A sophisticated malware campaign has emerged that leverages fake online speed test applications to deploy obfuscated JavaScript payloads on Windows systems. These malicious utilities masquerade as legitimate network speed testing tools, manual readers, PDF utilities, and various search frontends to deceive unsuspecting users into installing dangerous code that operates covertly in the background. The attack […] The post Beware of Fake Online Speedtest Application With Obfuscated JS Codes appeared first on Cyber Security News.

The Iranian threat actor known as Nimbus Manticore has intensified its campaign targeting defense manufacturing, telecommunications, and aviation sectors across Western Europe with sophisticated new malware variants. This mature advanced persistent threat group, also tracked as UNC1549 and Smoke Sandstorm, has evolved its tactics to include previously undocumented techniques for evading detection and maintaining persistence […] The post Nimbus Manticore Attacking Defense and Telecom Sectors With New Malware appeared first on Cyber Security News.

Cybercriminals have embraced a new deceptive technique that transforms seemingly harmless vector graphics into dangerous malware delivery systems. A recent campaign targeting Latin America demonstrates how attackers are exploiting oversized SVG files containing embedded malicious payloads to distribute AsyncRAT, a potent remote access trojan capable of comprehensive system compromise. The campaign begins with carefully crafted […] The post Hackers Weaponizing SVG Files to Stealthily Deliver Malicious Payloads appeared first on Cyber Security News.

In recent months, a sophisticated campaign has emerged in which state-linked threat actors are leveraging fake job offers to ensnare unsuspecting job seekers and deliver advanced malware. These attackers craft convincing phishing emails that direct victims to look-alike career portals, impersonating leading aerospace and defense firms. The lure often begins with a personalized outreach on […] The post Threat Actors with Fake Job Lures Attacking Job Seekers to Deploy Advanced Malware appeared first on Cyber Security News.

In recent weeks, security researchers have uncovered an elaborate phishing campaign that leverages legitimate GitHub notification mechanisms to deliver malicious content. Victims receive seemingly authentic repository alerts, complete with real-looking commit messages and collaborator updates. Upon closer inspection, the notification headers reveal altered sender addresses and obfuscated links. The campaign’s sophistication has allowed it to […] The post Hackers Abusing GitHub Notifications to Deliver Phishing Emails appeared first on Cyber Security News.

A seemingly innocent patch update for the popular 2D platformer game BlockBlasters has transformed into a sophisticated malware campaign, exposing hundreds of Steam users to data theft and system compromise. The malicious patch, deployed on August 30, 2025, demonstrates how threat actors are increasingly exploiting the gaming ecosystem to distribute information-stealing malware while users remain […] The post BlockBlasters Steam Game Downloads Malware to Computer Disguised as Patch appeared first on Cyber Security News.

In recent weeks, security researchers have observed a surge in attacks exploiting Oracle Database Scheduler’s External Jobs feature to gain a foothold in corporate environments. This technique abuses the scheduler’s ability to execute arbitrary commands on Windows-based database servers, allowing adversaries to bypass perimeter defenses. Initial intrusion vectors involve probing publicly exposed Oracle listener ports […] The post Threat Actors Leverage Oracle Database Scheduler to Gain Access to Corporate Environments appeared first on Cyber Security News.