Aggregator

A sophisticated attack is targeting Windows Server systems using Prometei, a Russian-linked botnet that has been active since 2016. This multi-functional malware combines cryptocurrency mining, credential theft, and remote-control capabilities to maintain long-term access to compromised systems. The Prometei botnet infiltrates systems by exploiting weak or default credentials via Remote Desktop Protocol (RDP). Once attackers […]

The post Prometei Botnet Attacking Windows Server to Gain Remote Access and Deploy Malware appeared first on Cyber Security News.

A severe sandbox escape vulnerability has been discovered in the JavaScript library, enabling attackers to execute arbitrary code on host systems. The flaw, tracked as CVE-2026-25881 with a critical CVSS score of 8.3/10, affects all versions up to 0.8.30 and has been patched in version 0.8.31. The vulnerability exploits a weakness in SandboxJS’s protection mechanism. […]

The post Critical SandboxJS Vulnerability Allows Remote Host Takeover – PoC Released appeared first on Cyber Security News.

Cybercriminals have developed a sophisticated attack campaign that exploits user trust in artificial intelligence platforms to distribute the Atomic macOS Stealer (AMOS), marking a dangerous evolution in social engineering tactics. This new threat combines legitimate AI chatbot services from ChatGPT and Grok with paid Google advertising to lure unsuspecting Mac users into executing malicious terminal […]

The post Threat Actors Weaponize ChatGPT, Grok and Leverages Google Ads to Distribute macOS AMOS Stealer appeared first on Cyber Security News.

You must login to view this content