The U.S. Department of the Treasury has unveiled a sweeping sanctions campaign against a network of cyber scam centers across Southeast Asia that collectively stole more than ten billion dollars from American victims in 2024. These operations, often masquerading as legitimate virtual currency investment platforms, relied on sophisticated social engineering techniques to coax users into […] The post Magento and Adobe SessionReaper Vulnerability Exposes Thousands of Online Stores to Automated Attacks appeared first on Cyber Security News.

A sophisticated cyber attack has emerged targeting organizations through a malicious impersonation of DeskSoft’s legitimate EarthTime application, deploying multiple malware families in a coordinated ransomware operation. The attack represents a concerning evolution in threat actor tactics, demonstrating how legitimate software can be weaponized to establish persistent access across enterprise networks. The intrusion begins when unsuspecting […] The post New Cyber Attack Weaponizes DeskSoft to Deploy Malware Leveraging RDP Access to Execute Commands appeared first on Cyber Security News.

A sophisticated malware strain targeting exposed Docker APIs has emerged with enhanced infection capabilities that go beyond traditional cryptomining operations. The threat, discovered in August 2025, demonstrates evolved tactics designed to establish persistent root access while denying other attackers access to compromised systems. The malware represents a significant evolution from a variant originally reported by […] The post New Malware Attack Leveraging Exposed Docker APIs to Maintain Persistent SSH Root Access appeared first on Cyber Security News.

Security researchers have uncovered a sophisticated campaign in recent weeks leveraging a novel Remote Access Trojan (RAT) dubbed MostereRAT that targets Windows systems by deploying legitimate remote access tools such as AnyDesk and TightVNC. The malware’s emergence represents a significant evolution from earlier banking trojans, combining social engineering with advanced evasion techniques to establish covert […] The post MostereRAT Attacking Windows Systems With AnyDesk/TightVNC to Enable Remote Access appeared first on Cyber Security News.

APT37, the North Korean-aligned threat actor also known as ScarCruft, Ruby Sleet, and Velvet Chollima, has expanded its arsenal with sophisticated new malware targeting Windows systems. Active since 2012, the group primarily focuses on South Korean individuals connected to the North Korean regime or involved in human rights activism. The threat actor has now introduced […] The post New APT37 Attacking Windows Machines With New Rust and Python Based Malware appeared first on Cyber Security News.

Cybersecurity researchers began tracking a sophisticated campaign in the closing months of 2024, targeting both government and corporate networks across multiple continents. The threat actors behind this operation, known colloquially as Salt Typhoon and UNC4841, leveraged overlapping infrastructure and shared tactics to maximize stealth and persistence. Initial infiltration was achieved through exploitation of unpatched remote […] The post Chinese Salt Typhoon and UNC4841 Hackers Teamed Up to Attack Government and Corporate Infrastructure appeared first on Cyber Security News.

In Caracas this week, President Nicolás Maduro unveiled the Huawei Mate X6 gifted by China’s Xi Jinping, declaring the device impervious to U.S. espionage efforts. The announcement coincides with heightened tensions between Washington and Beijing, as the United States enforces stringent controls on Chinese telecom equipment. Beyond its political symbolism, the Mate X6 has become […] The post Venezuela’s Maduro Says Huawei Mate X6 Gift From China is Unhackable by U.S. Spies appeared first on Cyber Security News.

Security researchers first observed LunaLock in early September 2025, a sophisticated ransomware strain targeting independent illustrators and digital artists. Leveraging compromised credentials and social engineering, the group behind LunaLock has zeroed in on a niche marketplace—Artists & Clients—where freelance creators exchange custom commissions. Initial intrusion involved spear-phishing campaigns disguised as royalty notifications, enticing victims to […] The post LunaLock Ransomware Attacking Artists to Steal and Encrypt Data appeared first on Cyber Security News.

A massive data breach in early September 2025 attributed to a cyber actor known simply as “Kim” laid bare an unprecedented view into the operational playbook of Kimsuky (APT43). The leak, comprising terminal history files, phishing domains, OCR workflows, compiled stagers, and a full Linux rootkit, revealed a credential-centric campaign that targeted South Korean government […] The post Exposed ‘Kim’ Dump Exposes Kimsuky Hackers New Tactics, Techniques, and Infrastructure appeared first on Cyber Security News.