Cyber Security News

A sophisticated cyberespionage campaign targeting foreign embassies in Moscow has been uncovered, revealing the deployment of a custom malware strain designed to manipulate digital trust mechanisms. The Russian state-sponsored threat group Secret Blizzard has been orchestrating an adversary-in-the-middle operation since at least 2024, utilizing their position within internet service provider infrastructure to deploy the ApolloShadow […]

The post Secret Blizzard Group’s ApolloShadow Malware Install Root Certificates on Devices to Trust Malicious Sites appeared first on Cyber Security News.

Cybercriminals are increasingly sophisticated in their phishing attacks, with threat actors now leveraging compromised email accounts from trusted sources to bypass security controls and enhance campaign legitimacy. Recent incident response data reveals phishing remains a dominant attack vector, accounting for one-third of all security engagements in Q2 2025, despite declining from the previous quarter’s 50 […]

The post Threat Actors Leverage Compromised Email Accounts for Targeted Phishing Attacks appeared first on Cyber Security News.

Trend Micro’s Zero Day Initiative (ZDI) announces an unprecedented $1,000,000 bounty for a zero-click remote code execution (RCE) exploit targeting WhatsApp at the upcoming Pwn2Own Ireland 2025 competition.  This record-breaking reward, co-sponsored by Meta, represents the largest single payout in the contest’s history and underscores the critical importance of securing the world’s most popular messaging […]

The post $1,000,000 for WhatsApp 0-Click RCE Exploit at Pwn2Own Ireland 2025 appeared first on Cyber Security News.

CISA released two high-severity Industrial Control Systems (ICS) advisories on July 31, 2025, highlighting critical vulnerabilities in widely deployed industrial equipment that could enable remote attackers to manipulate critical infrastructure systems.  The flaws affect seismic monitoring devices and virtualized industrial systems used across global critical manufacturing sectors. Key Takeaways1. CISA issued advisories for Güralp seismic […]

The post CISA Issues ICS Advisories for Rockwell Automation Using VMware, and Güralp Seismic Monitoring Systems appeared first on Cyber Security News.

The latest wave of credential-phishing campaigns has revealed an unexpectedly convenient ally for threat actors: the very e-mail security suites meant to protect users. First observed in late July 2025, multiple phishing clusters began embedding malicious URLs inside the legitimate link-wrapping services of Proofpoint’s Protect platform (https://urldefense.proofpoint.com/v2/url?u=) and Intermedia’s LinkSafe (https://safe.intermedia.net/?u=). Because corporate filters already […]

The post Threat Actors Abuse Proofpoint’s and Intermedia’s Link Wrapping Features to Hide Phishing Payloads appeared first on Cyber Security News.

Microsoft has significantly enhanced its .NET bounty program, announcing substantial updates that expand the program’s scope, streamline award structures, and provide greater incentives for cybersecurity researchers.  The enhanced program now offers rewards of up to $40,000 USD for identifying critical vulnerabilities within the .NET ecosystem, representing a major commitment to strengthening the security framework of […]

The post Microsoft Upgrades .NET Bounty Program with Rewards to Researchers Up to $40,000 appeared first on Cyber Security News.

ChatGPT shared conversations are being indexed by major search engines, effectively turning private exchanges into publicly discoverable content accessible to millions of users worldwide. The issue first came to light through investigative reporting by Fast Company, which revealed that nearly 4,500 ChatGPT conversations were appearing in Google search results. The discovery was made using a […]

The post Search Engines are Indexing ChatGPT Conversations! – Here is our OSINT Research appeared first on Cyber Security News.

A sophisticated attack technique was uncovered where cybercriminals exploit free trials of Endpoint Detection and Response (EDR) software to disable existing security protections on compromised systems.  This method, dubbed BYOEDR (Bring Your Own EDR), represents a concerning evolution in defense evasion tactics that leverage legitimate security tools as weapons against themselves. Key Takeaways1. Attackers use […]

The post Hackers Weaponizing Free Trials of EDR to Disable Existing EDR Protections appeared first on Cyber Security News.

Palo Alto Networks’ Unit 42 threat research team has introduced a groundbreaking systematic approach to threat actor attribution, addressing longstanding challenges in cybersecurity intelligence analysis. The Unit 42 Attribution Framework, unveiled on July 31, 2025, transforms what has traditionally been considered “more art than science” into a structured methodology for analyzing and categorizing cyber threats. […]

The post Unit 42 Unveils Attribution Framework to Classify Threat Actors Based on Activity appeared first on Cyber Security News.

A sophisticated cyber campaign leveraging legitimate Remote Monitoring and Management (RMM) tools has emerged as a significant threat to European organizations, particularly those in France and Luxembourg. Since November 2024, threat actors have been deploying carefully crafted PDF documents containing embedded links to RMM installers, effectively bypassing traditional email security measures and malware detection systems. […]

The post Threat Actors Embed Malicious RMM Tools to Gain Silent Initial Access to Organizations appeared first on Cyber Security News.

Singapore’s cybersecurity landscape faced a significant challenge in July 2025 when Coordinating Minister K. Shanmugam disclosed that the nation was actively defending against UNC3886, a highly sophisticated Advanced Persistent Threat (APT) group targeting critical infrastructure. The revelation, announced during the Cyber Security Agency’s 10th anniversary celebration, marked a rare public acknowledgment of an ongoing cyber […]

The post Navigating APTs – Singapore’s Cautious Response to State-Linked Cyber Attacks appeared first on Cyber Security News.

A sophisticated malware campaign has emerged targeting unsuspecting users through weaponized versions of popular online tools, particularly Google Translate interfaces. The Silver Fox threat actors have developed an intricate attack chain that leverages social engineering tactics to deliver the notorious Winos Trojan, representing a significant evolution in malware distribution techniques that exploit users’ trust in […]

The post Silver Fox Hackers Using Weaponized Google Translate Tools to Deploy Windows Malware appeared first on Cyber Security News.

The cybersecurity landscape continues to evolve as ransomware groups adopt increasingly sophisticated tactics to maximize their financial gains. The TrickBot malware family has emerged as a central component in a massive cryptocurrency extortion scheme, with ransomware-as-a-service (RaaS) groups leveraging this versatile banking trojan to facilitate attacks worth over US$724 million in cryptocurrency. TrickBot, originally designed […]

The post Ransomware Groups Using TrickBot Malware to Exfiltrate US$724 Million in Cryptocurrency appeared first on Cyber Security News.

A sophisticated espionage campaign orchestrated by the North Korea-backed Lazarus Group has successfully infiltrated open source software ecosystems on an unprecedented scale, transforming trusted developer tools into weapons of cyber espionage. The campaign represents a strategic evolution in state-sponsored cyber warfare, embedding malicious code directly within popular package registries and turning the foundation of modern […]

The post North Korean APT Hackers Poison CI/CD Pipelines To Exfiltrate Sensitive Data appeared first on Cyber Security News.

A sophisticated cyberattack campaign targeting the Russian IT industry has emerged, demonstrating how threat actors are increasingly leveraging legitimate online platforms to distribute the notorious Cobalt Strike Beacon malware. The campaign, which peaked during November and December 2024 and continued through April 2025, represents a significant evolution in attack methodology, utilizing popular social media platforms […]

The post Hackers Delivering Cobalt Strike Beacon Leveraging GitHub and Social Media appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with Sandia National Laboratories, today announced the public release of Thorium, a highly scalable and distributed platform designed for automated file analysis and result aggregation. The new tool aims to significantly enhance the capabilities of cybersecurity teams by automating complex analysis workflows and integrating a wide […]

The post CISA Open-sources Malware and Forensic Analysis Tool Thorium to Public Availability appeared first on Cyber Security News.

In 2025, modernizing outdated IT infrastructure is key for organizations aiming to stay competitive, secure, and scalable.  Finding a reliable partner is not easy, so for this guide, we’ve prepared the list of the 5 best IT infrastructure modernisation services in 2025, selected through a thorough evaluation of service breadth, technical expertise, pricing transparency, and […]

The post 5 Best IT Infrastructure Modernisation Services In 2025 appeared first on Cyber Security News.

A massive exposure of Microsoft SharePoint servers to internet-based attacks has been identified, with over 17,000 servers exposed and 840 specifically vulnerable to the critical zero-day vulnerability CVE-2025-53770, according to new findings from Shadowserver Foundation. The vulnerability, dubbed “ToolShell” by researchers, carries a critical CVSS score of 9.8 and allows unauthenticated attackers to execute arbitrary […]

The post 17K+ SharePoint Servers Exposed to Internet – 840 Servers Vulnerable to 0-Day Attacks appeared first on Cyber Security News.

North Korean threat actors have evolved their cybercriminal operations into a sophisticated digital deception campaign that has successfully siphoned at least $88 million USD from organizations worldwide. These operatives, masquerading as legitimate freelance developers, IT staff, and contractors, have exploited the global shift toward remote work to embed themselves within trusted corporate workflows. The campaign […]

The post Researchers Detailed North Korean Threat Actors Technical Strategies to Uncover Illicit Access appeared first on Cyber Security News.

Cybersecurity researchers have uncovered more than 10 patents for highly intrusive forensics and data collection technologies filed by Chinese companies directly linked to state-sponsored hacking operations, according to a new report from SentinelLABS released this week. The patents, registered by firms named in recent U.S. Department of Justice indictments, detail sophisticated offensive capabilities including encrypted […]

The post Chinese Companies Linked With Hackers Filed Patents Over 10+ Forensics and Intrusion Tools appeared first on Cyber Security News.