Latest News

1 minute read

Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files

info@thehackernews.com (The Hacker News)

October 22, 2025

Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine’s war relief efforts to deliver a remote access trojan that uses a WebSocket for command-and-control (C2). The activity, which took place on October 8, 2025, targeted individual members of the International Red Cross, Norwegian Refugee

[[{“value”:”Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine’s war relief efforts to deliver a remote access trojan that uses a WebSocket for command-and-control (C2).
The activity, which took place on October 8, 2025, targeted individual members of the International Red Cross, Norwegian Refugee”}]] The Hacker News

Latest News

Jaguar Land Rover cyberattack cost $2.5 billion, says monitoring group

October 22, 2025

Latest News

Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign

October 22, 2025

3 min

Latest News

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites as a distribution vector for a remote access trojan named NetSupport RAT. The attack chain, analyzed by Securonix, involves three main moving parts: An obfuscated JavaScript loader injected into a website, an HTML Application (HTA) that runs encrypted

info@thehackernews.com (The Hacker News)

December 8, 2025

3 min

Latest News

Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack

A suspected nation-state threat actor has been linked to the distribution of a new malware called Airstalk as part of a likely supply chain attack. Palo Alto Networks Unit 42 said it's tracking the cluster under the moniker CL-STA-1009, where "CL" stands for cluster and "STA" refers to state-backed motivation. "Airstalk misuses the AirWatch API for mobile device management (MDM), which is now

info@thehackernews.com (The Hacker News)

October 31, 2025

4 min

Latest News

Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers, such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. "UNC5142 is characterized by its use of compromised WordPress websites and 'EtherHiding,' a technique used

info@thehackernews.com (The Hacker News)

October 16, 2025

Hand-Picked Top-Read Stories

Microsoft disrupts RedVDS cybercrime platform behind $40 million in scam losses

Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers

Western cyber agencies warn about threats to industrial operational technology

Trending Tags

Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files

Previous Post

Jaguar Land Rover cyberattack cost $2.5 billion, says monitoring group

Next Post

Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign

Microsoft disrupts RedVDS cybercrime platform behind $40 million in scam losses

Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers

Western cyber agencies warn about threats to industrial operational technology

AI Agents Are Becoming Privilege Escalation Paths

AI CyberCon Summit 2026

Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files

Previous Post

Next Post

Related Posts