news
Breaking Cyber News From Cyberint
Breaking news feed of the latest cyber incidents, breaches, vulnerabilities, malware, ransomware and so much more.
- All Items
- Jobinfo
- Israel
- Handala
- Business Services
- Data Encrypted For Impact
- Middle East
- Asia
- Shelter Locations In Israel
- Retail
- Saudi Arabia
- Saudi Games
- Cyber Fattah Team
- Ben Horin & Alexandrovitz
- Zachary Levi And Sons - Construction
- Sivim It
- Kibbutz Almog
- Government
- Manufacturing
- Saban Brands Israel
- Digitalghost
- Mprest
- The Knesset
- Evil_Byte
- Gonjeshke Darande
- Nobitex
- Chemicals And Allied Products
- Kimia Farma
- exclusive
- South-Eastern Asia
- Indonesia
- Sentap
- Transportation
- Northern Europe
- Scania
- Europe
- Hensi
- Sweden
- Tbn Israel
- Media
- Weizmann Institute Of Science
- Education
- Resistancetrench
- Israeli Air Force
- Dienet
- Israel Antiquities Authority
- United States
- Mirai
- CVE-2025-24016
- North America
- Wazuh
- Cve-2025-24016
- Epsilor Electric Fuel
- Clayoxtymus1337
- Technology
- Southern Asia
- Advanced Weapons And Equipment India
- India
- More_Eggs
- Fin6
- Cryptocurrency
- Alex Lab
- Edf Energy
- United Kingdom
- Zoldyck
- Critical Infrastructures
- Sudo And Sudo Caching
- Telecommunications
- Credentials In Files
- Spearphishing Link
- Disable Or Modify Tools
- Match Legitimate Name Or Location
- Spectrum
- Unix Shell
- Ingress Tool Transfer
- Amos
- Israel Defense Forces
- Food And Kindred Products
- Coca-Cola Europacific Partners
- Ghna
- Italy
- Automotive
- Southern Europe
- Locauto
- Whitecoat
- Spain
- Mercadona
- Ups
- Wow Health Solutions
- Healthcare
- Cyprus Airways
- Rip_Real_World
- Netsupport Rat
- Tel Aviv University
- Illeak
- Desec0X
- Unc6032
- Numero
- Chaos
- Lucky_Gh0$T
- Yashma
- Cyberlock
- 303
- Deloitte
- Gucci
- Credentials From Web Browsers
- Password Managers
- Input Capture
- User Execution
- Credentials From Password Stores
- Obfuscated Files Or Information
- Phishing
- System Information Discovery
- Command And Scripting Interpreter
- Exfiltration Over C2 Channel
- Virtualization/Sandbox Evasion
- Screen Capture
- Windows Credential Manager
- Eddiestealer
- Drive-By Compromise
- File And Directory Discovery
- Data From Local System
- Australia And New Zealand
- Australia
- W_Tchdogs
- Superloop
- Resource Hijacking
- Network Service Discovery
- Exploitation For Client Execution
- Escape To Host
- Docker
- External Remote Services
- Smb/Windows Admin Shares
- Remote System Discovery
- Lateral Tool Transfer
- Deploy Container
- Web Protocols
- Change Default File Association
- Exploit Public-Facing Application
- Romania
- Venom Rat
- Bitdefender
- Financial Theft
- Eastern Europe
- Cameleon
- Cve-2023-20118
- Vicioustrap
- Cisco
- Macao Special Administrative Region
- CVE-2023-20118
- Eastern Asia
- Cve-2025-0944
- CVE-2025-0944
- Tetraloader
- Uat-6382
- Trimble
- Dynamic-Link Library Injection
- Silver Fox
- Regsvr32
- Reflective Code Loading
- Valleyrat
- Process Discovery
- Scheduled Task
- File Deletion
- Powershell
- Obfuscated Files Or Information: Encrypted Or Encoded Data
- China
- Malicious File
- Masquerade Task Or Service
- Rundll32
- Qakbot
- Trickbot
- Bumblebee
- Danabot
- Warmcookie
- Cetus
- Purehvnc
- Bytebreaker
- Viralgod
- Telcel
- Latin America And The Caribbean
- Mexico
- Peter Green Chilled
- Cellcom
-
Jun 10, 2025
New Clickfix Infostealer Campaign Targets macOS Users
Cybersecurity researchers have identified a new malware campaign that uses social engineering tactics to distribute an information stealer known as Atomic macOS Stealer (AMOS) targeting Apple macOS systems. The campaign employs typosquatting domains that mimic the U.S.-based telecom provider Spectrum, tricking users into executing a malicious shell script that steals system passwords and downloads the AMOS variant. The attack begins on a fake webpage that prompts users to complete a CAPTCHA verification, ultimately leading them to execute harmful commands under the guise of fixing a non-existent issue. The campaign is believed to be orchestrated by Russian-speaking cybercriminals, as indicated by the presence of Russian language comments in the malware's code.
-
May 26, 2025
New Malware Campaign Targets Chinese-Speaking Users with Winos 4.0
Cybersecurity researchers have uncovered a malware campaign that employs fake software installers disguised as popular applications like LetsVPN and QQ Browser to deliver the Winos 4.0 framework. First identified by Rapid7 in February 2025, the campaign utilizes a sophisticated multi-stage loader called Catena, which operates entirely in memory to evade traditional antivirus detection. The malware, attributed to a threat actor known as Silver Fox, specifically targets Chinese-speaking environments and has been active throughout 2025, adapting its tactics to maintain persistence and avoid detection. The campaign leverages trojanized NSIS installers and is characterized by its careful planning and execution.