A sophisticated phishing campaign has emerged targeting maintainers of packages on the Python Package Index (PyPI), employing domain confusion tactics to steal authentication credentials from unsuspecting developers. The attack leverages fraudulent emails designed to mimic official PyPI communications, directing recipients to malicious domains that closely resemble the legitimate PyPI infrastructure. The phishing operation utilizes carefully […] The post New Phishing Attack Targeting PyPI Maintainers to Steal Login Credentials appeared first on Cyber Security News.

A sophisticated malware campaign orchestrated by the Vietnamese Lone None threat actor group has been leveraging fraudulent copyright infringement takedown notices to deploy information-stealing malware onto unsuspecting victims’ systems. The campaign, which has been actively tracked since November 2024, represents a concerning evolution in social engineering tactics that exploits legitimate legal concerns to bypass traditional […] The post Threat Actors Using Copyright Takedown Claims to Deploy Malware appeared first on Cyber Security News.

A sophisticated malware campaign targeting WordPress websites has been discovered employing advanced steganographic techniques and persistent backdoor mechanisms to maintain unauthorized administrator access. The malware operates through two primary components that work in tandem to create a resilient attack infrastructure, enabling cybercriminals to establish persistent footholds on compromised websites while remaining undetected by traditional security […] The post Hackers Exploiting WordPress Websites With Silent Malware to Gain Admin Access appeared first on Cyber Security News.

A recent wave of attacks leveraging malicious Windows shortcut files (.LNK) has put security teams on high alert. Emerging in late August 2025, this new LNK malware distribution exploits trusted Microsoft binaries to bypass endpoint protections and execute payloads without raising suspicions. Delivered primarily via spear-phishing emails and compromised websites, the shortcut files appear innocuous, […] The post New LNK Malware Uses Windows Binaries to Bypass Security Tools and Execute Malware appeared first on Cyber Security News.

BRICKSTORM has surfaced as a highly evasive backdoor targeting organizations within the technology and legal industries, exploiting trust relationships to infiltrate critical networks. First detected in mid-2025, this malware leverages multi-stage loaders and covert communication channels to avoid detection. Early victims reported unusual latency in remote desktop sessions, prompting deeper forensic investigations. As the campaign […] The post New BRICKSTORM Stealthy Backdoor Attacking Tech and Legal Sectors appeared first on Cyber Security News.

In recent weeks, security researchers have observed a surge in targeted attacks attributed to the COLDRIVER advanced persistent threat (APT) group. This adversary has introduced a new PowerShell-based backdoor, dubbed BAITSWITCH, which exhibits sophisticated command-and-control techniques while blending into legitimate Windows processes. Initial sightings trace back to late July 2025, when intrusion attempts against government […] The post COLDRIVER APT Group Uses ClickFix To Deliver a New PowerShell-Based Backdoor BAITSWITCH appeared first on Cyber Security News.

Numerous mobile applications have been found to expose critical user information through misconfigured Firebase services, allowing unauthenticated attackers to access databases, storage buckets, Firestore collections, and Remote Config secrets. This widespread issue first came to light when security researcher Mike Oude Reimer published findings on 16 September 2025, demonstrating that approximately 150 different Firebase endpoints […] The post Numerous Applications Using Google’s Firebase Platform Leaking Highly Sensitive Data appeared first on Cyber Security News.