KimJongRAT Attacking Windows Users via Weaponized .hta Files to Steal Logins
A new remote access trojan dubbed KimJongRAT has surfaced, posing a severe threat to Windows users. This sophisticated malware is believed to be orchestrated by…
Category: CyberSecurityNews
Bloody Wolf Hackers Mimic as Government Agencies to Deploy NetSupport RAT via Weaponized PDF’s
A sophisticated Advanced Persistent Threat group known as Bloody Wolf has intensified its cyber espionage operations across Central Asia, targeting government and private sectors. Since…
Hackers Registered 2,000+ Fake Holiday-Themed Online Stores to Steal User Payments
With the holiday shopping season kicking into high gear, a massive cybersecurity threat has emerged, putting online shoppers at significant risk. A coordinated campaign has…
Microsoft Confirms New Outlook Bug Blocking Excel Attachments
Microsoft has acknowledged a frustrating new issue affecting users of the “new Outlook” for Windows, where Excel attachments fail to open if their filenames contain…
TangleCrypt Windows Packer with Ransomware Payloads Evades EDR Using ABYSSWORKER Driver
A newly discovered Windows malware packer named TangleCrypt has emerged as a serious threat in ransomware attacks, specifically designed to evade endpoint detection and response…
OpenAI Codex CLI Command Injection Vulnerability Let Attackers Execute Arbitrary Commands
OpenAI has patched a command injection flaw in its Codex CLI tool that allowed attackers to execute arbitrary commands on developers’ machines simply by getting…
4.3 Million Chrome and Edge Users Hacked in 7-Year ShadyPanda Malware Campaign
“ShadyPanda,” a sophisticated threat actor responsible for a seven-year campaign that has successfully infected 4.3 million Chrome and Edge users. By exploiting the inherent trust…
Hackers are Moving to “Living Off the Land” Techniques to Attack Windows Systems Bypassing EDR
Cybercriminals have found a more effective method to compromise Windows computers while evading detection by security software. Ivan Spiridonov observed that uploading malicious tools, hackers…
Microsoft Azure API Management Flaw Enables Cross-Tenant Account Creation, Bypassing Admin Restrictions
A critical security vulnerability in Microsoft Azure API Management (APIM) Developer Portal enables attackers to register accounts across different tenant instances, even when administrators have…
Tomiris Hacker Group Added New Tools and Techniques to Attack Organizations Globally
The Tomiris hacker group has resurfaced with a sophisticated campaign targeting foreign ministries and government entities worldwide. Beginning in early 2025, this advanced persistent threat…
Mystery OAST With Exploit for 200 CVEs Leveraging Google Cloud to Launch Attacks
A new threat has emerged in the cybersecurity landscape as security experts discover a private Out-of-Band Application Security Testing (OAST) service operating on Google Cloud…
APT36 Hackers Used Python-Based ELF Malware to Target Indian Government Entities
Pakistan-based threat actor APT36, also known as Transparent Tribe, has launched a sophisticated cyber-espionage campaign against Indian government institutions using a newly developed Python-based ELF…