Google has announced that Gmail will discontinue support for two key features regarding third-party email accounts. Starting in January 2026, the platform will drop support for “Gmailify” and the widely utilized “Check mail from other accounts” feature via POP3 fetching.…
Category: Cyber Security News
Kimwolf Botnet Hacked 2 Million Devices and Turned User’s Internet Connection as Proxy Node
A dangerous new malware called Kimwolf has quietly infected over 2 million devices around the world, forcing them to act as illegal proxy servers without the owners knowing. The botnet has grown at an alarming speed and is currently being…
Threat Actor Exploited Multiple FortiWeb Appliances to Deploy Sliver C2 for Persistent Access
Recent findings indicate that a sophisticated threat actor is actively exploiting multiple outdated FortiWeb appliances to deploy the Sliver Command and Control (C2) framework. This campaign highlights a concerning trend where adversaries leverage open-source offensive tools to maintain persistent access…
Threat Group ‘Crimson Collective’ Allegedly Claim Breach of Largest Fiber Broadband Brightspeed
Brightspeed, one of America’s leading fiber broadband infrastructure providers, has become the latest victim of a significant cyberattack. The threat group known as Crimson Collective has publicly claimed responsibility for breaching the company’s systems and obtaining sensitive data. Brightspeed operates…
Critical GNU Wget2 Vulnerability Let Remote Attackers to Overwrite Sensitive Files
A critical security vulnerability has been discovered in GNU Wget2, a widely used command-line tool for downloading files from the web. `The flaw, tracked as CVE-2025-69194, allows remote attackers to overwrite arbitrary files on a victim’s system, potentially leading to…
Eaton Vulnerabilities Let Attackers Execute Arbitrary Code On the Host System
A critical security advisory addressing multiple vulnerabilities discovered in the Eaton UPS Companion (EUC) software. These security flaws, if exploited, could allow attackers to execute arbitrary code on the host system, potentially giving them complete control over affected devices. The…
GHOSTCREW – AI-based Red Team Toolkit for Penetration Testing Invoking Metasploit, Nmap and Other Tools
GHOSTCREW emerges as a game-changing open-source toolkit for red teamers and penetration testers. This AI-powered assistant leverages large language models, integrates the MCP protocol, and supports the optional RAG architecture to orchestrate security tools via natural-language prompts. Developed by GH05TCREW,…
Threat Actor Allegedly Claim Leak of NordVPN Salesforce Database with Source Codes
A threat actor operating under the identifier 1011 has publicly claimed to have obtained and leaked sensitive data from NordVPN’s development infrastructure on a dark web forum. The breach reportedly exposes over ten database source codes, along with critical authentication…
Multiple Vulnerabilities in QNAP Tools Let Attackers Obtain Secret Data
QNAP has patched multiple security vulnerabilities in its License Center application that could allow attackers to access sensitive information or disrupt services on affected NAS devices. The issues, tracked as CVE-2025-52871 and CVE-2025-53597, were disclosed on January 3, 2026. QNAP rated the flaws as Moderate severity and confirmed that the issues have…
Hackers Trapped in Resecurity’s Honeypot During Targeted Attack on Employee Network
Resecurity deploys synthetic data honeypots to outsmart threat actors, turning reconnaissance into actionable intelligence. A recent operation not only trapped an Egyptian-linked hacker but also duped the ShinyHunters group into false breach claims. Resecurity has refined deception technologies for counterintelligence,…
VVS Stealer Uses PyArmor Obfuscation to Evade Static Analysis and Signature Detection
The cybersecurity landscape is witnessing a rise in sophisticated malware that leverages legitimate tools to mask malicious intent. A prime example is VVS Stealer (also styled VVS $tealer). This Python-based malware family has been actively marketed on Telegram since April…
Finland Arrests Two Cargo Ship Crew Members Over Undersea Cable Damage
Finnish authorities have detained all 14 crew members of a cargo vessel suspected of deliberately damaging an undersea telecommunications cable connecting Helsinki to Estonia. The ship, named Fitburg, was sailing from St. Petersburg, Russia, to Haifa, Israel, under a St.…
Infostealers Enable Attackers to Hijack Legitimate Business Infrastructure for Malware Hosting
A dangerous cybercrime feedback loop has emerged where stolen credentials from infostealer malware enable attackers to hijack legitimate business websites and turn them into malware distribution platforms. Recent research by the Hudson Rock Threat Intelligence Team reveals this self-sustaining cycle…
Hackers Abusing Google Tasks Notification for Sophisticated Phishing Attack
Hackers have launched a sophisticated phishing campaign exploiting Google Tasks notifications to target over 3,000 organizations worldwide, primarily in the manufacturing sector. The December 2025 attacks signal a dangerous shift in email-based threats, in which attackers abuse legitimate Google infrastructure…
Handala Hackers Targeted Israeli Officials by Compromising Telegram Accounts
In December 2025, the Iranian-linked hacking group Handala claimed to have fully compromised the mobile devices of two prominent Israeli political figures. However, detailed analysis by Kela cyber intelligence researchers revealed a more limited scope—the breaches targeted Telegram accounts specifically,…
10,000+ Fortinet Firewalls Still Exposed to 5-year Old MFA Bypass Vulnerability
Over 10,000 Fortinet firewalls worldwide remain vulnerable to CVE-2020-12812, a multi-factor authentication (MFA) bypass flaw disclosed over five and a half years ago. Shadowserver recently added the issue to its daily Vulnerable HTTP Report, highlighting persistent exposure amid active exploitation…
Potential Wallet Phishing Campaign Targets Cardano Users via ‘Eternl Desktop’ Announcement
A sophisticated phishing campaign is currently circulating within the Cardano community, posing significant risks to users seeking to download the newly announced Eternl Desktop application. The attack leverages a professionally crafted email claiming to promote a legitimate wallet solution designed…
RondoDoX Botnet Weaponizing a Critical React2Shell Vulnerability to Deploy Malware
A sophisticated threat group has intensified its campaign against organizations by leveraging the latest vulnerabilities in web applications and Internet of Things (IoT) devices. The RondoDoX botnet, tracked through exposed command-and-control logs spanning nine months from March to December 2025,…
CISA Warns of WHILL Model C2 Wheelchairs Vulnerability Let Attackers Take Control of Product
A critical security advisory warned of severe vulnerabilities in WHILL electric wheelchairs that could allow attackers to hijack the devices via Bluetooth remotely. The alert affects two popular models used worldwide: the WHILL Model C2 Electric Wheelchair and Model F…
Cognizant Hit With Multiple US Class-Action Lawsuits Following TriZetto Data Breach
Cognizant Technology Solutions is facing multiple class-action lawsuits following a significant data breach at TriZetto Provider Solutions (TPS), its healthcare claims processing subsidiary. The lawsuits, filed in federal courts in New Jersey and Missouri, allege that the company failed to…