The cybersecurity landscape faces a growing threat from sophisticated Phishing-as-a-Service (PhaaS) platforms that are democratizing cybercrime by lowering technical barriers for fraudsters worldwide. Among these emerging threats, the Lucid PhaaS platform has established itself as a formidable force in the underground economy, enabling massive-scale phishing operations across multiple continents and industry sectors. Security researchers have […] The post Lucid PhaaS With 17,500 Phishing Domains Mimics 316 Brands From 74 Countries appeared first on Cyber Security News.

Canada’s law enforcement community has achieved a landmark victory in the fight against illicit finance with the dismantling of TradeOgre, a Tor-based cryptocurrency exchange that facilitated the theft and laundering of over 56 million dollars in digital assets. Emerging in early 2023, TradeOgre operated entirely as a hidden service, leveraging the anonymity of the Tor […] The post Canada Police Dismantles TradeOgre Platform That Stolen 56 Million Dollars in Cryptocurrency appeared first on Cyber Security News.

A sophisticated spoofing campaign has emerged targeting the Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3). Beginning in mid-September 2025, victims attempting to access IC3’s official portal were redirected to fraudulent domains crafted to mirror the legitimate site. The impersonators employed look-alike URLs—such as “ic3-gov.com” and “ic3gov.org”—and reproduced authentic branding, including the FBI seal […] The post Threat Actors Impersonate FBI IC3 Website to Steal The Visitors’ Personal Information appeared first on Cyber Security News.

Industrial automation systems have become the latest battleground for sophisticated cybercriminals who are deploying cleverly crafted malicious scripts and phishing pages to compromise ICS computers. Over the first half of 2025, attackers have increasingly shifted to web-based attack vectors, exploiting legacy interfaces, weak authentication, and outdated software in operational technology environments. These threat actors deliver […] The post Threat Actors Attacking ICS Computers With Malicious Scripts and Phishing Pages appeared first on Cyber Security News.

A previously unseen botnet campaign emerged in late November, using a novel combination of DNS misconfiguration and hijacked networking devices to propel a global malspam operation. Initial reports surfaced when dozens of organizations received what appeared to be legitimate freight invoices, each containing a ZIP archive with a malicious JavaScript payload. Upon execution, the script […] The post New Botnet Leverages DNS Misconfiguration to Launch Massive Cyber Attack appeared first on Cyber Security News.

A threat actor has been observed advertising a new Remote Access Trojan (RAT) on underground forums, marketing it as a fully undetectable (FUD) alternative to the legitimate remote access tool, ScreenConnect. The malware is being sold with a suite of advanced features designed to bypass modern security defenses, signaling a growing trend in sophisticated, ready-to-use […] The post Threat Actors Selling New Undetectable RAT as ’ScreenConnect FUD Alternative’ appeared first on Cyber Security News.

Phishing campaigns have long relied on social engineering to dupe unsuspecting users, but recent developments have elevated these attacks to a new level of sophistication. Attackers now harness advanced content-generation platforms to craft highly personalized emails and webpages, blending genuine corporate branding with contextually relevant messages. These platforms analyze public social media profiles, corporate press […] The post Phishing Attacks Using AI-Powered Platforms to Misleads Users and Evades Security Tools appeared first on Cyber Security News.

A critical authentication bypass vulnerability has emerged in Nokia’s CloudBand Infrastructure Software (CBIS) and Nokia Container Service (NCS) Manager API, designated as CVE-2023-49564. This high-severity flaw, scoring 9.6 on the CVSS v3.1 scale, enables unauthorized attackers to circumvent authentication mechanisms through specially crafted HTTP headers, potentially granting complete access to restricted API endpoints without valid […] The post Nokia CBIS/NCS Manager API Vulnerability Let Attackers Bypass Authentication appeared first on Cyber Security News.

In early 2025, cybersecurity researchers observed an unprecedented collaboration between two Russian APT groups targeting Ukrainian organizations. Historically, Gamaredon has focused on broad spear-phishing campaigns against government and critical infrastructure, while Turla has specialized in high-value cyberespionage using sophisticated implants. Their joint operations mark a significant escalation: Gamaredon gains initial access using its established toolkit, […] The post Russian Hacking Groups Gamaredon and Turla Attacking Organizations to Deploy Kazuar Backdoor appeared first on Cyber Security News.