Ransomware gangs adopt new Shanya PaaS to evade EDR tools
Shanya provides threat actors with a way to wrap their malware in highly customized, obfuscated code that bypasses most security tools.
Cybersecurity News - Page 25
Two malicious VS Code extensions steal credentials, cookies, and crypto wallets
The extensions called “Bitcoin Black” and “Codo AI” were disguised as a color theme and AI assistant.
New agentic browser attack lets emails trigger Google Drive wipe
Because the agent interprets the message as legitimate workload, it may execute the destructive steps without prompting the user for approval.
Portugal updates legislation to protect ethical security research
To qualify, researchers must ensure their work is solely aimed at uncovering flaws they did not create and contributes to improved security.
MuddyWater deploys new UDPGangster backdoor in attacks across the Middle East
The cyber-espionage activity has primarily targeted users in Turkey, Israel, and Azerbaijan.
Chinese Warp Panda cyberespionage campaign targeting North American firms
In addition to BrickStorm, Warp Panda has also deployed JSP web shells and two new implants for ESXi environments.
Cyber Security Week in Review: December 5, 2025
In brief: Critical React2Shell exploited by Chinese hackers, Microsoft silently patches Windows LNK flaw, and more.
Star Blizzard’s new spear-phishing wave targeting Western NGOs supporting Ukraine
The latest activity targeted at least two organizations, including Reporters Without Borders (RSF).
Iran-linked hackers target Israeli, Egyptian critical infrastructure in stealthy phishing campaign
The campaign relied on spearphishing emails that delivered PDFs containing links to malicious installers hosted on free file-sharing services.
Silver Fox APT deploys malware via repackaged Telegram, Chrome, and MS Teams installers
The campaign ultimately deploys the ValleyRat remote-access tool onto the compromised systems.
Showing elements 241 - 250