Security researchers have observed a sophisticated campaign in recent weeks targeting critical infrastructure and government entities across South Asia. Dubbed the DarkSamural operation, this attack chain leverages deceptively crafted LNK and PDF files to infiltrate networks, establish persistence, and exfiltrate sensitive information. Initial reconnaissance indicates that the adversaries disguise malicious MSC (Microsoft Management Console) files […] The post DarkSamural APT Group Malicious LNK and PDF Files to Steal Critical Data appeared first on Cyber Security News.

The North Korea-backed APT group Kimsuky has escalated its cyber operations by weaponizing GitHub repositories for malware delivery and data exfiltration, marking a sophisticated evolution in their attack methodology. This latest campaign demonstrates the group’s growing expertise in abusing legitimate cloud infrastructure to evade traditional security measures while maintaining persistent access to compromised systems. The […] The post Kimsuky Hackers Via Weaponized LNK File Abuses GitHub for Malware Delivery appeared first on Cyber Security News.

In recent months, security researchers have observed a surge in activity by a previously undocumented ransomware group known as The Gentlemen. This threat actor has rapidly distinguished itself through the deployment of highly specialized tools and meticulous reconnaissance tactics, targeting critical infrastructure across multiple sectors and regions. Leveraging legitimate Windows drivers and nuanced Group Policy […] The post New Gentlemen Ransomware Leverages Legitimate Drivers, Group Policies to Infiltrate Organizations appeared first on Cyber Security News.

Salat Stealer has emerged as a pervasive threat targeting Windows endpoints with a focus on harvesting browser-stored credentials and cryptocurrency wallet data. First detected in August 2025, this Go-based infostealer leverages a range of evasion tactics, including UPX packing and process masquerading, to slip past conventional defenses. Its operators advertise the malware through social engineering […] The post Salat Stealer Exfiltrates Browser Credentials Via Sophisticated C2 Infrastructure appeared first on Cyber Security News.

A new wave of phishing attacks purporting to originate from South Korea’s National Tax Service has emerged, leveraging familiar electronic document notifications to trick recipients into divulging their Naver credentials. Distributed on August 25, 2025, the email mimics the official format used by Naver’s secure document service, displaying the sender as “National Tax Service” and […] The post Beware of Phishing Email from Kimusky Hackers With Subject Spetember Tax Return Due Date Notice appeared first on Cyber Security News.

Police-issued body cameras have become ubiquitous tools for recording law enforcement encounters, yet a recent investigation has uncovered troubling design choices in a budget-friendly system that compromise both privacy and data integrity. The Viidure mobile application, designed to transfer video evidence from the camera’s onboard Wi-Fi hotspot to cloud servers, was found to communicate over […] The post Police Body Camera Apps Sending Data to Cloud Servers Hosted in China Via TLS Port 9091 appeared first on Cyber Security News.

Cybersecurity researchers have observed the emergence of a novel Android banking trojan, RatOn in recent months that seamlessly combines remote access capabilities with NFC relay technology and Automated Transfer System (ATS) functions. Initially detected in mid-July 2025, RatOn’s multi-stage architecture leverages a dropper application to install subsequent payloads, culminating in full device takeover and fraudulent […] The post New RatOn Takes Control Over Bank Account and Initiates Automated Money Transfers appeared first on Cyber Security News.