A recent investigation has revealed that Microsoft employed China-based engineers to maintain and support SharePoint software, the same collaboration platform that was recently compromised by Chinese state-sponsored hackers. This revelation raises significant concerns about cybersecurity practices and potential insider threats within critical infrastructure systems used by hundreds of government agencies and private companies. The cybersecurity […] The post New Report Claims Microsoft Used China-Based Engineers For SharePoint Support and Bug Fixing appeared first on Cyber Security News.

Cybercriminals unleashed a massive wave of mobile malware attacks during the second quarter of 2025, with security researchers detecting nearly 143,000 malicious installation packages targeting Android and iOS devices. This surge represents a significant escalation in mobile cyber threats, affecting millions of users worldwide through sophisticated attack vectors designed to steal sensitive data, compromise financial […] The post 143,000 Malware Files Attacked Android and iOS Device Users in Q2 2025 appeared first on Cyber Security News.

A new ransomware threat has emerged as one of 2025’s most prolific cybercriminal operations, with SafePay ransomware claiming attacks against 73 victim organizations in June alone, followed by 42 additional victims in July. This surge has positioned SafePay as a significant threat actor that security teams worldwide must understand and prepare to defend against. Unlike […] The post SafePay Ransomware Claiming Attacks Over 73 Victim Organizations in a Single Month appeared first on Cyber Security News.

A sophisticated new threat actor designated TAG-150 has emerged as a significant cybersecurity concern, demonstrating rapid development capabilities and technical sophistication in deploying multiple self-developed malware families since March 2025. The group has successfully created and deployed CastleLoader, CastleBot, and their latest creation, CastleRAT, a previously undocumented remote access trojan that represents a concerning evolution […] The post TAG-150 Hackers Deploying Self-Developed Malware Families to Attack Organizations appeared first on Cyber Security News.

A sophisticated cyber campaign has emerged targeting U.S.-based organizations through trojanized ConnectWise ScreenConnect installers, marking a significant evolution in remote monitoring and management (RMM) tool abuse. Since March 2025, these attacks have demonstrated increased frequency and technical sophistication, leveraging legitimate administrative software to establish persistent footholds within corporate networks. The campaign employs deceptive social engineering […] The post Threats Actors Weaponize ScreenConnect Installers to Gain Initial Access to Organizations appeared first on Cyber Security News.

A recently discovered strain of cryptomining malware has captured the attention of security teams worldwide by abusing the built-in Windows Character Map application as an execution host. The threat actor initiates the attack through a PowerShell script that downloads and executes a heavily obfuscated AutoIt loader entirely in memory, avoiding disk writes and common detection […] The post New Malware Leverages Windows Character Map to Bypass Windows Defender and Mine Cryptocurrency for The Attackers appeared first on Cyber Security News.

Over the past year, cybersecurity researchers have observed a surge in activity from North Korean threat actors leveraging military-grade social engineering techniques to target professionals in the cryptocurrency industry. This campaign, dubbed Contagious Interview, employs a deceptively benign job-application process that masks the delivery of sophisticated malware. Victims receive invitations to participate in mock assessments […] The post North Korean Threat Actors Reveal Their Tactics in Replacing Infrastructure With New Assets appeared first on Cyber Security News.