Amid the growing chaos in the cyber world, a fittingly named Rust-based malware, ChaosBot, is stirring up trouble, spreading through phishing emails with malicious LNK files to spy on and control compromised systems. Meanwhile, a sophisticated Astaroth banking malware campaign has begun hosting its configuration data in public GitHub repositories instead of relying on traditional C2 servers. At the same time, New Yorkers are being targeted by a smishing scam posing as the New York Department of Taxation and Finance that lures victims with fake “Inflation Refund” texts to harvest personal and financial information. Keep reading for more cybersecurity news from the weekend.
01
A new Rust-based malware, ChaosBot, is being used for reconnaissance and executing commands on compromised systems and is distributed via phishing messages containing malicious Windows shortcut (LNK) files.
02
A sophisticated Astaroth banking malware campaign is leveraging GitHub repositories to host critical configuration files, moving away from traditional C2 servers.
03
Researchers identified multiple spoofed Homebrew installer sites that mimic the official brew.sh page, injecting malicious payloads into the installation process.
04
North Korean actors are weaponizing the npm registry with over packages and 50,000 downloads, using fake personas and advanced malware loaders.
05
Fake 'Inflation Refund' texts are targeting New Yorkers in a smishing scam, impersonating the New York Department of Taxation and Finance to steal personal and financial information.
06
Spanish authorities have dismantled the GXC Team cybercrime syndicate for running a crime-as-a-service platform offering AI-powered phishing kits, Android malware, and voice-scam tools targeting banks, transport, and e-commerce sectors across multiple countries.
07
Hackers have exploited Microsoft Edge's Internet Explorer (IE) mode to target users by leveraging vulnerabilities in the outdated Chakra JavaScript engine.
08
Oracle has issued a security alert regarding a critical vulnerability (CVE-2025-61884) in its E-Business Suite that could allow unauthorized access to sensitive data without requiring any login credentials.
09
A critical vulnerability (CVE-2025-61929) has been identified in Cherry Studio that enables attackers to execute arbitrary commands with a single click on a crafted "cherrystudio://" URL link.
10
A document fraud detection software, Resistant AI, secured $25 million in a Series B funding round led by DTCP Growth, Experian, Google Ventures, and Notion Capital.
