Cyber News Bytes: What’s Happening in Cybersecurity This Week

Hey Cyberfam 👋, welcome back to another edition of Cyber News Bytes, where I break down the biggest cybersecurity stories of the week: what happened, why it matters, and how you can turn it into an advantage.

This week’s theme?

Attackers are getting smarter and more human-like.

Let’s dive in.

1. New Android Trojan “Herodotus” Outsmarts Anti Fraud Systems by Typing Like a Human

What Happened:
A new Android banking trojan called Herodotus has been spotted targeting users in Italy and Brazil. But here’s the creepy part this malware pretends to be human.
It literally adds random pauses between fake keystrokes to mimic how real people type, making it harder for anti-fraud systems to detect.

It spreads through fake Chrome apps sent via phishing messages and can steal credentials, bypass 2FA, and even record everything on your screen.

Why It Matters:
This marks a major leap in how attackers use behavioral mimicry to evade detection. They’re not just writing smarter code they’re learning to act more like us.
The line between “machine” and “human” behavior in cyberattacks is blurring fast, and that’s a challenge every security professional will have to face.

How to Turn It Into an Advantage:
Stay alert for social engineering and SMS phishing, especially when apps request unusual permissions. But if you’re in the cyber field (or want to be), study behavioral security analytics.

Understanding how systems detect “human like” actions could make you invaluable in fraud prevention and threat detection roles.

Full story → The Hacker News

2. GhostCall & GhostHire: North Korean Hackers Use Fake Calls and Jobs to Breach Tech Firms

What Happened:
North Korean threat actors (BlueNoroff) are back, this time with two linked campaigns called GhostCall and GhostHire.
They’re targeting Web3, blockchain, and venture capital executives mostly in Japan, Australia, and Europe.

Their playbook? Pure social engineering genius (and evil):
Fake Zoom calls with recorded video feeds from real victims.
Job offers sent via Telegram that lead to malicious GitHub repos.
Malware hidden inside “assessment” files that compromise macOS, Windows, and Linux systems.

Why It Matters:
This shows how cyberattacks are evolving beyond code into psychological warfare. The hackers are mixing tech, deception, and AI to manipulate trust.
Even seasoned professionals can get fooled when attacks feel authentic and human.

How to Turn It Into an Advantage:
Don’t just learn technical defense learn human defense.
Build habits that make you resilient: double-check sources, verify identities, and slow down when something feels urgent.
If you lead teams, use these stories in your security awareness sessions they’ll stick with people far longer than PowerPoint slides.

Full story → The Hacker News

3. U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack

What Happened:
The U.S. Congressional Budget Office (CBO) the agency responsible for analyzing national economic data was reportedly breached by a suspected foreign hacker.
Early reports suggest sensitive communications between congressional offices may have been exposed.

Why It Matters:
This isn’t “just another government breach.” It’s a reminder that national level cyber risk can ripple through economies, policies, and even democracy.
When attackers hit institutions that shape public policy, they’re not just stealing data they’re influencing trust and decision-making.

How to Turn It Into an Advantage:
For professionals in cyber governance, compliance, or risk management, this is a powerful case study.
Learn how incident response and communication strategy work in high-stakes environments. Transparency, speed, and trust are everything during a national-level cyber event.

Full story → BleepingComputer

Every week brings a new wave of attacks, from Trojans that type like humans to fake job offers crafted by state-sponsored actors to government breaches that shake public trust.

But here’s the truth: every breach tells a story, and every story holds a lesson.

The more you understand these threats, the stronger you become, not just in defending systems, but in protecting people and shaping a safer digital world.

Malware now mimics human behavior. Hackers disguise themselves as recruiters, friends, and even coworkers. And governments are discovering that the real battleground isn’t only technology it’s trust.

If you’ve been thinking about starting your cybersecurity career but don’t know where to begin, I’ve been there too.

That’s why I recommend checking out CourseCareers, an affordable, step by step program designed to help you break into IT and cybersecurity without prior experience.

You don’t need a degree to start just the right direction.

And this could be yours.

👉 CourseCareers

With every headline, remember this: the more we learn, the stronger we become.
Stay curious, stay kind, and keep protecting what matters most.

Stay secure,
Sandra