Cybersecurity researchers have identified a sophisticated new command-and-control framework that exploits legitimate Google Calendar APIs to establish covert communication channels between attackers and compromised systems. The MeetC2 framework, discovered in September 2025, represents a concerning evolution in adversarial tactics where threat actors abuse trusted cloud services to bypass traditional security controls and evade detection mechanisms. […] The post Hackers Leverages Google Calendar APIs With Serverless MeetC2 Communication Framework appeared first on Cyber Security News.

Security teams began observing a novel botnet strain slipping beneath the radar of standard Windows Defender defenses in early August 2025. Dubbed NightshadeC2, this malware family leverages both C and Python-based payloads to establish persistent, remote-control access on compromised hosts. Initial infection chains often start with customized “ClickFix” landing pages that trick users into executing […] The post New NightshadeC2 Botnet Uses ‘UAC Prompt Bombing’ to Bypass Windows Defender Protections appeared first on Cyber Security News.

A previously unseen malware campaign began circulating in early August 2025, through email attachments and web downloads, targeting users in Colombia and beyond. By leveraging two distinct vector-based file formats—Adobe Flash SWF and Scalable Vector Graphics (SVG)—the attackers crafted a multiphase operation that evaded traditional antivirus detection. Initial reports surfaced when a benign-looking SWF file […] The post Colombian Malware Weaponizing SWF and SVG to Bypass Detection appeared first on Cyber Security News.

Cybercriminals are deploying increasingly sophisticated methods to bypass security systems, with the latest threat emerging from the advanced Tycoon phishing-as-a-service kit. This malicious platform has introduced novel techniques designed to obscure dangerous links, making them nearly invisible to traditional detection systems while maintaining their effectiveness against unsuspecting victims. The Tycoon phishing kit represents a significant […] The post Tycoon Phishing Kit Employs New Technique to Hide Malicious Links appeared first on Cyber Security News.

A sophisticated threat actor known as NoisyBear has emerged as a significant concern for Kazakhstan’s energy sector, employing advanced tactics to infiltrate critical infrastructure through weaponized ZIP files and PowerShell-based attack chains. This newly identified group has been orchestrating targeted campaigns against KazMunaiGas (KMG), the country’s national oil and gas company, using highly crafted phishing […] The post NoisyBear Weaponizing ZIP Files to PowerShell Loaders and Exfiltrate Sensitive Data appeared first on Cyber Security News.

Educational institutions have become prime targets in the escalating battle against commodity information stealers. First emerging in 2022 as an open-source project on GitHub, Stealerium was initially released “for educational purposes” but rapidly attracted illicit interest. Adversaries adapted and enhanced the code to create variants—such as Phantom Stealer and Warp Stealer—resulting in a family of […] The post Threat Actors Using Stealerium Malware to Attack Educational Organizations appeared first on Cyber Security News.

A sprawling network of illicit Internet Protocol Television (IPTV) services has been discovered, operating across more than 1,100 domains and in excess of 10,000 IP addresses. This sprawling infrastructure, which has remained active for several years, delivers unauthorized streams of premium content—including major sports leagues, subscription services, and on-demand platforms—without licensing agreements. Silent Push analysts […] The post Massive IPTV Hosted Across More Than 1,000 Domains and Over 10,000 IP Addresses appeared first on Cyber Security News.