The threat actor known as Silver Fox has turned its focus to India, using income tax-themed lures in phishing campaigns to distribute a modular remote access trojan called ValleyRAT (aka Winos 4.0). "This sophisticated attack leverages a complex kill chain involving DLL hijacking and the modular Valley RAT to ensure persistence," CloudSEK researchers Prajwal Awasthi and Koushik Pal said in an analysis published last week. Also tracked as SwimSnake, The Great Thief of Valley (or Valley Thief), UTG-Q-1000, and Void Arachne, Silver Fox is the name assigned to an aggressive cybercrime group from China that has been active since 2022.

1 week ago - Seven sources tell CyberScoop that a lack of coordination and miscommunication between federal agencies and the telecommunications industry left critical networks exposed to the Chinese hacking group.

16 hours ago - The total disclosed value for all the cybersecurity M&A deals announced in 2025 exceeded $84 billion.

2 days ago - A handbook found during a police raid on a compound used by a cyberfraud gang in the Philippines offers detailed instructions in Chinese for conducting scams and reveals a blueprint for grooming and deception.

18 hours ago - Breaking cybersecurity and information news, independent research, latest tech analysis and product reviews all produced by Cybernews in-house experts.

Interpol said law enforcement across 19 countries made 574 arrests and recovered $3 million, against a backdrop of spiraling cybercrime in the region, including business email compromise, digital extortion, and ransomware schemes.

2 weeks ago - October 2025: Russian cybercrime group Lynx breached Dodd Group, a UK Ministry of Defence contractor, stealing approximately 4TB of data, including sensitive files on eight RAF and Royal Navy bases. The attackers deployed ransomware and exfiltrated visitor logs, staff details, security guidance, and construction records and began leaking roughly 1,000 documents.

Playbook 4 Steps to Effective Cyber Risk Management for Manufacturers Custom content for Imprivata · Webinar - on demand Bring Your Own AI: Turning Shadow Tools Into Strategic Wins Custom content for Rippling View all ... The Record from Recorded Future News Romanian national water agency hit by BitLocker ransomware attack

October 27, 2025 - Find the latest Cybersecurity news from WIRED. See related science and technology articles, photos, slideshows and videos.

1 week ago - Alerts typically include information on newly exploited or disclosed vulnerabilities, newly discovered cyber threat campaigns, severe denial-of-service events or widespread outages, or emerging threat activity related to current world events. Use when: You need immediate awareness of a high-priority threat or vulnerability and a rapid response.

19 hours ago - Ubisoft experienced a critical security incident today as threat actors exploited the MongoBleed vulnerability to compromise Rainbow Six Siege servers, triggering widespread... ... A new AI-focused attack technique, called “Lies-in-the-Loop (LITL),” is raising concerns across the cybersecurity community. The method targets the very safeguards designed... ... Exclusive Cyber Security News ...

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.

More in Latest News > French software company fined $2 million for cyber failings leading to data breachDecember 29th, 2025 · Pro-Russian hackers claim attack on French postal service operatorDecember 26th, 2025 · Georgia arrests ex-spy chief over alleged protection of scam call centersDecember 26th, 2025 ·

Stories from around the Department of War.

5 days ago - Cybersecurity is evolving towards practical, risk-focused strategies by 2026. Expect dynamic attack-path modeling, akin to digital war games, to become mainstream. Federal policy will emphasize resilience and collaboration, with industry and ...

November 3, 2025 - US cybersecurity experts plead guilty to BlackCat ransomware attacks ... https://www.bleepingcomputer.com/news/security/us-cybersecurity-experts-plead-guilty-to-blackcat-alphv-ransomware-attacks/

SLSH has solicited insider access previously, but their latest call for disgruntled employees started making the rounds on social media at the same time news broke that the cybersecurity firm Crowdstrike had fired an employee for allegedly sharing screenshots of internal systems with the hacker group (Crowdstrike said their systems were never compromised and that it has turned the matter over to law enforcement agencies).

First, CISA is the operational lead for federal cybersecurity, charged with protecting and defending federal civilian executive branch networks in close partnership with the Office of Management and Budget, the Office of the National Cyber Director, and federal agency Chief Information Officers and Chief Information Security Officers.

Accenture research shows deficiency in enterprise cybersecurity strategy and AI-training, with a quarter of under 35s likely to act on phishing links…

November 6, 2025 - SANS NewsBites is a semiweekly executive summary of the most important cyber security news articles published recently. Each news item is annotated with important context provided by respected subject matter experts within the SANS community.