Malware

A persistent and highly sophisticated cyber threat known as GravityRAT continues to evolve, posing a significant multi-platform espionage risk primarily targeting Indian military, government, and defense sectors, GBHackers News reports.

The UAC-0184 group, also known as Hive0156, launched a campaign against Ukraine's Verkhovna Rada, exploiting sensitive themes such as changes to military personnel files and denied compensation for fallen soldiers.

Increasingly active phishing groups and escalating cybercrime-as-a-service operations have fueled cyber extortion, with Orange Cyberdefense noting that the number of victims has risen by 45% from October 2024 to September 2025, Infosecurity Magazine reports.

Online credentials obtained by information-stealing malware have been leveraged to breach business websites, which were then tapped for distributing other illicit payloads, highlighting an attack cycle that converts victims into oblivious cybercrime accomplices, according to Cyber Security News.

The malware-as-a-service (MaaS) uses a JavaScript injection to intercept Discord sessions.

The U.S. Treasury Department has reversed Biden-era sanctions imposed on executives Sara Hamou, Merom Harpaz, and Andrea Gambazzi, who had been subjected to punitive action due to their association with spyware vendor Intellexa, whose Predator spyware had been leveraged by governments and other threat actors for cyberespionage, reports The Record, a news site by cybersecurity firm Recorded Future.

OpenVSX extensions target macOS with GlassWorm malware Three new malicious extensions on the OpenVSX marketplace, one of which claims to be the customizable code formatter Prettier Pro, have sought to compromise macOS devices as part of the fourth wave of attacks involving the self-replicating Glassworm malware, reports Cybernews.