Cyber Security News

2 weeks ago | cybersecuritynews.com | Tushar Subhra Dutta

Cybersecurity researchers have uncovered a sophisticated new formjacking malware campaign targeting WooCommerce-powered e-commerce websites, representing a significant evolution in credit card skimming attacks. This advanced threat demonstrates unprecedented stealth capabilities, carefully integrating fake payment forms into legitimate checkout processes while evading traditional detection methods that typically identify such malicious activities.

2 weeks ago | cybersecuritynews.com | Tushar Subhra Dutta

Security researchers have identified a sophisticated malware campaign utilizing the ALCATRAZ obfuscator, an open-source tool originally developed for the game hacking community that has now been weaponized by cybercriminals and advanced persistent threat groups. The malware, dubbed DOUBLELOADER, has been observed in recent infections alongside the notorious RHADAMANTHYS information stealer, representing a significant escalation in the complexity of modern cyber threats.

2 weeks ago | cybersecuritynews.com | Tushar Subhra Dutta

A sophisticated phishing campaign leveraging copyright infringement themes has emerged as a primary vector for distributing the dangerous Rhadamanthys information stealer malware across European countries. Since April 2025, threat actors have been exploiting fear-based social engineering tactics, impersonating legal representatives and law firms to deceive victims into believing they have violated copyright laws on social media platforms.

2 weeks ago | cybersecuritynews.com | Tushar Subhra Dutta

A sophisticated cyber-espionage campaign has emerged targeting Tajikistan’s government institutions through weaponized Microsoft Word templates, marking a significant tactical evolution by the Russia-aligned threat group TAG-110. The campaign, which unfolded between January and February 2025, represents a departure from the group’s historical methods and demonstrates their continued focus on intelligence gathering operations across Central Asia.

2 weeks ago | cybersecuritynews.com | Tushar Subhra Dutta

A sophisticated China-linked threat group has been actively exploiting critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) systems since May 15, 2025, targeting organizations across healthcare, telecommunications, aviation, municipal government, finance, and defense sectors globally. The campaign leverages two newly disclosed vulnerabilities, CVE-2025-4427 and CVE-2025-4428, which can be chained together to achieve unauthenticated remote code execution on exposed systems.