A newly identified ransomware strain named Cephalus has emerged as a sophisticated threat, targeting organizations through compromised Remote Desktop Protocol (RDP) connections. The malware, which takes its name from Greek mythology referencing the son of Hermes who tragically killed his wife with an infallible javelin, represents a concerning evolution in ransomware deployment techniques. Cephalus distinguishes […] The post New Cephalus Ransomware Leverages Remote Desktop Protocol to Gain Initial Access appeared first on Cyber Security News.

China-based threat actor Mustang Panda has emerged as one of the most sophisticated cyber espionage groups operating in the current threat landscape, with operations dating back to at least 2014. This advanced persistent threat (APT) group has systematically targeted government entities, nonprofit organizations, religious institutions, and NGOs across the United States, Europe, Mongolia, Myanmar, Pakistan, […] The post China-based Threat Actor Mustang Panda’s Tactics, Techniques, and Procedures Unveiled appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a critical security flaw in Securden Unified PAM that allows attackers to completely bypass authentication mechanisms and gain unauthorized access to sensitive credentials and system functions. The vulnerability, designated as CVE-2025-53118 with a CVSS score of 9.4, represents one of four serious security issues discovered in the privileged access management solution […] The post Securden Unified PAM Vulnerability Let Attackers Bypass Authentication appeared first on Cyber Security News.

A sophisticated new variant of the Hook Android banking trojan has emerged with unprecedented capabilities that position it among the most advanced mobile malware families observed to date. This latest version, designated Hook Version 3, represents a significant evolution in Android banking malware sophistication, introducing a comprehensive arsenal of 107 remote commands with 38 newly […] The post New Hook Android Banking Malware With New Advanced Capabilities and Supports 107 Remote Commands appeared first on Cyber Security News.

A significant milestone for cybersecurity experts is the disclosure of specific tactics, methods, and procedures (TTPs) used by Mustang Panda, an advanced persistent threat (APT) group based in China, which has illuminated their intricate activities. F…

A sophisticated credential harvesting campaign has emerged targeting ScreenConnect cloud administrators with spear phishing attacks designed to steal super administrator credentials. The ongoing operation, designated MCTO3030, has maintained consistent tactics since 2022 while operating largely undetected through low-volume distribution strategies that send up to 1,000 emails per campaign run. The campaign specifically targets senior IT […] The post New Attack Targeting ScreenConnect Cloud Administrators to Steal Login Credentials appeared first on Cyber Security News.

Android’s open ecosystem has been both its greatest strength and a persistent security challenge. While sideloading offers developers and users unparalleled freedom, it has also become a vector for malicious actors to distribute malware masquerading as legitimate applications. Over the past year, Android Developers Blog analysts noted that malware delivered via internet-sideloaded sources outpaced Play […] The post Google to Add New Layer of Developer Verification to Distribute Apps on Play Store appeared first on Cyber Security News.