In early October 2025, cybersecurity researcher Jeremiah Fowler discovered a publicly accessible database belonging to Invoicely, a Vienna-based invoicing and billing platform used by over 250,000 businesses worldwide. The repository contained 178,519 files in XLSX, CSV, PDF, and image formats, each harboring sensitive personal and financial information. Among the exposed documents were invoices, scanned checks, […] The post 178,000+ Invoices With Customers Personal Records Exposes from Invoice Platform Invoicely appeared first on Cyber Security News.

Remote monitoring and management (RMM) tools have long served as indispensable assets for IT administrators, providing seamless remote control, unattended access, and scripted automation across enterprise endpoints. In recent months, security researchers have observed a surge in adversaries repurposing ScreenConnect—a ConnectWise RMM solution—as a clandestine backdoor for initial intrusion and ongoing control. Emerging from widespread […] The post ScreenConnect Abused by Threat Actors to Gain Unauthorized Remote Access to Your Computer appeared first on Cyber Security News.

A new evolution is underway in the Russian cybercrime ecosystem: market operators and threat actors are rapidly shifting from selling compromised Remote Desktop Protocol (RDP) access to trading malware stealer logs for unauthorized system entry. This transition marks a significant change in both tactics and impact within the underground forums, affecting organizations and individuals worldwide. […] The post Russian Cybercrime Market Hub Transferring from RDP Access to Malware Stealer Logs to Access appeared first on Cyber Security News.

A sophisticated campaign targeting macOS users has emerged through spoofed Homebrew installer websites that deliver malicious payloads alongside legitimate package manager installations. The attack exploits the widespread trust users place in the popular Homebrew package manager by creating pixel-perfect replicas of the official brew[.]sh installation page, complete with deceptive clipboard manipulation techniques. Security researchers have […] The post Hackers Attacking macOS Users With Spoofed Homebrew Websites to Inject Malicious Payloads appeared first on Cyber Security News.

A newly identified pro-Russian hacktivist group has successfully infiltrated operational technology and industrial control systems belonging to critical infrastructure organizations, employing sophisticated techniques to steal login credentials and disrupt vital services. The threat actor, known as TwoNet, represents an emerging class of hacktivists who have expanded beyond traditional distributed denial-of-service attacks to target human-machine interfaces […] The post Pro-Russian Hacktivist Attacking OT/ICS Devices to Steal Login Credentials appeared first on Cyber Security News.

A critical vulnerability in Axis Communications’ Autodesk Revit plugin has exposed Azure Storage Account credentials, creating significant security risks for customers and potentially enabling supply chain attacks targeting the architecture and engineering industry. The vulnerability stems from hardcoded credentials embedded within signed Dynamic Link Libraries (DLLs) distributed to customers through the plugin’s Microsoft Installer (MSI) […] The post Axis Communications Vulnerability Exposes Azure Storage Account Credentials appeared first on Cyber Security News.

The cybersecurity landscape witnessed a concerning development as threat actors discovered a novel attack vector targeting Microsoft Edge’s Internet Explorer mode functionality. This sophisticated campaign emerged in August 2025, exploiting the inherent security weaknesses of legacy browser technology to compromise unsuspecting users’ devices. The attack represents a significant evolution in threat actor tactics, demonstrating their […] The post Hackers Leveraging Microsoft Edge Internet Explorer Mode to Gain Access to Users’ Devices appeared first on Cyber Security News.

North Korean state-sponsored threat actors have intensified their supply chain attacks against software developers through a sophisticated campaign dubbed “Contagious Interview,” deploying 338 malicious npm packages that have accumulated over 50,000 downloads. The operation represents a dramatic escalation in the weaponization of the npm registry, targeting Web3, cryptocurrency, and blockchain developers through elaborate social engineering […] The post North Korean Hackers Attacking Developers with 338 Malicious npm Packages appeared first on Cyber Security News.

Security researchers have identified a sophisticated malware campaign that exploits WhatsApp’s messaging platform to deploy banking trojans targeting Brazilian financial institutions and cryptocurrency exchanges. The self-propagating worm, which emerged on September 29, 2025, demonstrates advanced evasion techniques and multi-stage infection chains designed to circumvent modern security defenses. The threat has already affected over 400 customer […] The post New WhatsApp Worm Attacks Users with Banking Malware to Users Login Credentials appeared first on Cyber Security News.