In early May 2025, cybersecurity researchers began tracking a novel Remote Access Trojan (RAT) targeting Chinese-speaking users via phishing sites hosted on GitHub Pages. Masked as legitimate installers for popular applications, the initial ZIP archives contained malicious executables engineered to bypass sandbox and virtual machine defenses. Once executed, the first-stage shellcode performs time stability analysis […] The post kkRAT Employs Network Communication Protocol to Steal Clipboard Contents appeared first on Cyber Security News.

In recent months, cybersecurity researchers have observed a surge in malicious domain registrations linked to an emerging e-crime group known as PoisonSeed. First identified in April 2025, this actor has focused its efforts on impersonating legitimate cloud-based email platforms, most notably SendGrid, to harvest enterprise credentials. By embedding fake Cloudflare CAPTCHA interstitials and Ray ID […] The post PoisonSeed Threat Actor Registering New Domains in Attempt to Compromise Enterprise Credentials appeared first on Cyber Security News.

A sophisticated new remote access trojan named ZynorRAT has emerged as a cross-platform threat, targeting both Windows and Linux systems through an innovative Telegram-based command and control infrastructure. First discovered in July 2025, this Go-compiled malware represents a significant evolution in remote access capabilities, combining traditional RAT functionality with modern communication channels to evade detection […] The post ZynorRAT Attacking Windows and Linux Systems to Gain Remote Access appeared first on Cyber Security News.

ChillyHell first surfaced on public malware repositories in early May 2025, although its developer-signed notarization dates back to 2021. This modular backdoor has eluded detection by major antivirus vendors despite leveraging Apple’s own notarization process to appear legitimate. By masquerading as a benign macOS applet, ChillyHell gains an initial foothold on target machines before deploying […] The post ChillyHell macOS Malware Profiles Compromised Machines and Maintain Persistence with 3 Methods appeared first on Cyber Security News.

A novel malicious Chrome extension has been uncovered targeting digital marketers by masquerading as a productivity tool for Meta ad campaigns. Dubbed “Madgicx Plus,” this extension is distributed through a network of deceptive websites posing as legitimate AI-driven advertising platforms. Rather than optimizing ad performance, the extension leverages powerful browser permissions to hijack user sessions […] The post Malicious Chrome Extension Attacking Users to Steal Meta Login Credentials appeared first on Cyber Security News.

A sophisticated npm supply chain attack that surfaced in late August targeted thousands of downstream projects by injecting malicious payloads into popular JavaScript libraries. Initial reports pointed to a new variant of the notorious Typosquatting technique, but further analysis revealed a more elaborate campaign that leveraged compromised maintainer credentials to publish backdoored modules under legitimate […] The post Hackers Booked Very Little Profit with Widespread npm Supply Chain Attack appeared first on Cyber Security News.

Security researchers have recently observed a surge in sophisticated fileless malware campaigns targeting enterprise environments. AsyncRAT, a powerful Remote Access Trojan, leverages legitimate system tools to execute malicious payloads entirely in memory, effectively sidestepping traditional disk-based defenses. Emergence of this threat underscores the evolving tactics employed by cyber adversaries to maintain stealth and persistence on […] The post AsyncRAT Uses Fileless Loader to Bypass Detections and Gain Remote Access appeared first on Cyber Security News.

Malicious actors have launched a sophisticated malvertising campaign on Facebook that coerces unsuspecting users into installing a fake “Meta Verified” browser extension. Promoted through seemingly legitimate video tutorials, these ads promise to unlock the coveted blue verification tick without paying Meta’s subscription fee. In reality, the extension is engineered to harvest sensitive user data, including […] The post Beware of Malicious Facebook Ads With Meta Verified Steals User Account Details appeared first on Cyber Security News.