Malware operators continue exploiting the Windows Screensaver (.scr) file format to distribute malicious payloads, leveraging its executable nature under the guise of harmless system files. Recent campaigns observed by cybersecurity researchers reveal advanced tactics targeting global enterprises through sophisticated phishing…
Tag: Cyber Security News
AI Outperformed Elite Red Teams in Creating an Effective Spear Phishing Attack
AI-powered spear phishing agents have surpassed elite human red teams in crafting socially engineered attacks as recently revealed. From 2023 to 2025, AI’s effectiveness relative to humans improved by 55%, marking a paradigm shift in both offensive and defensive cybersecurity…
Threat Actors Leveraging Toll Payment Services in Massive Hacking Attack
A sophisticated cybercriminal operation has emerged targeting toll payment services across multiple regions, with evidence suggesting this campaign will continue expanding globally. The attack, characterized by highly convincing SMS phishing (smishing) messages, has already reached millions of consumers who use…
Threat Actors Leveraging VPS Hosting Providers to Deliver Malware & Evade Detection
A sophisticated malware campaign distributing the Grandoreiro banking trojan has been targeting users in Mexico, Argentina, and Spain through elaborate phishing emails impersonating tax agencies. The attack leverages a multi-stage infection chain that begins with fraudulent government notifications claiming recipients…
SpyCloud Research Shows that EDR & Antivirus Solutions Miss Two-Thirds (66%) of Malware Infections
Deep visibility into malware-siphoned data can help close gaps in traditional defenses before they evolve into major cyber threats like ransomware and account takeover SpyCloud, the leading identity threat protection company, today released new analysis of its recaptured darknet data…
ToddyCat Hackers Exploit ESET’s Command Line Scanner Vulnerability to Evade Detection
ToddyCat, the notorious APT group, used a sophisticated attack strategy to stealthily deploy malicious code in targeted systems by exploiting a weakness in ESET’s command line scanner. The vulnerability, now tracked as CVE-2024-11859, allowed attackers to bypass security monitoring tools…
Everest Ransomware Gang Leak Site Hacked and Defaced
The Everest ransomware gang, a Russia-linked cybercriminal organization, faced an unexpected setback this weekend when its dark web leak site was hacked and defaced. The site, typically used to publish stolen data as part of the gang’s extortion tactics, was…
New Black-Hat Automated Hacking Tool Xanthorox AI Advertised in Hacker Forums
A new malicious AI platform named Xanthorox AI has emerged, positioning itself as a friendly tool for hackers. First spotted in late Q1 2025, Xanthorox AI is being promoted in underground cybercrime forums as a modular, self-hosted solution for automated…
20-Year-Old Scattered Spider Hacker Pleads Guilty Of Sophisticated Ransomware Attacks
A 20-year-old Florida man identified as a key member of the notorious “Scattered Spider” cybercriminal collective has pleaded guilty to orchestrating sophisticated ransomware attacks and cryptocurrency theft schemes targeting major corporations. Noah Urban, also known by aliases “King Bob” and…
Dell PowerProtect Systems Vulnerability Let Remote Attackers Execute Arbitrary Commands
A significant security vulnerability in Dell Technologies PowerProtect Data Domain systems has been identified that could allow authenticated users to execute arbitrary commands with root privileges, potentially compromising critical data protection infrastructure. Dell has released remediation patches to address this…