Pulsar RAT has emerged as a sophisticated derivative of the open-source Quasar RAT, introducing dangerous enhancements that enable attackers to maintain invisible remote access through advanced evasion techniques. This modular Windows-focused remote administration tool represents a significant evolution in threat…
Category: Cyber Security News
Apache bRPC Vulnerability Enables Remote Command Injection
A critical remote command-injection vulnerability has been discovered in Apache bRPC’s built-in heap profiler service, affecting all versions before 1.15.0 across all platforms. The vulnerability allows unauthenticated attackers to execute arbitrary system commands by manipulating the profiler’s parameter validation mechanisms.…
ChatGPT Go Launched for $8 USD/month With Support for Ads and Privacy Risks
OpenAI’s global rollout of its budget-friendly ChatGPT Go subscription at $8 USD monthly introduces significant data privacy and security considerations for cybersecurity professionals monitoring AI platform access controls. The tiered pricing structure, which includes an ad-supported model for free and…
Google Gemini Privacy Controls Bypassed to Access Private Meeting Data Using Calendar Invite
A significant vulnerability within the Google ecosystem allowed attackers to bypass Google Calendar’s privacy controls using a standard calendar invitation. The discovery highlights a growing class of threats known as “Indirect Prompt Injection,” where malicious instructions are hidden within legitimate…
Remcos RAT Masquerade as VeraCrypt Installers Steals Users Login Credentials
A sophisticated malware campaign targeting South Korean users has emerged, distributing the Remcos remote access trojan (RAT) through deceptive installers disguised as legitimate VeraCrypt encryption software. This ongoing attack campaign primarily focuses on individuals connected to illegal online gambling platforms,…
Inside the Leaks that Exposed the Hidden Infrastructure Behind a Ransomware Operation
The cybercrime world operates in shadows, but when insiders turn against each other, those shadows shrink. In February 2025, an individual using the alias ExploitWhispers surfaced on Telegram and released internal communications from the BlackBasta ransomware group. The leak contained…
Threat Actors Weaponizing Visual Studio Code to Deploy a Multistage Malware
Threat actors are turning Visual Studio Code into an attack platform, using its rich extension ecosystem to slip multistage malware into developer workstations. The latest campaign, dubbed Evelyn Stealer, hides behind a malicious extension that delivers a stealthy information stealing…
Attackers are Using WSL2 as a Stealthy Hideout Inside Windows Systems
Windows Subsystem for Linux 2 (WSL2) is meant to give developers a fast Linux environment on Windows. Now attackers are turning that benefit into a hiding place. By running tools and payloads inside the WSL2 virtual machine, they can operate…
Threat Actors Impersonate as MalwareBytes to Attack Users and Steal Logins
A new malware campaign has emerged that tricks people into downloading fake Malwarebytes software, putting their login credentials and cryptocurrency wallets at serious risk. Security researchers discovered this operation actively spreading between January 11 and January 15, 2026, using specially…
Attackers Redirected Employee Paychecks Without Breaching a Single System
A seemingly simple phone call became the gateway to a sophisticated attack that diverted employee paychecks without any malware or network breach. An organization discovered this fraud when workers reported missing salary deposits. The attacker had modified direct-deposit information to…
Cloudflare Zero-Day Vulnerability Enables Any Host Access Bypassing Protections
A critical zero-day vulnerability in Cloudflare’s Web Application Firewall (WAF) allowed attackers to bypass security controls and directly access protected origin servers through a certificate validation path. Security researchers from FearsOff discovered that requests targeting the /.well-known/acme-challenge/ directory could reach…
New Spear-Phishing Attack Abusing Google Ads to Deliver EndRAT Malware
A new spear-phishing campaign known as Operation Poseidon has emerged, exploiting Google’s advertising infrastructure to distribute EndRAT malware while evading traditional security measures. he attack leverages legitimate ad click tracking domains to disguise malicious URLs, making them appear as trustworthy…
Free Converter Apps that Convert your Clean System to Infected in Seconds
Malicious file converter applications distributed through deceptive advertisements are infecting thousands of systems with persistent remote access trojans (RATs). These seemingly legitimate productivity tools perform their advertised functions while secretly installing backdoors that give attackers continuous access to victim computers.…
5 Malicious Chrome Extensions Attacking Enterprise HR and ERP Platforms for Complete Takeover
Five coordinated malicious Chrome extensions have emerged as a sophisticated threat to enterprise security, targeting widely-used human resources and financial platforms used by thousands of organizations worldwide. These extensions operate in concert to steal authentication tokens, disable security controls, and…
CIRO Confirms Data Breach – 750,000 Canadian Investors Have been Impacted
Approximately 750,000 Canadian investors were affected by a sophisticated phishing attack first disclosed in August 2025. The self-regulatory organization announced the full extent of the breach on January 14, 2026. After completing a comprehensive forensic investigation spanning over 9,000 hours…
Livewire Filemanager Vulnerability Exposes Web Applications to RCE Attacks
A significant security vulnerability has been discovered in Livewire Filemanager, a widely used file management component embedded in Laravel web applications. Tracked as CVE-2025-14894 and assigned vulnerability note VU#650657, the flaw enables unauthenticated attackers to execute arbitrary code on vulnerable…
Ukraine Police Exposed Russian Hacker Group Specializes in Ransomware Attack
Ukrainian and German law enforcement have disrupted a Russian‑affiliated hacker group that has been carrying out high‑impact ransomware attacks against organizations worldwide, causing losses estimated in the hundreds of millions of euros. According to Ukraine’s Cyber Police and the Main…
Researchers Gained Access to Hacker Domain Server Using Name Server Delegation
A recent investigation into a deceptive push-notification network shows how a simple DNS mistake can open a window into criminal infrastructure. The campaign abused browser notifications to flood Android users with fake security alerts, gambling lures, and adult offers. Random-looking…
PDFSIDER Malware Actively Used by Threat Actors to Bypass Antivirus and EDR Systems
PDFSIDER is a newly exposed backdoor that gives attackers long term control of Windows systems while slipping past many antivirus and endpoint detection and response tools. It uses trusted software and strong encryption to hide its presence, letting intruders run…
CrashFix – Hackers Using Malicious Extensions to Display Fake Browser Warnings
Cybersecurity researchers have discovered a sophisticated malware campaign using an unusual but effective tactic: deliberately crashing users’ browsers. The threat, named CrashFix, operates through a malicious Chrome extension disguised as the legitimate ad blocker NexShield. When users search for privacy…