The notorious APT-C-24 threat actor group, commonly known as Sidewinder or Rattlesnake, has evolved its attack methodology by deploying sophisticated LNK file-based phishing campaigns targeting government, energy, military, and mining sectors across South Asia. Active since 2012, this advanced persistent…
Category: Cyber Security News
K2 Think AI Model Jailbroken Within Hours After The Release
Within mere hours of its public unveiling, the K2 Think model experienced a critical compromise that has sent ripples throughout the cybersecurity community. The newly launched reasoning system, developed by MBZUAI in partnership with G42, was designed to offer unprecedented…
Samsung Zero-Day Vulnerability Actively Exploited to Execute Remote Code
Samsung has released its September 2025 security update, addressing a critical zero-day vulnerability that is being actively exploited in the wild. The patch resolves a total of 25 Samsung Vulnerabilities and Exposures (SVEs), alongside fixes from Google and Samsung Semiconductor,…
New ToneShell Backdoor With New Features Leverage Task Scheduler COM Service for Persistence
Since its first appearance earlier this year, the ToneShell backdoor has demonstrated a remarkable capacity for adaptation, toyed with by the Mustang Panda group to maintain an enduring foothold in targeted environments. This latest variant, discovered in early September, arrives…
Scattered LAPSUS$ Hunters 4.0 Announced That Their Going Dark Permanently
A sudden and definitive statement emerged from the “Scattered LAPSUS$ Hunters 4.0” Telegram channel on September 8, signaling an abrupt end to their public operations. After months of high-profile campaigns targeting major corporations and critical infrastructure, the collective declared a…
New Clickfix Attack Promises “Free WiFi” But Delivers Powershell-Based Malware
The Cybersecuritynews researcher team uncovered a sophisticated social engineering campaign that is exploiting the public’s need for free internet access, using deceptive Wi-Fi portals to trick users into downloading and executing PowerShell-based malware. Dubbed the “Clickfix” attack, this method turns…
New HybridPetya Weaponizing UEFI Vulnerability to Bypass Secure Boot on Outdated Systems
In late July 2025, a series of ransomware samples surfaced on VirusTotal under filenames referencing the notorious Petya and NotPetya attacks. Unlike its predecessors, this new threat—dubbed HybridPetya by ESET analysts—exhibited capabilities that extended beyond conventional userland execution, directly targeting…
New Malware Using Azure Functions For Hosting Command And Control Infrastructure
A new, sophisticated malware campaign has been uncovered that leverages Microsoft’s Azure Functions for its command-and-control (C2) infrastructure, a novel technique that complicates detection and takedown efforts. According to the Dmpdump report, the malware, first identified from a file uploaded…
Microsoft Patch for Old Flaw Reveals New Kernel Address Leak Vulnerability in Windows 11/Server 2022 24H2
A new kernel address leak vulnerability has been discovered in the latest versions of Windows 11 (24H2) and Windows Server 2022 (24H2). The flaw, identified as CVE-2025-53136, was ironically introduced by a Microsoft patch intended to fix a separate vulnerability,…
New Clickfix Attack Promises “Free WiFi” But Deliver Powershell Based Malware
The Cybersecuritynews researcher team uncovered a sophisticated social engineering campaign that is exploiting the public’s need for free internet access, using deceptive Wi-Fi portals to trick users into downloading and executing PowerShell-based malware. Dubbed the “Clickfix” attack, this method turns…