CYBER ATTACK

Iranian state-sponsored or affiliated threat actors may launch cyberattacks, according to U.S. cybersecurity and intelligence agencies. According to the agencies, there is currently no proof

A new espionage campaign has been revealed by the Security Service of Ukraine (SBU or SSU). It entails enlisting young Ukrainians for illegal activities under the pretense of "quest games." A

All advisory committee memberships have been terminated by the Department of Homeland Security. Members of the Cybersecurity and Infrastructure Security Agency's (CISA) Cyber Safety Review Bo

A common malware called Lumma is made to steal private data. Since 2022, it has been freely offered for sale on the Dark Web. A malicious program called XWorm allows hackers to take remote co

Since early January 2025, threat actors have been using the ClickFix technique to spread the NetSupport RAT remote access trojan. An updated version of the Lumma Stealer malware that uses the

Approximately 2,200 attacks are launched by hackers each day, meaning that someone is attempting to compromise a system every 39 seconds. These days, artificial intelligence (AI) systems are

There is more to this week's cybersecurity news than just headlines and hackers. It's about how we may not even be aware of how digital risks affect our lives. Hackers are positioning themsel

The FBI is urgently requesting public support for a worldwide investigation into sophisticated cyberattacks that target businesses and governmental organizations. Hacking groups supported by

Cyberattacks that targeted UK retailers Marks & Spencer and Co-op in April 2025 were categorized as a "single combined cyber event" Due to a lack of sufficient information regarding the cause

Gamaredon and Turla, two Russian hacking groups, are working together to target and co-compete with Ukrainian entities. Both organizations are thought to be connected to the Russian Federal S

An ongoing campaign that distributes a Windows spyware that has never been documented has targeted Russian organizations. According to cybersecurity vendor Kaspersky, the activity began in Ju

Earlier this year, a major U.S. organization was the target of a suspected Chinese threat actor. The malicious activity was first discovered on April 11, 2024, and it persisted until August.

RedDelta has targeted Vietnam, Cambodia, Taiwan, Mongolia, and Myanmar. A customized version of the PlugX backdoor is allegedly delivered by the China-nexus threat actor. The Communist Party

Online, thousands of personal records purportedly connected to athletes and Saudi Games attendees have been made public. According to cybersecurity firm Resecurity, database dumps from the br

Chinese-speaking areas like Hong Kong, Taiwan, and Mainland China have been the target of numerous cyberattacks. The ValleyRAT payload is delivered by the attacks using a multi-stage loader k

A credential phishing scheme only targets high-value targets by using real-time email validation. Additionally, details of an email phishing campaign that uses file deletion reminders as a lu

A number of phishing attacks have been connected to Kimsuky, a threat actor associated with North Korea. Sending emails from Russian sender addresses is a component of the attacks. The ultima

According to Palo Alto Networks, North Korean threat actors connected to Jumpy Pisces, APT45, and Andariel used Play. It is the first known instance of an underground ransomware network and a

Kaspersky: Ymir, a ransomware family, was used in an attack two days after RustyStealer, a stealer malware. It is thought that the ransomware was installed by gaining unauthorized access to t

FamousSparrow is connected to a cyberattack that targeted a Mexican research institute and a trade association in the United States. The threat actor launches a web shell on an Internet Infor

The Goot loader malware targets users who are looking into whether Bengal cats are legal in Australia. When victims search for specific terms, such as legal documents, the malware is installe

Telegram is used as a command-and-control (C2) communication mechanism in a new Golang-based backdoor. It may have Russian roots, according to Netskope Threat Labs. Malware is made to detect

A recent malware campaign uses a Linux virtual instance with a backdoor to infect Windows systems. Codenamed CRON#TRAP, the "intriguing" campaign begins with a malicious Windows shortcut (LNK

A new strain of Android banking malware has infected more than 1,500 Android devices. Threat actors can carry out fraudulent banking transactions thanks to ToxicPanda. The malware is thought

Microsoft is drawing attention to Storm-2372, an emerging threat cluster. Since August 2024, it has been linked to a fresh wave of cyberattacks targeting various industries. In Europe, North

Kaspersky: Lazarus Group took control of compromised devices by using a zero-day exploit. The vulnerability in question is CVE-2024-4947, a type confusion bug that Google fixed in the middle

Pay2Key is a ransomware-as-a-service (RaaS).Following the Israel-Iran-US conflict, I2P has reappeared. The financially motivated scheme is believed to be connected to a hacking group known as

According to a Russian cybersecurity vendor, the attacks have targeted 65 victims across 26 countries. The attack chains entail inserting keylogger code into the login page by taking advantag

Google alerts users to a security vulnerability affecting its Android operating system that is currently being actively exploited in the wild. A privilege escalation flaw in the Android Frame

Since May 2025, a new malware known as COLDRIVER—a hacking group with ties to Russia—has undergone multiple developmental iterations. The state-sponsored hacking team has quickly improved and