Android’s open ecosystem has been both its greatest strength and a persistent security challenge. While sideloading offers developers and users unparalleled freedom, it has also become a vector for malicious actors to distribute malware masquerading as legitimate applications. Over the past year, Android Developers Blog analysts noted that malware delivered via internet-sideloaded sources outpaced Play […] The post Google to Add New Layer of Developer Verification to Distribute Apps on Play Store appeared first on Cyber Security News.

In early August 2025, security researchers uncovered an unprecedented campaign targeting India’s BOSS Linux installations through seemingly innocuous shortcut files. These files, masquerading as PDF documents, leverage the .desktop format intrinsic to Linux desktop environments to deliver and execute malicious payloads. Initial access is gained via spear-phishing emails containing a ZIP archive named “Meeting_Notice_Ltr_ID1543ops.pdf_.zip.” When […] The post APT36 Hackers Attacking Indian BOSS Linux Systems With Weaponized .desktop Shortcut Files appeared first on Cyber Security News.

In August 2025, researchers at George Mason University published a groundbreaking study at the 34th USENIX Security Symposium, introducing OneFlip, an inference-time backdoor attack that flips just one bit in full-precision neural networks to implant stealth triggers. Unlike traditional backdoor methods that require poisoning training data or manipulating the training process, OneFlip operates entirely at […] The post OneFlip – New Attack Flips a Single Bit in Neural Networks for Stealthily Backdoor on AI Systems appeared first on Cyber Security…

Android droppers have evolved from niche installers for heavyweight banking Trojans into universal delivery frameworks, capable of deploying even rudimentary spyware or SMS stealers. Initially, droppers served banking malware families that required elevated Accessibility permissions to harvest credentials. These small applications appeared innocuous at first glance, often masquerading as utility or government apps in high-risk […] The post Threat Actors Adapting Android Droppers Even to Deploy Simple Malware to Stay Future-Proof appeared first on Cyber Security News.

A stealthy espionage campaign emerged in early 2025 targeting diplomats and government entities in Southeast Asia and beyond. At the heart of this operation lies STATICPLUGIN, a downloader meticulously disguised as a legitimate Adobe plugin update. Victims encountered a captive portal hijack that redirected browsers to malicious domains, where an HTTPS-secured landing page prompted users […] The post Chinese UNC6384 Hackers Leverages Valid Code Signing Certificates to Evade Detection appeared first on Cyber Security News.

A sophisticated campaign of cyber sabotage unfolded against Iran’s maritime communications infrastructure in late August 2025, cutting off dozens of vessels from vital satellite links and navigation aids. Rather than targeting each ship individually—a logistical nightmare across international waters—the attackers infiltrated Fanava Group, the IT provider responsible for satellite communications to Iran’s sanctioned tanker fleets. […] The post Hackers Sabotage Iranian Ships Using Maritime Communications Terminals in Its MySQL Database appeared first on Cyber Security News.

Cybersecurity researchers have observed a surge in deceptive sites masquerading as YouTube video download services to deliver Proxyware malware in recent weeks. Victims seeking to grab videos in MP4 format are redirected through ad pages that sporadically present a download link for a seemingly legitimate utility called “WinMemoryCleaner.” Behind this innocuous facade, however, lies a […] The post Proxyware Malware Mimic as YouTube Video Download Site Delivers Malicious Javascripts appeared first on Cyber Security News.

In recent weeks, cybersecurity investigators have uncovered a novel campaign in which hackers leverage seemingly benign potentially unwanted program (PUP) advertisements to deliver stealthy Windows malware. The lure typically begins with ads promoting free PDF tools or desktop assistants that redirect victims to spoofed download sites. Once users click through, a scheduled task silently retrieves […] The post Hackers Using PUP Advertisements to Silently Drop Windows Malware appeared first on Cyber Security News.