Cybercriminals are deploying increasingly sophisticated methods to bypass security systems, with the latest threat emerging from the advanced Tycoon phishing-as-a-service kit. This malicious platform has introduced novel techniques designed to obscure dangerous links, making them nearly invisible to traditional detection systems while maintaining their effectiveness against unsuspecting victims. The Tycoon phishing kit represents a significant […] The post Tycoon Phishing Kit Employs New Technique to Hide Malicious Links appeared first on Cyber Security News.

A sophisticated threat actor known as NoisyBear has emerged as a significant concern for Kazakhstan’s energy sector, employing advanced tactics to infiltrate critical infrastructure through weaponized ZIP files and PowerShell-based attack chains. This newly identified group has been orchestrating targeted campaigns against KazMunaiGas (KMG), the country’s national oil and gas company, using highly crafted phishing […] The post NoisyBear Weaponizing ZIP Files to PowerShell Loaders and Exfiltrate Sensitive Data appeared first on Cyber Security News.

Educational institutions have become prime targets in the escalating battle against commodity information stealers. First emerging in 2022 as an open-source project on GitHub, Stealerium was initially released “for educational purposes” but rapidly attracted illicit interest. Adversaries adapted and enhanced the code to create variants—such as Phantom Stealer and Warp Stealer—resulting in a family of […] The post Threat Actors Using Stealerium Malware to Attack Educational Organizations appeared first on Cyber Security News.

A sprawling network of illicit Internet Protocol Television (IPTV) services has been discovered, operating across more than 1,100 domains and in excess of 10,000 IP addresses. This sprawling infrastructure, which has remained active for several years, delivers unauthorized streams of premium content—including major sports leagues, subscription services, and on-demand platforms—without licensing agreements. Silent Push analysts […] The post Massive IPTV Hosted Across More Than 1,000 Domains and Over 10,000 IP Addresses appeared first on Cyber Security News.

Over the past several years, a concerted campaign by Chinese state-sponsored Advanced Persistent Threat (APT) groups has exploited critical vulnerabilities in enterprise-grade routers to establish long-term footholds within global telecommunications and government networks. These actors, often identified under monikers such as Salt Typhoon and OPERATOR PANDA, have systematically targeted provider edge (PE) and customer edge […] The post Chinese APT Hackers Exploit Router Vulnerabilities to Infiltrate Enterprise Environments appeared first on Cyber Security News.

A sophisticated phishing campaign targeting PayPal’s massive user base has emerged, utilizing deceptive “Set up your account profile” emails to compromise user accounts through an ingenious secondary user addition scheme. The attack leverages advanced email spoofing techniques and psychological manipulation tactics to bypass traditional security awareness measures, representing a significant evolution in financial fraud methodologies. […] The post Threat Actors Attack PayPal Users in New Account Profile Set up Scam appeared first on Cyber Security News.

Emerging quietly in mid-2025, the XWorm backdoor has evolved into a deceptively sophisticated threat that preys on both user confidence and system conventions. Initial reports surfaced when organizations noted a sudden uptick in obscure .lnk-based phishing emails masquerading as benign documents. Security teams quickly observed that these shortcuts triggered hidden PowerShell routines rather than opening […] The post XWorm Malware With New Infection Chain Evade Detection Exploiting User and System Trust appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a critical vulnerability in the artificial intelligence supply chain that enables attackers to achieve remote code execution across major cloud platforms including Microsoft Azure AI Foundry, Google Vertex AI, and thousands of open-source projects. The newly discovered attack method, termed “Model Namespace Reuse,” exploits a fundamental flaw in how AI platforms […] The post New Namespace Reuse Vulnerability Allows Remote Code Execution in Microsoft Azure AI, Google Vertex AI, and Hugging Face appeared first on Cyber…