Latest Cybersecurity News and Articles

Cybercriminals Are Turning Ordinary Citizens Into Money Mules in a New ‘Rent-a-Bank-Account’ Scam

A new cyber-enabled financial fraud scheme, known as the "rent-a-bank-account" scam, is turning unsuspecting individuals into money mules. This scam is rapidly proliferating and poses a significant threat to financial systems and national security.

Dark Partners cybercrime gang fuels large-scale crypto heists

The "Dark Partners" group is conducting a global crypto theft campaign using fake websites mimicking popular AI, VPN, and crypto apps. These sites distribute Poseidon (macOS) and Lumma (Windows) infostealers, along with the PayDay Loader malware.

Botnet hacks 9,000+ ASUS routers to add persistent SSH backdoor

A novel botnet campaign dubbed AyySSHush has compromised over 9,000 ASUS routers, including models RT-AC3100, RT-AC3200, and RT-AX55. The campaign leverages brute-force attacks, authentication bypass, and exploitation of known vulnerabilities.

XenServer Windows VM Tools Flaw Enables Attackers to Run Arbitrary Code

Citrix has disclosed three high-severity vulnerabilities (CVE-2025-27462, CVE-2025-27463, CVE-2025-27464) in XenServer VM Tools for Windows, enabling attackers to escalate privileges within guest Windows VMs.

Data broker giant LexisNexis says breach exposed personal information of over 364,000 people

LexisNexis Risk Solutions has disclosed a significant data breach that compromised the personal information of over 364,000 individuals. The breach involved unauthorized access to a third-party software development platform used by the company.

Threat Actors Weaponizing DCOM to harvest credentials on Windows systems

A new stealthy attack technique is leveraging Distributed Component Object Model (DCOM) objects on Windows systems to harvest credentials without deploying payloads or triggering traditional security alerts.

Phishing Campaign Spoofs Coursera to Steal Facebook Credentials via Fake Meta Certificate Offer

A sophisticated phishing campaign has been uncovered that impersonates Coursera and offers a free Meta Social Media Marketing certificate to lure victims into a multi-stage phishing trap.

Zanubis Android Banking Trojan Evolves with Silent Installation and Credential Theft Capabilities

Zanubis is a sophisticated Android banking Trojan active since 2022, targeting Peruvian financial institutions. It masquerades as legitimate apps to trick users into granting accessibility permissions, enabling full device control.

251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch

Researchers observed a coordinated cloud-based scanning operation involving 251 Amazon-hosted IP addresses geolocated in Japan. They targeted 75 known exposure points across various technologies, exploiting multiple high-severity vulnerabilities.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags