🚨 ALERT: AsyncRAT Strikes Using Dropbox & TryCloudflare

⤷ Phishing emails start the chain, leading to AsyncRAT and other malware.
⤷ Hackers are now using Dropbox URLs and TryCloudflare tunnels to hide malicious activity.
⤷ Python payloads launch a multi-stage attack, making detection nearly impossible.

Check out details: https://thehackernews.com/2025/02/asyncrat-campaign-uses-python-payloads.html

🚨 Vulnerability Assessments Soar in 2024. 24% of organizations now conduct assessments more than 4 times a year—up from 15% in 2023!

This shift to continuous monitoring means faster responses to threats and stronger defenses.

How is your organization keeping up? 👇 Explore the full report now: https://thehackernews.com/2025/02/navigating-future-key-it-vulnerability.html

🛑 Security Alert for Veeam Users! CVE-2025-23114 has a CVSS score of 9.0.

This new critical Man-in-the-Middle attack could allow hackers to execute arbitrary code on your servers.

✅ Fix is Available! Check out the details here: https://thehackernews.com/2025/02/new-veeam-flaw-allows-arbitrary-code.html

🔒 Silent Lynx's Multi-Stage Attack Exposed: Targeting Embassies, Law Firms, and Banking Institutions

The group leverages RAR files, C++ binaries, and PowerShell scripts to infiltrate systems and exfiltrate sensitive data.

Read the full article here: https://thehackernews.com/2025/02/silent-lynx-using-powershell-golang-and.html

🔒 Hackers are exploiting tools like Axios and Node Fetch to take over Microsoft 365 accounts—targeting high-value employees across industries like finance, healthcare, and IT.

Attack volume spiked to over 13 million login attempts in one password spraying campaign.

Read the full report: https://thehackernews.com/2025/02/cybercriminals-use-axios-and-node-fetch.html

🚨 WARNING: Infamous North Korea-linked Lazarus Group is using fake job offers to spread cross-platform malware—targeting crypto and travel industries.

🏡✈️ Fake recruiter offers remote positions in crypto/travel
📄 Victims send personal info (CVs, GitHub links)
‼️ Attackers deploy a JavaScript data stealer and Python backdoor

This is a complex attack chain that can give attackers persistent remote access to your systems.

Learn more: https://thehackernews.com/2025/02/cross-platform-javascript-stealer.html

🔴 Hacktivism has evolved – from political protest to full-blown cyber warfare. The latest surge in DDoS attacks is shaking both the public and private sectors.

These attacks are not just about disruption—they're designed to manipulate public opinion and disrupt elections. Now's the time to be aware.

Want to know how geopolitics is shaping the cyber landscape? Read the full analysis now:

https://thehackernews.com/expert-insights/2025/02/hacking-in-name-of.html

🛑 Cisco just patched two critical vulnerabilities in Identity Services Engine (ISE) that could allow attackers to execute arbitrary commands and escalate privileges remotely.

⚠️ CVE-2025-20124 & CVE-2025-20125 carry CVSS scores of 9.9 and 9.1.

Read — https://thehackernews.com/2025/02/cisco-patches-critical-ise.html

🛑 North Korea-linked Kimsuky hacking group now using forceCopy, a new info-stealer malware targeting browser credentials.

Spear-phishing emails trick victims into opening disguised Windows shortcut files. PowerShell and mshta.exe trigger malware download, leading to deeper infection.

👉 Read More: https://thehackernews.com/2025/02/north-korean-apt-kimsuky-uses-lnk-files.html

🚨 New malware campaign "SparkCat" has been discovered on Apple and Google app stores, using OCR to target crypto wallet recovery phrases.

Read the full report: https://thehackernews.com/2025/02/sparkcat-malware-uses-ocr-to-extract.html

Ransomware is hitting harder in 2025. Hackers demand millions—and paying up doesn’t guarantee you’ll get your data back.

LockBit, Lynx, and Virlock—ransomware groups are evolving, targeting everyone from small businesses to critical infrastructure.

Get the full breakdown on how to defend against these threats.: https://thehackernews.com/2025/02/top-3-ransomware-threats-active-in-2025.html

PAM isn’t just a cybersecurity tool. It’s a game-changer for operational efficiency, compliance & security.

• Enforces the principle of least privilege
• Boosts regulatory compliance
• Protects from evolving threats

Don’t miss out on this essential shift in cybersecurity leadership.

Read: https://thehackernews.com/2025/02/the-evolving-role-of-pam-in.html

⚠️ Big names like LockBit and BlackCat are collapsing, but smaller players are multiplying. Cybercriminals raked in $813.5M from ransomware in 2024—a sharp drop from $1.25B in 2023.

Smaller, faster, and more dangerous—ransomware just got a whole lot trickier.

Get the full insights: https://thehackernews.com/2025/02/ransomware-extortion-drops-to-8135m-in.html

Bogus websites masquerading as Google Chrome are now distributing ValleyRAT—an evolving remote access trojan.

Targeting high-value roles in finance, accounting, and sales, this threat actor—Silver Fox—strategically targets sensitive systems.

Read the full report: https://thehackernews.com/2025/02/fake-google-chrome-sites-distribute.html

🚨 URGENT: Attackers are exploiting newly discovered flaws in SimpleHelp RMM software to establish persistent access to networks and deploy ransomware.

CVE-2024-57726, CVE-2024-57727, CVE-2024-57728: Flaws enabling privilege escalation, remote code execution.

👉 Secure your systems and read the full details: https://thehackernews.com/2025/02/hackers-exploit-simplehelp-rmm-flaws.html

The RBI is introducing a dedicated "bank[.]in" domain to combat digital fraud and secure digital transactions.

Read the full article: https://thehackernews.com/2025/02/indias-rbi-introduces-exclusive-bankin.html

🚨 Alert: Publicly exposed ASP'NET machine keys could give attackers an easy way to infiltrate your systems.

🔑 Over 3,000 keys are now available for exploitation. Microsoft reveals how attackers can inject malicious code using these keys to gain remote code execution.

🔗 Read full article: https://thehackernews.com/2025/02/microsoft-identifies-3000-publicly.html

🚨 CISA warns of active exploitation in Trimble Cityworks GIS software, with a high-severity vulnerability (CVE-2025-0994, CVSS 8.6) being weaponized in the wild.

If left unpatched, attackers could gain unauthorized access and deploy harmful payloads like Cobalt Strike and VShell.

Read: https://thehackernews.com/2025/02/cisa-warns-of-active-exploitation-in.html

🔒 AI-Powered Social Engineering is Here – And It's Evolving FAST!

Criminals are automating and personalizing attacks, making them more effective than ever.

AI-generated phishing emails and deepfake CFOs are tricking employees into transferring millions.

👉 Learn how to equip your workforce to spot deception: https://thehackernews.com/2025/02/ai-powered-social-engineering.html

🛑 DeepSeek's iOS app is transmitting sensitive user data without encryption to a cloud platform linked to ByteDance (TikTok), leaving it wide open to hackers.

👉 See the full story and analysis here: https://thehackernews.com/2025/02/deepseek-app-transmits-sensitive-user.html

⚠️ Researchers have uncovered two malicious ML models on Hugging Face using a new attack method—"broken" pickle files—to bypass detection.

These models execute a reverse shell right from the start, connecting to a hard-coded IP.

🔧 Learn more: https://thehackernews.com/2025/02/malicious-ml-models-found-on-hugging.html