A sophisticated Android malware campaign has emerged in recent months, targeting students in Bangladesh by masquerading as legitimate scholarship applications. Disguised under the guise of the Bangladesh Education Board, these fraudulent apps promise financial aid and entice unsuspecting users to download APKs from shortened URLs. Once installed, the malware covertly harvests personal and financial information, […] The post Beware of Fraudulent Scholarship Apps Attacking Students in Defarud Campaign appeared first on Cyber Security News.

Security researchers at Socket.dev uncovered a sophisticated supply chain attack in late August 2025 leveraging a malicious npm package named nodejs-smtp, which masquerades as the widely used email library nodemailer, boasting approximately 3.9 million weekly downloads. At first glance, nodejs-smtp operates identically to its legitimate counterpart, supplying a familiar API and successfully dispatching emails. This […] The post Malicious npm Package Mimics as Popular Nodemailer with Weekly 3.9 Million Downloads to Hijack Crypto Transactions appeared first on Cyber Security News.

Infostealer malware, initially designed to indiscriminately harvest credentials from compromised hosts, has evolved into a potent weapon for state-sponsored Advanced Persistent Threat (APT) groups. Emerging in early 2023, families such as RedLine, Lumma, and StealC quickly proliferated across phishing campaigns and malicious downloads. These infostealers cast wide nets, siphoning browser data, cookies, and system information, […] The post Infostealer Malware is Being Exploited by APT Groups for Targeted Attacks appeared first on Cyber Security News.

Amazon’s threat intelligence team uncovered a sophisticated watering hole campaign in late August 2025, which is orchestrated by APT29, also known as Midnight Blizzard, a Russian Foreign Intelligence Service–linked actor. The operation relied on the compromise of legitimate websites to redirect unsuspecting visitors to malicious infrastructure. Once redirected, users encountered counterfeit Cloudflare verification pages designed […] The post Amazon Dismantles Russian APT 29 Infrastructure Used to Attack Users appeared first on Cyber Security News.

A sophisticated malware campaign targeting niche Large Language Model (LLM) role-playing communities has emerged, leveraging advanced social engineering tactics to distribute a dangerous Remote Access Trojan (RAT). The malware, dubbed “AI Waifu RAT” by security researchers, masquerades as an innovative AI character enhancement tool that promises “meta” interactions between users and their virtual AI companions. […] The post AI Waifu RAT Attacking Users With Novel Social Engineering Techniques appeared first on Cyber Security News.

Since its emergence in February 2025, the NightSpire ransomware group has rapidly distinguished itself through a sophisticated double-extortion strategy that combines targeted encryption with public data leaks. Initially surfacing in South Korea, the group leveraged vulnerabilities in corporate networks to gain initial access, often exploiting outdated VPN appliances and unpatched Remote Desktop Protocol services. Once […] The post NightSpire Ransomware Group Claims to Exploit The Vulnerabilities of Orgs to Infiltrate Their Systems appeared first on Cyber Security News.

A sophisticated malware campaign has emerged targeting users seeking free PDF editing software, with cybercriminals distributing a malicious application masquerading as the legitimate “AppSuite PDF Editor.” The malware, packaged as a Microsoft Installer (MSI) file, has been distributed through high-ranking websites designed to appear as legitimate download portals for productivity tools. These deceptive sites share […] The post AppSuite PDF Editor Hacked to Execute Arbitrary Commands on The Infected System appeared first on Cyber Security News.

In June 2025, a previously undocumented campaign leveraging end-of-support software began surfacing in telemetry data gathered across Eastern Asia. Dubbed TAOTH, the operation exploits an abandoned Chinese input method editor (IME), Sogou Zhuyin, to deliver multiple malware families. Initial intelligence indicated that victims, primarily traditional Chinese users and dissidents, downloaded what appeared to be legitimate […] The post New TAOTH Campaign Exploits End-of-Support Software to Distribute Malware and Collect Sensitive Data appeared first on Cyber Security News.

Attackers have begun leveraging a seemingly innocuous PDF newsletter alongside a malicious Windows shortcut (LNK) file to infiltrate enterprise environments. The attack surfaced in late August 2025, targeting South Korean academic and government institutions under the guise of a legitimate “국가정보연구회 소식지 (52호)” PDF newsletter. Victims receive an archive containing both the PDF decoy and […] The post Hackers Weaponize PDF Along With a Malicious LNK File to Compromise Windows Systems appeared first on Cyber Security News.