed ‘Kim’ Dump Exposes Kimsuky Hackers New Tactics, Techniques, and Infrastructure appeared first on Cyber Security News.

A sophisticated cybercriminal campaign has emerged, exploiting Amazon’s Simple Email Service (SES) to orchestrate large-scale phishing operations capable of delivering over 50,000 malicious emails daily. The attack represents a significant evolution in cloud service abuse, transforming AWS’s legitimate bulk email platform into a weapon for credential theft and financial fraud. The campaign begins with compromised […] The post Hackers Weaponize Amazon Simple Email Service to Send 50,000+ Malicious Emails Per Day appeared first on Cyber Security News.

Cybersecurity researchers have demonstrated a sophisticated technique for bypassing Web Application Firewalls (WAFs) using JavaScript injection combined with HTTP parameter pollution, exposing critical vulnerabilities in modern web security infrastructure. The research, conducted during an autonomous penetration test, revealed how attackers can exploit parsing differences between WAF engines and web application frameworks to execute malicious code […] The post Researchers Bypassed Web Application Firewall With JS Injection with Parameter Pollution appeared first on Cyber Security News.

U.S. federal authorities have launched an investigation into a sophisticated malware campaign that targeted sensitive trade negotiations between Washington and Beijing. The attack, which surfaced in July 2025, involved fraudulent emails purportedly sent by Representative John Moolenaar, chairman of the House Select Committee on Strategic Competition between the United States and Chinese Communist Party. The […] The post U.S. Authorities Investigating Malicious Email Targeting Trade Talks with China appeared first on Cyber Security News.

A sophisticated malware campaign targeting macOS users has emerged, exploiting the widespread desire for free software to deliver the notorious Atomic macOS Stealer (AMOS). This information-stealing malware masquerades as cracked versions of popular applications, tricking unsuspecting users into compromising their own systems while believing they are simply downloading free software alternatives. The campaign represents a […] The post Atomic Stealer Disguised as Cracked Software Attacking macOS Users appeared first on Cyber Security News.

Ransomware has emerged as one of the most devastating cybercrime threats in the contemporary digital landscape, with criminal organizations operating sophisticated billion-dollar enterprises that target critical infrastructure across multiple nations. Between 2020 and 2022, ransomware groups conducted over 865 documented attacks against organizations in Australia, Canada, New Zealand, and the United Kingdom, employing advanced cryptoviral […] The post Australian Authorities Uncovered Activities and Careers of Ransomware Criminal Groups appeared first on Cyber Security News.

The notorious Lazarus APT group has evolved its attack methodology by incorporating the increasingly popular ClickFix social engineering technique to distribute malware and steal sensitive intelligence data from targeted organizations. This North Korean-linked threat actor, internally tracked as APT-Q-1 by security researchers, has demonstrated remarkable adaptability by integrating deceptive user interface manipulation with their traditional […] The post Lazarus APT Hackers Using ClickFix Technique to Steal Sensitive Intelligence Data appeared first on Cyber Security News.