Cyber Security News

A sophisticated malware campaign dubbed “Efimer” has emerged as a significant threat to cryptocurrency users worldwide, employing a multi-vector approach that combines compromised WordPress websites, malicious torrents, and deceptive email campaigns. First detected in October 2024, this ClipBanker-type Trojan has evolved from a simple cryptocurrency stealer into a comprehensive malicious infrastructure capable of self-propagation and […]

The post Huge Wave of Malicious Efimer Malicious Script Attack Users via WordPress Sites, Malicious Torrents, and Email appeared first on Cyber Security News.

A sophisticated cybercriminal enterprise operating over 5,000 fraudulent online pharmacy websites has been exposed in a comprehensive investigation, revealing one of the largest pharmaceutical fraud networks ever documented. This massive operation, orchestrated by a single threat actor group, targets vulnerable individuals seeking prescription medications through deceptive digital storefronts that mimic legitimate pharmaceutical retailers. The fraudulent […]

The post 5,000+ Fake Online Pharmacies Websites Selling Counterfeit Medicines appeared first on Cyber Security News.

Researchers have disclosed a series of critical zero-day vulnerabilities that completely bypass Windows BitLocker encryption, allowing attackers with physical access to extract all protected data from encrypted devices in a matter of minutes. The research, conducted by Alon Leviev and Netanel Ben Simon from Microsoft’s Security Testing & Offensive Research at Microsoft (STORM) team, exposes […]

The post BitUnlocker – Multiple 0-days to Bypass BitLocker and Extract All Protected Data appeared first on Cyber Security News.

A sophisticated information-stealing malware campaign has emerged, utilizing advanced obfuscation techniques and multiple infection vectors to evade traditional security controls. The DarkCloud Stealer, first documented in recent threat intelligence reports, represents a significant evolution in cybercriminal tactics, employing a complex multi-stage delivery mechanism that begins with seemingly innocuous archive files and culminates in the deployment […]

The post DarkCloud Stealer Employs New Infection Chain and ConfuserEx-Based Obfuscation appeared first on Cyber Security News.

Over 28,000 unpatched Microsoft Exchange servers are exposed on the public internet and remain vulnerable to a critical security flaw designated CVE-2025-53786, according to new scanning data released on August 7, 2025, by The Shadowserver Foundation. The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 25-02 on August 7, mandating federal agencies to address […]

The post 28,000+ Microsoft Exchange Servers Vulnerable to CVE-2025-53786 Exposed Online appeared first on Cyber Security News.

A sophisticated new malware framework named CastleBot has emerged as a significant threat to cybersecurity, operating as a Malware-as-a-Service (MaaS) platform that enables cybercriminals to deploy diverse malicious payloads ranging from infostealers to backdoors linked to ransomware attacks. First appearing in early 2025, the malware has demonstrated remarkable adaptability and technical sophistication, with activity levels […]

The post CastleBot Malware-as-a-Service Deploys Range of Payloads Linked to Ransomware Attacks appeared first on Cyber Security News.

A sophisticated new variant of the DarkCloud information stealer has emerged in the cyberthreat landscape, targeting Windows users through carefully crafted phishing campaigns designed to harvest sensitive credentials and financial information. This fileless malware variant represents a significant evolution in stealer technology, employing advanced evasion techniques and multi-stage deployment mechanisms that make detection particularly challenging […]

The post New Windows-Based DarkCloud Stealer Attacking Computers to Steal Login Credentials and Financial Data appeared first on Cyber Security News.

Critical security flaws in Axis Communications’ surveillance infrastructure have left over 6,500 organizations worldwide vulnerable to sophisticated cyberattacks, with potential impacts spanning government agencies, educational institutions, and Fortune 500 companies. The Swedish security camera manufacturer’s popular video surveillance products contain four distinct vulnerabilities that could allow attackers to gain complete control over camera networks and […]

The post Axis Camera Server Vulnerabilities Exposes Thousands of Organizations to Attack appeared first on Cyber Security News.

The notorious VexTrio traffic distribution system (TDS) has expanded its cybercriminal operations beyond traditional web-based scams to include the development and distribution of malicious mobile applications designed to masquerade as legitimate VPN services..This sophisticated threat actor, which has maintained a dominant presence in the malicious advertising ecosystem since 2015, is now leveraging app stores to […]

The post VexTrio TDS System Developing Several Malicious Apps Mimic as VPNs to Publish in Google Play and App Store appeared first on Cyber Security News.

U.S. authorities have announced the successful dismantling of the BlackSuit ransomware operation, a notorious group linked to attacks on more than 450 organizations worldwide. The operation, led by Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI), involved seizing servers, domains, and digital assets used for deploying ransomware, extorting victims, and laundering illicit profits. BlackSuit, […]

The post US Confirms Shutdown of BlackSuit Ransomware That Hacked Over 450 Organizations appeared first on Cyber Security News.

In recent months, security researchers have uncovered a novel attack vector targeting Python package installers through ambiguities in the ZIP archive format. By exploiting discrepancies between local file headers and the central directory, malicious actors can craft seemingly benign wheel distributions that, when unpacked by vulnerable installers, silently smuggle unauthorized files into the target environment. […]

The post PyPI Released Advisory to Prevent ZIP Parser Confusion Attacks on Python Package Installers appeared first on Cyber Security News.

Columbia University has disclosed a major cybersecurity incident where an unauthorized third party accessed and extracted a significant volume of personal and financial data. The breach, which affects a vast number of individuals connected to the university, was discovered following a technical outage in late June. According to a notice sent by the university, the […]

The post Columbia University Data Breach – Hackers Stolen 870,000 Individuals Personal and Financial Data appeared first on Cyber Security News.

Threat actors began slipping malicious code into legitimate RubyGems packages, disguising infostealers as social media automation tools in early 2023. Over the past two years, attackers operating under aliases such as zon, nowon, kwonsoonje, and soonje have published more than 60 gems that deliver promised automation features—bulk posting, engagement amplification, and backlink creation—while covertly harvesting […]

The post RubyGems Malware Attack Weaponizes 60+ Packages to Steal Credentials from Social Media and Marketing Tools appeared first on Cyber Security News.

A sophisticated new technique that exploits the Windows Private Character Editor to bypass User Account Control (UAC) and achieve privilege escalation without user intervention, raising significant concerns for system administrators worldwide. The attack disclosed by Matan Bahar leverages eudcedit.exeMicrosoft’s built-in Private Character Editor, located in C:\Windows\System32, which was originally designed to create and edit End-User […]

The post Windows User Account Control Bypassed Using Character Editor to Escalate Privileges appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a sophisticated malware campaign targeting the Go ecosystem through eleven malicious packages that employ advanced obfuscation techniques to deliver second-stage payloads. The campaign demonstrates a concerning evolution in supply chain attacks, leveraging the decentralized nature of Go’s module system to distribute malicious code that can compromise both Linux build servers and […]

The post Threat Actors Weaponize Malicious Gopackages to Deliver Obfuscated Remote Payloads appeared first on Cyber Security News.

A sophisticated technique dubbed “ECScape” that allows malicious containers running on Amazon Elastic Container Service (ECS) to steal AWS credentials from other containers sharing the same EC2 instance. The discovery highlights critical isolation weaknesses in multi-tenant ECS deployments and underscores the security advantages of AWS Fargate’s micro-VM architecture. The technique, developed by security researcher Naor […]

The post ECScape: Exploiting ECS Protocol on EC2 to Exfiltrate Cross-Task IAM and Execution Role Credentials appeared first on Cyber Security News.

A sophisticated cybercriminal operation known as GreedyBear has orchestrated one of the most extensive cryptocurrency theft campaigns to date, deploying over 650 malicious tools across multiple attack vectors to steal more than $1 million from unsuspecting victims. Unlike traditional threat groups that typically specialize in single attack methods, GreedyBear has adopted an industrial-scale approach, simultaneously […]

The post Biggest Ever GreedyBear Attack With 650 Hacking Tools Stolen $1 Million from Victims appeared first on Cyber Security News.

OpenAI has officially launched ChatGPT-5, a new generation of its AI agent that introduces a sophisticated, unified system designed to be faster, more intelligent, and significantly more useful for real-world applications. This release marks a significant evolution from its predecessors, offering a suite of models tailored for different tasks and complexities. At the core of […]

The post ChatGPT-5 Released: What’s New With the Next-Generation AI Agent appeared first on Cyber Security News.

CISA has issued an emergency advisory directing all Federal Civilian Executive Branch agencies to mitigate a newly disclosed Microsoft Exchange urgently hybrid-joined vulnerability, tracked as CVE-2025-53786, by 9:00 AM EDT on Monday, August 11, 2025. The flaw enables attackers who have already gained administrative access to an on‑premises Exchange server to laterally move into connected […]

The post CISA Releases Emergency Advisory Urges Feds to Patch Exchange Server Vulnerability by Monday appeared first on Cyber Security News.

A new and custom firmware for the popular Flipper Zero multi-tool device is reportedly capable of bypassing the rolling code security systems used in most modern vehicles, potentially putting millions of cars at risk of theft. Demonstrations by the YouTube channel “Talking Sasquach” reveal that the firmware, said to be circulating on the dark web, […]

The post Flipper Zero ‘DarkWeb’ Firmware Bypasses Rolling Code Security on Major Vehicle Brands appeared first on Cyber Security News.