Daily Cyber News

Android Spyware Masquerades as Signal Encryption Plugin and ToTok Pro, Users at Risk

Cybersecurity experts have uncovered two dangerous Android spyware campaigns known as ProSpy and ToSpy, targeting users in the United Arab Emirates (U.A.E.). These malicious campaigns disguise themselves as popular apps such as Signal Encryption Plugin and ToTok Pro to trick unsuspecting victims into installing spyware on their devices. Fake Apps and Distribution Tactics According to […]

Android Spyware Masquerades as Signal Encryption Plugin and ToTok Pro, Users at Risk Read More »

Hackers Exploit Milesight Routers to Send Phishing SMS to Users in Europe

Unknown threat actors have abused Milesight industrial cellular routers to send phishing SMS messages, or smishing, targeting users across several European countries since at least February 2022. French cybersecurity firm SEKOIA reports that attackers leveraged exposed router APIs to distribute malicious links, with a focus on Sweden, Italy, and Belgium. The campaigns impersonated government services,

Hackers Exploit Milesight Routers to Send Phishing SMS to Users in Europe Read More »

Android Banking Trojan “Klopatra” Hides VNC Access to Take Control of Smartphones

A newly discovered Android banking trojan named Klopatra has infected more than 3,000 devices, with the majority of cases reported in Spain and Italy. The malware, identified by the Italian fraud prevention company Cleafy in late August 2025, is a sophisticated remote access trojan (RAT) that leverages Hidden Virtual Network Computing (VNC) for remote control,

Android Banking Trojan “Klopatra” Hides VNC Access to Take Control of Smartphones Read More »

China-Linked Hackers Exploit New VMware Zero-Day Active Since October 2024

A critical security flaw in Broadcom VMware Tools and VMware Aria Operations has been actively exploited since October 2024. According to cybersecurity researchers at NVISO Labs, the attacks are linked to a China-based hacking group tracked as UNC5174 (also known as Uteus or Uetus). The bug, identified as CVE-2025-41244 with a CVSS score of 7.8,

China-Linked Hackers Exploit New VMware Zero-Day Active Since October 2024 Read More »

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake

Microsoft has officially announced a major expansion of its Sentinel Security Information and Event Management (SIEM) solution, transforming it into a unified agentic security platform. At the core of this update is the general availability of the Sentinel data lake, designed to provide enterprises with advanced capabilities for managing and analyzing security data. In addition

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake Read More »

Researchers Reveal Google Gemini AI Flaws Enabling Prompt Injection and Cloud Exploits

Cybersecurity researchers have disclosed a trio of now-patched vulnerabilities, collectively called the Gemini Trifecta, that impacted Google’s Gemini AI suite. If exploited, these flaws could have exposed users to privacy breaches and data theft, by turning AI features into attack vectors, rather than just targets. The findings underscore a worrying trend, where sophisticated threat actors,

Researchers Reveal Google Gemini AI Flaws Enabling Prompt Injection and Cloud Exploits Read More »

Phantom Taurus, a China-Linked Hacker Group, Targets Governments With Stealth Malware

Over the past two and a half years, a China-linked, state-aligned cyber espionage group, known as Phantom Taurus, has been observed targeting government and telecommunications organizations across Africa, the Middle East, and Asia. The group focuses on intelligence collection, aiming to obtain sensitive diplomatic and defense-related data, often aligning its operations with major geopolitical events

Phantom Taurus, a China-Linked Hacker Group, Targets Governments With Stealth Malware Read More »

$50 Battering RAM Attack Breaks Intel, AMD Cloud Security Protections

The researchers describe a simple interposer, which can be assembled for about $50, that sits between the processor and the DDR4 memory modules. During system start, the interposer remains transparent and passes all integrity and trust checks. At runtime, however, the device can be flipped into an active mode, where it stealthily remaps physical addresses

$50 Battering RAM Attack Breaks Intel, AMD Cloud Security Protections Read More »

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

Threat actors are exploiting the popularity of artificial intelligence (AI) by embedding malware into fake productivity and AI-enhanced tools, according to a recent Trend Micro report. This campaign, known as EvilAI, is targeting organizations worldwide across regions such as Europe, the Americas, and the Asia, Middle East, and Africa (AMEA) region. Global Impact and Targeted

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations Read More »

DataCenter Fire Knocks 600+ South Korean Government Websites Offline

A lithium-ion battery explosion at a major government data center in South Korea has disrupted more than 600 critical services, underscoring the risks of centralizing vital digital infrastructure. The fire broke out Friday night at the National Information Resources Service (NIRS) facility in Daejeon. According to officials, a disconnected battery exploded during relocation work around

DataCenter Fire Knocks 600+ South Korean Government Websites Offline Read More »