Lazarus Group’s Famous Chollima unit has been caught “live on camera” running its remote IT worker scheme, after researchers funneled its operatives into fake laptops that were actually long‑running sandbox environments under full surveillance. The investigation exposes in unprecedented detail how North Korean operators use identity theft, rented identities, and off‑the‑shelf tools to embed themselves […]
The post Lazarus Group’s IT Workers Scheme Hacker Group Caught Live On Camera appeared first on Cyber Security News.
Coro announced the latest release of its unified platform. Coro 3.7 introduces user interface enhancements designed to accelerate remediation and streamline security management for SMBs. Coro has further refined its Actionboard, equipping IT professionals with essential information while minimizing unnecessary distractions. “Coro 3.7 continues our mission to make robust security accessible to resource-constrained lean IT teams through enhanced usability and accelerated remediation,” said Joe Sykora, CEO of Coro. “Our redesigned Actionboard and Workspace Health Score … More →
The post Coro 3.7 rolls out redesigned Actionboard, unified ticketing, and AI insights appeared first on Help Net Security.
Cybercriminals have discovered a clever way to slip malware onto job seekers’ computers by disguising malicious files as legitimate recruitment documents. A new campaign called ValleyRAT targets people actively searching for employment through email messages containing fake job offers and company materials. The attack spreads through compressed archive files with names designed to seem professional, […]
The post Threat Actors Leveraging Foxit PDF Reader to Gain System Control and Steal Sensitive Data appeared first on Cyber Security News.
A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, infecting 4.3 million Chrome and Edge users with RCE malware and spyware.
The post ShadyPanda’s Years-Long Browser Hack Infected 4.3 Million Users appeared first on Security Boulevard.
A comprehensive phishing operation began targeting Indian companies in November 2025 by impersonating the Income Tax Department of India. The campaign employed remarkably authentic government communication templates, bilingual messaging in Hindi and English, and legal references to sections of the Income Tax Act to create a sense of legitimacy and urgency. The emails warned recipients […]
The post New Phishing Attack Mimic as Income Tax Department of India Delivers AsyncRAT appeared first on Cyber Security News.
Multiple critical zero‑day vulnerabilities in PickleScan, a popular open‑source tool used to scan machine learning models for malicious code. PickleScan is widely used in the AI world, including by Hugging Face, to check PyTorch models saved with Python’s pickle format. Pickle is flexible but dangerous, because loading a pickle file can run arbitrary Python code. That means a model […]
The post PickleScan 0-Day Vulnerabilities Enable Arbitrary Code Execution via Malicious PyTorch Models appeared first on Cyber Security News.
A critical vulnerability (CVE-2025-55182) in React Server Components (RSC) may allow unauthenticated attackers to achieve remote code exection on the application server, the React development team warned on Wednesday. The maximum-severity vulnerability was privately reported by Lachlan Davidson and has been fixed. At this moment, there are no public reports of it being exploited by attackers and no confirmed public PoC exploits (for now). Nevertheless, affected users have been advised to upgrade to a non-vulnerable … More →
The post Max-severity vulnerability in React, Node.js patched, update ASAP (CVE-2025-55182) appeared first on Help Net Security.