embedded
-
December 1, 2025
APT36 Deploys Python-Based ELF Malware in Targeted Attacks on Indian Government Agencies
Pakistan-linked cyberespionage group APT36 (Transparent Tribe) has escalated its campaign against Indian government institutions with the deployment of sophisticated Python-based…
Read More » -
November 28, 2025
Quttera Launches “Evidence-as-Code” API to Automate Security Compliance for SOC 2 and PCI DSS v4.0
New API capabilities and AI-powered Threat Encyclopedia eliminate manual audit preparation, providing real-time compliance evidence and instant threat intelligence Quttera…
Read More » -
November 26, 2025
A Novel Exploit Leveraging URL Fragments To Deceive AI Browsers
Security researchers at Cato CTRL have uncovered HashJack. This innovative indirect prompt-injection attack hides harmful commands in the fragment portion…
Read More » -
November 25, 2025
Detego Global Launches Case Management Platform for Digital Forensics and Incident Response Teams
Horsham, United Kingdom, November 25th, 2025, CyberNewsWire Detego Global, the company behind the award-winning Unified Digital Forensics Platform, is proud…
Read More » -
November 25, 2025
Microsoft Warns of Security Risks in New Agentic AI Feature
Microsoft is sounding the alarm on critical security considerations as it introduces agentic AI capabilities to Windows through experimental features…
Read More » -
November 24, 2025
Zapier’s NPM Account Hacked, Multiple Packages Infected with Malware
Zapier’s NPM account has been successfully compromised, leading to the injection of the Shai Hulud malware into 425 packages currently…
Read More » -
November 23, 2025
Tycoon2FA Launches Nearly 1 Million Attacks Targeting Office 365 Accounts
Tycoon2FA, a sophisticated phishing-as-a-service platform tracked by Microsoft as Storm-1747, has emerged as the dominant threat targeting Office 365 accounts…
Read More » -
November 11, 2025
Ferocious Kitten APT Uses MarkiRAT for Keystroke and Clipboard Surveillance
Ferocious Kitten, a covert cyber-espionage group active since at least 2015, has emerged as a persistent threat to Persian-speaking dissidents…
Read More » -
November 11, 2025
Android Users Hit by Malware Disguised as Relaxation Programs
A sophisticated new cyberattack targeting Android devices in South Korea has been uncovered, leveraging Google’s asset-tracking feature, Find Hub, to…
Read More » -
November 9, 2025
Weaponized Videos Trigger Self-Infection Tactics
ClickFix attacks have surged dramatically over the past year, cementing their position as pivotal tools in the modern attacker’s arsenal.…
Read More » -
November 8, 2025
New “LANDFALL” Android Malware Uses Samsung 0-Day Vulnerability Hidden in WhatsApp Images
Cybersecurity researchers at Unit 42 have uncovered a sophisticated Android spyware campaign that exploited a previously unknown zero-day vulnerability in…
Read More » -
November 7, 2025
Over 15 Malicious npm Packages Exploiting Windows to Deploy Vidar Malware
Datadog Security Research has uncovered a sophisticated supply chain attack targeting the npm ecosystem, involving 17 malicious packages across 23…
Read More » -
October 28, 2025
New GhostGrab Android Malware Silently Steals Banking Login Details and Intercept SMS for OTPs
A sophisticated new Android malware family called GhostGrab is actively targeting mobile users with a dual-monetization strategy that combines covert…
Read More » -
October 26, 2025
CISA Beware! Hackers Are Actively Exploiting Windows Server Update Services RCE Flaw in the Wild
Cybersecurity researchers are sounding the alarm after discovering that hackers are actively exploiting a critical remote code execution (RCE) vulnerability…
Read More » -
October 24, 2025
Phishing Campaign Uses Unique UUIDs to Evade Secure Email Gateways
A sophisticated new phishing attack discovered in early February 2025 is successfully bypassing Secure Email Gateways (SEGs) and evading perimeter…
Read More » -
October 23, 2025
Caminho Malware Loader Conceals .NET Payloads inside Images via LSB Steganography
Cybersecurity researchers at Arctic Wolf Labs have uncovered a cunning new threat dubbed Caminho, a Brazilian Loader-as-a-Service (LaaS) that’s turning…
Read More » -
October 23, 2025
Injecting Malicious Code into RMClient to Evade EDR
CyberProof researchers detected a significant surge in Remcos (Remote Control & Surveillance Software) campaigns throughout September and October 2025, exploiting…
Read More » -
October 21, 2025
Microsoft 365 Copilot Flaw Lets Hackers Steal Sensitive Data via Indirect Prompt Injection
A vulnerability in Microsoft 365 Copilot allowed attackers to trick the AI assistant into fetching and exfiltrating sensitive tenant data…
Read More » -
October 20, 2025
Winos 4.0 Malware Uses Weaponized PDFs Posing as Government Departments to Infect Windows Machines
Security researchers are tracking a high-severity malware campaign that uses weaponized PDF files to distribute the Winos 4.0 malware. The…
Read More » -
October 17, 2025
Fake ‘LastPass Hack’ Emails Spreading Malware
A new phishing campaign impersonating LastPass is circulating today, October 13, 2025, aiming to deceive users into downloading malicious desktop…
Read More »