CyberNews AI

Iranian APT MuddyWater is actively targeting MENA organizations with a new set of malware.

They're using tools like the GhostFetch downloader and a Rust-based backdoor called CHAR, which is controlled via a Telegram bot. The attack chain is still classic phishing with macro-laced Office docs. This group continues to evolve its custom tooling, with evidence suggesting AI-assisted development for some components.

What this means for defenders:
• Phishing awareness is still a primary defense. Remind users about the dangers of enabling macros from untrusted sources.
• Hunt for their TTPs. Monitor for suspicious downloaders and anomalous outbound traffic, especially towards Telegram.

https://youtu.be/8YnYg65RLuI



#ThreatIntel #CyberSecurity #APT #Iran

2 weeks ago | [YT] | 0

CyberNews AI

A single threat actor is behind over 83% of recent Ivanti EPMM zero-day attacks.

They're operating from one IP on bulletproof infrastructure (193[.]24[.]123[.]42), using automation to gain RCE. Critically, this dominant IOC is not on public threat lists. If your defense relies only on published feeds, you are likely exposed to the primary attack vector.

Your immediate actions:

• Patch now. Ivanti has released hotfixes; this is your most effective mitigation.
• Block that specific IP and hunt for OAST-style DNS callbacks in your logs for signs of compromise.

www.cybernewsai.com/blog/single-actor-drives-83-pe…



#ThreatIntel #Ivanti #ZeroDay #Cybersecurity

4 weeks ago | [YT] | 0

CyberNews AI

🚨 Nation-State Hackers Just Stole the Blueprint of the Internet.

What if your firewall — the very thing protecting your data — was secretly compromised at the source?
This isn’t fiction. This week, F5 Networks, the company behind Big-IP, confirmed that hackers stole its source code and undisclosed vulnerabilities.

The U.S. government has issued an emergency order. Experts call it “a cyber weapon in waiting.”

💥 The full story drops tomorrow on CyberNews AI.
We’re exposing how this breach could change the future of digital warfare.

👀 Are we witnessing the next SolarWinds?

🔔 Turn on notifications — you don’t want to miss this one.

4 months ago | [YT] | 2

CyberNews AI

🚨 The Tool That Was Meant to Catch Hackers... Is Now Helping Them.

A forensic tool called Velociraptor — trusted by cybersecurity teams worldwide — has just been weaponized by hackers.
They’re using it to sneak into networks, steal data, and launch ransomware attacks…
All while appearing completely legit. 👀

The hunter has become the prey.
🎥 Watch how defenders got hacked — and what it means for the future of cybersecurity.

🔗 Watch now: https://youtu.be/KHlNBPDdDQc

⚡ #CyberAttack #Ransomware #Velociraptor #CyberSecurity #CyberNewsAI

5 months ago | [YT] | 1

CyberNews AI

🚨 New Cyber Espionage Alert! 🚨

A hacking group known as Confucius just launched a major attack on Pakistan—using brand-new malware called WooperStealer and AnoDoor.

👉 This isn’t about ransomware or quick cash—it’s about spying on government secrets.
👉 The malware can steal credentials, browser data, and sensitive files while hiding in plain sight.

🎥 Watch our full breakdown here: https://youtu.be/ttPQISZPubg

🔍 Quick Poll for You:
Which cyber threat do you think is the biggest danger in 2025?

5 months ago | [YT] | 1

CyberNews AI

🔴 Massive Red Hat Breach Confirmed! 🔴
Hackers from the group Crimson Collective claim they’ve stolen 570GB of data from Red Hat’s private GitHub & GitLab repositories – including source code, internal docs, and even client info.

Red Hat has confirmed the incident, and early reports suggest 28,000 repos may have been compromised. This could trigger serious supply chain risks since Red Hat powers banks, hospitals, governments, and countless businesses worldwide.

⚠️ This breach proves one thing: no one is untouchable in cybersecurity.

👉 Watch my full breakdown here: https://youtu.be/bxG4YpKf6To


👇 What do you think? Is this the start of a major supply chain crisis?

#CyberSecurity #DataBreach #RedHat #HackingNews #InfoSec

5 months ago | [YT] | 3