An aggressive SEO poisoning campaign has surfaced in early October 2025, preying on users searching for the legitimate Ivanti Pulse Secure VPN client. Attackers have registered lookalike domains such as ivanti-pulsesecure.com and ivanti-secure-access.org to host trojanized installers that appear official. Unsuspecting victims clicking on top search results are redirected to these malicious sites, where a […] The post Beware of Malicious Ivanti VPN Client Sites in Google Search That Delivers Malware appeared first on Cyber Security News.

Since its public debut in October 2025, nightmare has quickly become a vital tool for malware analysts seeking to streamline static and dynamic analysis workflows. Developed by Elastic Security Labs, nightmare brings together mature open-source reverse engineering components under a unified Python API. Rather than forcing users to juggle disparate dependencies, nightmare leverages Rizin via […] The post New nightMARE Python Library to Analyze Malware and Extract Intelligence Indicators appeared first on Cyber Security News.

A sophisticated banking Trojan named Maverick has emerged in Brazil, leveraging WhatsApp as its primary distribution channel to compromise thousands of users. The malware campaign was detected in mid-October 2025, with cybersecurity solutions blocking over 62,000 infection attempts in just the first ten days of the month. The threat specifically targets Brazilian users through Portuguese-language […] The post New Banking Malware Abusing WhatsApp to Gain Complete Remote Access to Your Computer appeared first on Cyber Security News.

In early 2025, a novel campaign attributed to the Chinese APT group known as Jewelbug began targeting an IT service provider in Russia. The attackers infiltrated build systems and code repositories, laying the groundwork for a potential software supply chain compromise. Initial access was achieved via a renamed Microsoft Console Debugger binary, “7zup.exe,” which executed […] The post Chinese APT Group IT Service Provider Leveraging Microsoft Console Debugger to Exfiltrate Data appeared first on Cyber Security News.

In mid-2025, Lab539 researchers observed an unexpected surge in a novel browser-based malware campaign dubbed “ClickFix.” Emerging quietly in July, the threat quickly expanded its reach by registering over 13,000 unique domains designed to lure users into executing malicious commands on their own devices. The attack leverages compromised or low-cost hosting infrastructure, including a significant […] The post Hackers Registered 13,000+ Unique Domains and Leverages Cloudflare to Launch Clickfix Attacks appeared first on Cyber Security News.

The GhostBat RAT campaign has emerged as a sophisticated threat targeting Indian Android users through counterfeit Regional Transport Office (RTO) applications. First observed in mid-2025, these malicious APKs masquerade as the official “mParivahan” app, exploiting user trust in government services. Distribution occurs primarily via smishing—WhatsApp messages and SMS containing shortened URLs redirecting victims to GitHub-hosted […] The post GhostBat RAT Android Malware With Fake RTO Apps Steals Targeting Indian Users to Steal Banking Data appeared first on Cyber Security News.

A sophisticated threat actor known as TigerJack has systematically infiltrated developer marketplaces with at least 11 malicious Visual Studio Code extensions, targeting thousands of unsuspecting developers worldwide. Operating under multiple publisher identities including ab-498, 498, and 498-00, this cybercriminal has deployed a comprehensive attack arsenal designed to steal source code, mine cryptocurrency, and establish remote […] The post TigerJack Hacks Infiltrated Developer Marketplaces with 11 Malicious VS Code Extensions appeared first on Cyber Security News.

The emergence of a sophisticated malware campaign leveraging geo-mapping technology has put critical infrastructure and enterprise networks on high alert. First observed targeting sectors across Asia and North America, the malware was traced to a group of Chinese threat actors employing advanced stealth tactics to sustain prolonged network penetration. Attackers harnessed a unique blend of […] The post Chinese Hackers Leverage Geo-Mapping Tool to Maintain Year-Long Persistence appeared first on Cyber Security News.