A wave of new threats is emerging across platforms, starting with a coordinated campaign that used the Evilginx phishing kit and AiTM techniques to bypass MFA at 18 U.S. universities. At the same time, Android users are being hit by the DroidLock malware, which spreads through fake apps hosted on malicious websites. Adding to the threat landscape, the newly surfaced Spiderman phishing kit is lowering the bar for cybercriminals by allowing even low-skilled actors to craft sophisticated phishing campaigns targeting customers of European banks and cryptocurrency platforms. Keep reading for more cybersecurity news.
01
A coordinated phishing campaign used the Evilginx kit and AiTM tactics to bypass MFA and steal credentials at 18 U.S. universities, leveraging nearly 70 malicious domains to enable full account takeovers.
02
The new DroidLock malware is targeting Android devices by distributing fake apps through malicious websites to gain full device control, lock screens for ransom, and steal sensitive data, including text messages, call logs, and contacts.
03
A new AMOS Stealer malware campaign is targeting macOS users through AI-based platforms ChatGPT and Grok using poisoned search results.
04
Malware campaigns are targeting indie game platforms like Itch.io and Patreon by posting spam comments with links to fake game updates that trick users into downloading malware-infected files.
05
The Trojan.ChimeraWire malware is targeting Windows systems by using Google Chrome in debug mode to simulate human behavior and perform automated website clicks to fraudulently boost site rankings.
06
The new Spiderman phishing kit enables attackers with minimal technical expertise to launch sophisticated campaigns targeting customers of European banks and cryptocurrency platforms.
07
Pro-Russia hacktivists, including groups like CARR—linked to Russian military intelligence—and NoName057(16), are targeting U.S. critical infrastructure by exploiting weak VNC connections in OT systems.
08
Europol and Eurojust led an international operation dismantling a €700M cryptocurrency fraud network using deepfake ads. The scam involved fake investment sites, aggressive marketing, and malicious call centers pressuring victims to send money.
09
The Cyble Global Cybersecurity Report 2025 reveals a significant escalation in cyber threats, with ransomware attacks surging by 50% year-over-year and nearly 6,000 incidents reported.
10
A critical vulnerability, GeminiJack, in Google Gemini Enterprise and Vertex AI Search, allows attackers to exfiltrate corporate data via shared documents, calendar invites, or emails without user interaction.
