A new threat group calling itself Crimson Collective has emerged as a significant cybersecurity concern, targeting Amazon Web Services (AWS) cloud environments with sophisticated data exfiltration and extortion campaigns. The group has recently claimed responsibility for attacking Red Hat, asserting they successfully compromised and stole private repositories from Red Hat’s GitLab infrastructure. This development represents […] The post Crimson Collective Leverages AWS Services to Exfiltrate Sensitive Data appeared first on Cyber Security News.

A sophisticated new breed of ransomware attacks is leveraging legitimate database commands to compromise organizations worldwide, bypassing traditional security measures through “malware-less” operations. Unlike conventional ransomware that encrypts files using malicious binaries, threat actors are exploiting exposed database services by abusing standard database functionality to steal, wipe, and ransom critical data. The attack methodology represents […] The post Hackers Actively Compromising Databases Using Legitimate Commands appeared first on Cyber Security News.

The notorious cybercriminal collective known as Scattered Lapsus$ Hunters has escalated their extortion campaign by launching a dedicated leak site to threaten organizations with the exposure of stolen Salesforce data. This supergroup, comprised of established threat actors including ShinyHunters, Scattered Spider, and Lapsus$, represents a sophisticated evolution in ransomware-as-a-service operations that targets one of the […] The post Scattered Lapsus$ Hunters Launched a New Leak Site to Release Data Stolen from Salesforce Instances appeared first on Cyber Security News.

In recent weeks, cybersecurity analysts have observed a resurgence of the Mustang Panda threat actor deploying a novel DLL side-loading approach to deliver malicious payloads. Emerging in June 2025, this campaign leverages politically themed lures targeting Tibetan advocacy groups. Victims receive a ZIP archive containing a decoy executable named Voice for the Voiceless Photos.exe alongside […] The post Mustang Panda Using New DLL Side-Loading Technique to Deliver Malware appeared first on Cyber Security News.

A sophisticated Android remote access trojan (RAT) has emerged on GitHub, presenting significant security concerns for mobile device users worldwide. The malware, publicly available under the repository “Android-RAT” by user Huckel789, claims to offer fully undetectable (FUD) capabilities that can bypass modern security measures and antivirus detection systems. This malicious software represents a concerning evolution […] The post New Fully Undetectable FUD Android RAT Hosted on GitHub appeared first on Cyber Security News.

In recent weeks, security teams have observed a surge in malvertising campaigns distributing what appears to be a fully functional PDF editor. Dubbed TamperedChef, this malware masquerades as a legitimate application—AppSuite PDF Editor—leveraging convincing advertisements to lure European organizations and individuals into downloading the installer. Once executed, the installer exhibits expected functionalities for nearly two […] The post TamperedChef Malware as PDF Editor Harvest Browser Credentials and Allows Backdoor Access appeared first on Cyber Security News.

Yurei ransomware first emerged in early September 2025, targeting Windows environments with a sophisticated Go-based payload designed for rapid, large-scale encryption. Once executed, the malware enumerates all accessible local and network drives, appends a .Yurei extension to each file, and writes unique ransom notes in every affected directory. Its operators then demand payment over Tor, […] The post Yurei Ransomware Leverages SMB Shares and Removable Drives to Encrypt Files appeared first on Cyber Security News.

WordPress websites have become a prime target for threat actors seeking to monetize traffic and compromise visitor security. In recent months, a new malvertising campaign has emerged, leveraging silent PHP code injections within theme files to serve unwanted third-party scripts. The attack blends seamlessly with legitimate site operations, delivering obfuscated JavaScript that redirects visitors, displays […] The post Hackers Weaponizing WordPress Websites by Injecting Malicious PHP Codes Silently appeared first on Cyber Security News.