Russia’s APT28 has resurfaced in mid-2025 with a sophisticated spear-phishing campaign that weaponizes Office documents to deploy two novel payloads: BeardShell, a C-based backdoor leveraging IceDrive as a command-and-control channel, and Covenant’s HTTP Grunt Stager, which communicates via the Koofr cloud API. These malicious documents are distributed through private Signal chats, exploiting the application’s lack […] The post APT28 With Weaponized Office Documents Delivers BeardShell and Covenant Modules appeared first on Cyber Security News.

A sophisticated rootkit targeting GNU/Linux systems has emerged, leveraging advanced eBPF (extended Berkeley Packet Filter) technology to conceal malicious activities and evade traditional monitoring tools. The threat, known as LinkPro, was discovered during a digital forensic investigation of a compromised AWS-hosted infrastructure, where it functioned as a stealthy backdoor with capabilities ranging from process hiding […] The post LinkPro Rootkit Attacking GNU/Linux Systems Using eBPF Module to Hide Malicious Activities appeared first on Cyber Security News.

In recent months, a sophisticated malware campaign—dubbed EtherHiding—has emerged from North Korea-aligned threat actors, sharply escalating the cybersecurity risks facing cryptocurrency exchanges and their users worldwide. The campaign surfaced in the wake of heightened regulatory crackdowns on illicit crypto transactions, with attackers shifting tactics to exploit new digital supply chain vulnerabilities. EtherHiding first appeared in […] The post North Korean Hackers Using EtherHiding to Deliver Malware and Steal Cryptocurrency appeared first on Cyber Security News.

A new information-stealer has emerged targeting job seekers with a trojanized Node.js application named Chessfi. Delivered via a modified npm package hosted on the official repository, the malware blends two previously separate tools—BeaverTail and OtterCookie—into a unified JavaScript payload. Victims are lured through fake employment offers and asked to install the application under the guise […] The post North Korean Hackers Using Malicious Scripts Combining BeaverTail and OtterCookie for Keylogging appeared first on Cyber Security News.

Cybersecurity professionals are raising alarms over a new wave of phishing emails masquerading as breach notifications from LastPass. These messages warn recipients of an urgent account compromise and urge them to download a “security patch” to restore access. In reality, the downloadable file contains a sophisticated malware loader designed to harvest credentials and deploy additional […] The post Beware of Fake ‘LastPass Hack’ Emails Trying to Trick Users Into Installing Malware appeared first on Cyber Security News.

Over the past month, a targeted campaign dubbed Operation Silk Lure has surfaced, exploiting the Windows Task Scheduler to deploy a novel variant of ValleyRAT. Emerging in mid-2025, the operation hinges on spear-phishing emails that carry malicious LNK attachments masquerading as candidate resumes. When victims open these attachments, a hidden PowerShell command initiates the download […] The post Operation Silk Lure Weaponizing Windows Scheduled Tasks to Drop ValleyRAT appeared first on Cyber Security News.

The Qilin ransomware group has emerged as one of the most prolific and dangerous threat actors in the cybersecurity landscape, exploiting sophisticated bulletproof hosting infrastructure to conduct devastating attacks on organizations across multiple sectors. Operating under a Ransomware-as-a-Service (RaaS) model, Qilin first surfaced in mid-2022 under the name “Agenda” before rebranding later that year. The […] The post Qilin Ransomware Using Ghost Bulletproof Hosting to Attack Organizations Worldwide appeared first on Cyber Security News.

In recent months, a new advanced persistent threat (APT) group known as Mysterious Elephant has emerged as a formidable adversary targeting government and diplomatic institutions across the Asia-Pacific region. First identified by Kaspersky’s Global Research and Analysis Team (GReAT) in 2023, the group has continued to refine its toolkit, employing both custom-built malware and modified […] The post Mysterious Elephant APT Hackers Infiltrate Organization to Steal Sensitive Information appeared first on Cyber Security News.