A new Android banking trojan has emerged that combines traditional overlay attacks with a stealthy hidden Virtual Network Computing (VNC) server to achieve full remote control of compromised devices. First detected in late September 2025, the malware is distributed through SMS-based phishing campaigns that lure victims into installing a fake “security” app. Once granted the […] The post New Android Banking Trojan Uses Hidden VNC to Gain Complete Remote Control Over Device appeared first on Cyber Security News.

A concerning cybersecurity trend has emerged as threat actors exploit the growing popularity of artificial intelligence tools by distributing malicious Chrome extensions masquerading as legitimate platforms. These deceptive extensions target users seeking convenient access to popular services like ChatGPT, Claude, Perplexity, and Meta Llama, creating a significant security risk for unsuspecting individuals and organizations. The […] The post Beware! Threat Actors Distributing Malicious AI Tools as Chrome Extensions appeared first on Cyber Security News.

In late September 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued a public alert regarding the active exploitation of a critical command injection vulnerability tracked as CVE-2025-59689 in Libraesva Email Security Gateway (ESG) devices. This flaw has rapidly emerged as a favored target for threat actors due to its ease of exploitation and the […] The post CISA Warns of Libraesva ESG Command Injection Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.

A sophisticated attack campaign targeting improperly managed Microsoft SQL servers has emerged, deploying the XiebroC2 command and control framework to establish persistent access to compromised systems. The attack leverages vulnerable credentials on publicly accessible database servers, allowing threat actors to gain initial foothold and escalate privileges through a multi-stage deployment process. XiebroC2, a publicly available […] The post Threat Actors Hijacking MS-SQL Server to Deploy XiebroC2 Framework appeared first on Cyber Security News.

In recent months, a surge in targeted intrusions attributed to the Iranian-aligned threat group APT35 has set off alarm bells across government and military networks worldwide. First detected in early 2025, the campaign leverages custom-built malware to infiltrate secure perimeters and harvest user credentials. Initial indicators of compromise point to spear-phishing emails with HTML attachments […] The post APT35 Hackers Attacking Government, Military Organizations to Steal Login Credentials appeared first on Cyber Security News.

Veeam Backup & Replication, a cornerstone of many enterprises’ data protection strategy, has reportedly become the focus of a new exploit being offered on a clandestine marketplace. According to a recent listing, a seller operating under the handle “SebastianPereiro” claims to possess a remote-code-execution (RCE) exploit targeting specific Veeam 12.x builds. Dubbed the “Bug of […] The post Threat Actors Allegedly Listed Veeam RCE Exploit for Sale on Dark Web appeared first on Cyber Security News.