Latest Cybersecurity News and Articles

Apple Releases Key Zero-Day Fixes for iOS, iPadOS, and macOS Devices

On Monday, Apple rolled out new security updates for the latest generation mobile devices, resolving 60 vulnerabilities with iOS 18.4 and iPadOS 18.4, and 38 flaws with iPadOS 17.7.6.

KoiLoader Reloaded: New Variant Uses LNK Abuse, Script Chains, and PowerShell to Deliver Stealer Payload

Researchers at eSentire spotted a new KoiLoader variant using phishing, LNK file abuse, PowerShell, and layered scripts to evade detection, gain persistence, and deliver KoiStealer malware for data theft via encrypted C2 communication.

Russian Hackers Exploit MSC EvilTwin Flaw to Deploy SilentPrism and DarkWisp Backdoors

The attack chains involve the use of provisioning packages (.ppkg), signed Microsoft Windows Installer files (.msi), and .msc files to deliver information stealers and backdoors that are capable of persistence and data theft.

Microsoft Uses AI to Find Flaws in GRUB2, U-Boot, Barebox Bootloaders

Microsoft discovered eleven vulnerabilities in GRUB2, including integer and buffer overflows in filesystem parsers, command flaws, and a side-channel in cryptographic comparison.

Hackers Abuse WordPress MU-Plugins to Hide Malicious Code

The technique was first observed by security researchers at Sucuri in February 2025, but adoption rates are on the rise, with threat actors now utilizing the folder to run three distinct types of malicious code.

U.S. Seized $8.2 Million in Crypto Linked to 'Romance Baiting' Scams

Blockchain intelligence platform TRM Labs reports that U.S. state investigators, primarily the FBI, uncovered laundering patterns of amounts linked to 'romance baiting' operators, enabling them to file a dual legal forfeiture.

Moscow Subway App and Website Disrupted in Possible Retaliation for Ukraine Railway Hack

During the outage, the Moscow subway’s website displayed a message purportedly from Ukraine’s national railway operator, Ukrzaliznytsia, which was recently hit by a large-scale cyberattack.

Gamaredon Campaign Abuses LNK Files to Distribute Remcos Backdoor

Cisco Talos reported an ongoing campaign targeting Ukrainian users with malicious LNK files, which run a PowerShell downloader, since at least November 2024. The file names use Russian words related to the movement of troops in Ukraine as a lure.

Researchers Uncover the Shelby Malware Family Abusing GitHub for Command and Control

Researchers found unused code and dynamic payload loading, hinting at the malware being under active development, indicating future updates may address any issues with contemporary versions.

Python-based RAT Abuses Discord API to Execute Data Theft Attacks

The Python-based Discord Remote Access Trojan (RAT) leverages Discord’s API as a C2 server to execute arbitrary system commands, steal sensitive information, capture screenshots, and manipulate both local machines and Discord servers.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags