A sophisticated technique known as hidden text salting has emerged as a significant threat to email security systems, allowing cybercriminals to bypass detection mechanisms through the strategic abuse of cascading style sheets (CSS) properties. This attack vector enables threat actors to embed irrelevant content, or “salt,” within various components of malicious emails while rendering it […] The post Hackers Abuse CSS Properties With Messages to Inject Malicious Codes in Hidden Text Salting Attack appeared first on Cyber Security News.

A critical SQL injection vulnerability in FreePBX has emerged as a significant threat to VoIP infrastructure worldwide, enabling attackers to manipulate database contents and achieve arbitrary code execution. FreePBX, a widely deployed PBX system built around the open-source Asterisk VoIP platform, provides organizations with web-based administrative capabilities for managing telecommunications infrastructure. The vulnerability, designated as […] The post FreePBX SQL Injection Vulnerability Exploited to Modify The Database appeared first on Cyber Security News.

A new threat group calling itself Crimson Collective has emerged as a significant cybersecurity concern, targeting Amazon Web Services (AWS) cloud environments with sophisticated data exfiltration and extortion campaigns. The group has recently claimed responsibility for attacking Red Hat, asserting they successfully compromised and stole private repositories from Red Hat’s GitLab infrastructure. This development represents […] The post Crimson Collective Leverages AWS Services to Exfiltrate Sensitive Data appeared first on Cyber Security News.

A sophisticated new breed of ransomware attacks is leveraging legitimate database commands to compromise organizations worldwide, bypassing traditional security measures through “malware-less” operations. Unlike conventional ransomware that encrypts files using malicious binaries, threat actors are exploiting exposed database services by abusing standard database functionality to steal, wipe, and ransom critical data. The attack methodology represents […] The post Hackers Actively Compromising Databases Using Legitimate Commands appeared first on Cyber Security News.

The notorious cybercriminal collective known as Scattered Lapsus$ Hunters has escalated their extortion campaign by launching a dedicated leak site to threaten organizations with the exposure of stolen Salesforce data. This supergroup, comprised of established threat actors including ShinyHunters, Scattered Spider, and Lapsus$, represents a sophisticated evolution in ransomware-as-a-service operations that targets one of the […] The post Scattered Lapsus$ Hunters Launched a New Leak Site to Release Data Stolen from Salesforce Instances appeared first on Cyber Security News.

In recent weeks, cybersecurity analysts have observed a resurgence of the Mustang Panda threat actor deploying a novel DLL side-loading approach to deliver malicious payloads. Emerging in June 2025, this campaign leverages politically themed lures targeting Tibetan advocacy groups. Victims receive a ZIP archive containing a decoy executable named Voice for the Voiceless Photos.exe alongside […] The post Mustang Panda Using New DLL Side-Loading Technique to Deliver Malware appeared first on Cyber Security News.

A sophisticated Android remote access trojan (RAT) has emerged on GitHub, presenting significant security concerns for mobile device users worldwide. The malware, publicly available under the repository “Android-RAT” by user Huckel789, claims to offer fully undetectable (FUD) capabilities that can bypass modern security measures and antivirus detection systems. This malicious software represents a concerning evolution […] The post New Fully Undetectable FUD Android RAT Hosted on GitHub appeared first on Cyber Security News.

In recent weeks, security teams have observed a surge in malvertising campaigns distributing what appears to be a fully functional PDF editor. Dubbed TamperedChef, this malware masquerades as a legitimate application—AppSuite PDF Editor—leveraging convincing advertisements to lure European organizations and individuals into downloading the installer. Once executed, the installer exhibits expected functionalities for nearly two […] The post TamperedChef Malware as PDF Editor Harvest Browser Credentials and Allows Backdoor Access appeared first on Cyber Security News.