A sophisticated malware campaign has emerged targeting the Python Package Index (PyPI) repository, with cybercriminals deploying weaponized packages designed to steal sensitive cloud infrastructure credentials and corporate data. The malicious package, identified as “chimera-sandbox-extensions,” represents a new breed of supply…
Tag: Cyber Security News
Hackers Can Hide Images in Text Data and Embeds Directly into DNS TXT Records
A novel method has emerged that demonstrates how digital images can be seamlessly embedded within DNS TXT records, effectively transforming domain name infrastructure into an unconventional image storage system. This innovative technique, dubbed “dnsimg,” represents a novel approach to data…
North Korean APT Hackers Attacking Ukrainian Government Agencies to Steal Login Credentials
North Korean advanced persistent threat (APT) groups have launched a sophisticated cyber campaign against Ukrainian government agencies, marking a significant departure from their traditional targeting patterns. This shift in focus represents a potentially strategic alignment with Russian interests, as North…
Threat Actors Using Fake Travel Websites to Infect Users’ PCs with XWorm Malware
A sophisticated cybercrime campaign has emerged targeting holiday travelers through meticulously crafted fake travel booking websites designed to mimic legitimate platforms like Booking.com. The operation, which gained significant momentum in the first quarter of 2025, represents an alarming evolution in…
Hackers Hijacked Discord Invite to Inject Malicious Links That Deliver AsyncRAT
Cybercriminals have developed a sophisticated attack campaign that exploits Discord’s invite system to distribute dangerous malware, including AsyncRAT remote access trojans and cryptocurrency-stealing software. The campaign leverages expired Discord invite codes and social engineering tactics to redirect unsuspecting users to…
Hackers Could Hide Images in Text Data and Embeds Directly into DNS TXT Records
A novel method has emerged that demonstrates how digital images can be seamlessly embedded within DNS TXT records, effectively transforming domain name infrastructure into an unconventional image storage system. This innovative technique, dubbed “dnsimg,” represents a novel approach to data…
Google Massive Cloud Outage Linked to API Management System
Google Cloud experienced one of its most significant outages in recent history on June 12, 2025, when a critical failure in its API management system brought down dozens of services worldwide for up to seven hours. The incident affected millions…
Anubis Ransomware With Wipe Mode That Permanently Erases File With No Recovery Option
A new ransomware-as-a-service operation has emerged in the cyberthreat landscape, introducing a devastating capability that sets it apart from conventional ransomware families. Anubis ransomware combines traditional file encryption with a destructive “wipe mode” feature that permanently erases file contents, making…
IBM Backup Services Vulnerability Let Attackers Escalate Privileges
A critical security vulnerability in IBM Backup, Recovery, and Media Services for the i platform that could allow attackers to gain elevated privileges and execute malicious code with component-level access to the host operating system. The vulnerability, tracked as CVE-2025-33108,…
GrayAlpha Hacker Group Weaponizes Browser Updates to Deploy PowerNet Loader and NetSupport RAT
Cybersecurity researchers have uncovered a sophisticated campaign by the GrayAlpha threat actor group that leverages fake browser update pages to deploy advanced malware, including a newly identified custom PowerShell loader dubbed PowerNet. The operation, which has been active since at…