A sophisticated spear-phishing campaign orchestrated by Iranian-aligned operators has been identified targeting diplomatic missions worldwide through a compromised Ministry of Foreign Affairs of Oman mailbox. The attack, discovered in August 2025, represents a continuation of tactics associated with the Homeland Justice group connected to Iran’s Ministry of Intelligence and Security (MOIS). The campaign leveraged social […] The post Iran-Nexus Hackers Abuses Omani Mailbox to Target Global Governments appeared first on Cyber Security News.

A sophisticated network of Ukrainian-based autonomous systems has emerged as a significant cybersecurity threat, orchestrating large-scale brute-force and password-spraying attacks against SSL VPN and RDP infrastructure. Between June and July 2025, these malicious networks launched hundreds of thousands of coordinated attacks over periods lasting up to three days, targeting critical enterprise remote access systems. The […] The post Ukrainian Networks Launch Massive Brute-Force and Password-Spraying Campaigns Targeting SSL VPN and RDP Systems appeared first on Cyber Security News.

A newly discovered WhatsApp scam has begun circulating on messaging platforms, exploiting the popular device linking feature to seize full control of user accounts. The attack unfolds when recipients receive what appears to be a harmless message from a known contact, typically stating “Hi, I accidentally found your photo!” accompanied by a shortened URL. Once […] The post New WhatsApp Scam Alert Tricks Users to Get Complete Access to Your WhatsApp Chats appeared first on Cyber Security News.

A novel variant of the ClickFix attack has recently emerged, masquerading as a legitimate AnyDesk installer to spread the MetaStealer infostealer. This campaign exploits a fake Cloudflare Turnstile verification page to lure victims into executing a crafted Windows protocol handler, ultimately delivering a malicious MSI package disguised as a PDF. As organizations continue to harden […] The post New ClickFix Attack Mimic as AnyDesk Leverages Windows Search to Drop MetaStealer appeared first on Cyber Security News.

A sophisticated subgroup of the Lazarus threat actor has surfaced in recent months, deploying three distinct remote access trojans (RATs) across compromised financial and cryptocurrency organizations. Initial access has primarily been achieved via tailored social engineering campaigns on Telegram, where attackers impersonate legitimate employees of well-known trading firms. Victims are lured to counterfeit meeting websites, […] The post Lazarus Hackers Deploying Three RATs on Compromised Systems Possibly Using 0-Day Vulnerability appeared first on Cyber Security News.

A sophisticated Windows-based keylogger known as TinkyWinkey began surfacing on underground forums in late June 2025, targeting enterprise and individual endpoints with unprecedented stealth. Unlike traditional keylogging tools that rely on simple hooks or user-mode processes, TinkyWinkey leverages dual components—a Windows service and an injected DLL payload—to remain hidden while harvesting rich contextual data. The […] The post New TinkyWinkey Stealthily Attacking Windows Systems With Advanced Keylogging Capabilities appeared first on Cyber Security News.

A novel phishing campaign emerged in late August 2025 that specifically targeted hoteliers and vacation rental managers through malicious search engine advertisements. Rather than relying on mass email blasts or social media lures, attackers purchased sponsored ads on platforms such as Google Search, typosquatting legitimate service providers’ names to redirect unsuspecting users. By mimicking brands […] The post New Large-Scale Phishing Attacks Targets Hotelier Via Ads to Gain Access to Property Management Tools appeared first on Cyber Security News.

Cybercriminals are increasingly exploiting legitimate email marketing platforms to launch sophisticated phishing campaigns, leveraging the trusted reputation of these services to bypass security filters and deceive victims. This emerging threat vector represents a significant evolution in phishing tactics, where attackers abuse click-tracking domains and URL redirection services provided by established email marketing companies to mask […] The post Hackers Abuse Legitimate Email Marketing Platforms to Disguise Malicious Links appeared first on Cyber Security News.

Security researchers have observed an unprecedented surge in domain registrations in recent months, closely tied to the upcoming 2026 FIFA World Cup tournament. These domains, often masquerading as legitimate ticketing portals, merchandise outlets, or live-stream platforms, serve as precursors to a multifaceted cyber campaign designed to harvest credentials, distribute malware, and siphon financial data. Attackers […] The post Hackers Registering Domains to Launch Cyberattack Targeting 2026 FIFA World Cup Tournament appeared first on Cyber Security News.