Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Security researchers have uncovered a critical vulnerability in Laravel applications where exposed APP_KEY credentials are being actively exploited to achieve remote code execution (RCE) on hundreds of production systems. This widespread security flaw stems from Laravel’s automatic deserialization of decrypted…

Read more →

Microsoft has released Windows 11 Build 26100.4762 (KB5062660) to Insiders in the Release Preview Channel, introducing a redesigned restart interface that displays on a black background – a significant departure from traditional system recovery screens. This update brings substantial changes to user…

Read more →

Palo Alto Networks has disclosed a significant security vulnerability in its Autonomous Digital Experience Manager software that could allow attackers to gain root-level access on macOS systems.  The vulnerability, tracked as CVE-2025-0139, affects versions 5.6.0 through 5.6.6 of the software…

Read more →

The team at ANY.RUN recently reviewed a powerful Android packer called Ducex, which is linked to the infamous Triada malware, and criticized it for its sophisticated obfuscation methods. First identified within a fake Telegram app, Ducex serves as a protective…

Read more →

A Russian blockchain engineer lost over $500,000 in cryptocurrency holdings in June 2025 after being the victim of a carefully planned cyberattack, serving as a terrifying reminder of the perils that might exist in open-source ecosystems. The attack, investigated by…

Read more →

The Office of Foreign Assets Control (OFAC) of the U.S. Department of the Treasury has taken a strong stance against cyber-enabled financial schemes that support North Korea’s illicit weapons programs by imposing sanctions on Song Kum Hyok, a malevolent cyber…

Read more →

SafePay ransomware has become one of the most active and destructive threat actors in Q1 2025, a shocking development in the cybersecurity scene. According to the Acronis Threat Research Unit (TRU), SafePay has aggressively targeted over 200 victims worldwide, including…

Read more →

Schneider Electric, a global leader in industrial technology and sustainability, has issued a critical security notification revealing multiple vulnerabilities in its EcoStruxure IT Data Center Expert (DCE) software, a scalable monitoring solution for data center equipment. Released on July 8,…

Read more →

Identity-driven assaults have increased by a shocking 156% between 2023 and 2025, making up 59% of all confirmed threat instances in Q1 2025, according to data conducted by eSentire’s Threat Response Unit (TRU). This dramatic shift from traditional asset-focused exploits…

Read more →

CYFIRMA has discovered a sophisticated cyberattack campaign in which threat actors are using GitHub to host and disseminate malware masquerading as genuine software. Masquerading as “Free VPN for PC” and “Minecraft Skin Changer,” these malicious payloads are designed to trick…

Read more →

Cary, North Carolina, July 10th, 2025, CyberNewsWire Industry’s Most Comprehensive Mobile Application Penetration Testing Program Addresses Real-World Mobile Security Challenges. INE Security, a leading provider of cybersecurity education and cybersecurity certifications, today launched its significantly enhanced eMAPT (Mobile Application Penetration…

Read more →

Security researchers have identified a critical vulnerability in ServiceNow’s widely-used enterprise platform that could enable attackers to extract sensitive data including personally identifiable information (PII), credentials, and financial records. The flaw, dubbed “Count(er) Strike” by Varonis Threat Labs, affects ServiceNow…

Read more →

UK law enforcement authorities have made significant progress in their investigation into cyber attacks targeting some of Britain’s most prominent retailers, with four individuals now in custody following coordinated arrests across the West Midlands and London. The National Crime Agency…

Read more →

Security researchers have disclosed a critical set of Bluetooth vulnerabilities dubbed “PerfektBlue” that affect millions of vehicles and other devices using OpenSynergy’s BlueSDK framework. The vulnerabilities can be chained together to achieve remote code execution (RCE) with minimal user interaction,…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security advisory warning that multiple vulnerabilities in Emerson ValveLink Products could allow attackers to access sensitive system information and execute unauthorized code. The alert, designated ICSA-25-189-01 and released on…

Read more →

The Rhadamanthys Stealer, a highly modular information-stealing virus that was first discovered in 2022, has made a comeback with a clever and dishonest delivery method called ClickFix Captcha. This is a terrifying development for cybersecurity experts. This technique disguises malicious…

Read more →

Brave has taken a significant step toward empowering privacy-conscious Android users by making its browser fully available through its own F-Droid repository, providing an alternative distribution method that bypasses Google Play Store entirely. According to the recent report, this strategic…

Read more →

Now, many global cryptocurrency investors view Bitcoin as a financial product for long-term investment rather than a simple speculative product. At the same time, the continued rise in Bitcoin prices reflects the shift in market sentiment and the recent important…

Read more →

GitLab has released critical security patches addressing four vulnerabilities, including a high-severity cross-site scripting flaw that could enable attackers to execute malicious actions on behalf of users through content injection. The company has issued patch releases 18.1.2, 18.0.4, and 17.11.6…

Read more →

Multiple critical vulnerabilities discovered in Ruckus Wireless management products pose severe security risks to enterprise networks, with issues ranging from authentication bypass to remote code execution that could lead to complete system compromise. The vulnerabilities affect Virtual SmartZone (vSZ) and…

Read more →

The Qilin group emerged as the leading player in the ransomware ecosystem, which saw a notable rise in activity during June 2025 in a startling escalation of cyber dangers. According to the latest Deep Web and Dark Web trend report,…

Read more →

The AhnLab Security Intelligence Center (ASEC) has confirmed that unpatched GeoServer instances are still facing relentless attacks by threat actors exploiting a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2024-36401. GeoServer, an open-source Geographic Information System (GIS) server developed…

Read more →

Security researchers have successfully demonstrated a sophisticated method to bypass ChatGPT’s protective guardrails, tricking the AI into revealing legitimate Windows product keys through what appears to be a harmless guessing game. This discovery highlights critical vulnerabilities in AI safety mechanisms…

Read more →

A newly discovered man-in-the-middle exploit dubbed “Opossum” has demonstrated the unsettling ability to compromise secure communications over Transport Layer Security (TLS) by injecting unauthorized messages into an active session. Researchers warn that Opossum targets a wide range of widely used…

Read more →

GreyNoise has discovered an undiscovered version of a scraper botnet with more than 3,600 distinct IP addresses worldwide, which is a major cybersecurity development. This botnet, first observed on April 19, 2025, exhibits a distinct behavioral footprint that makes it…

Read more →

Security researchers revealed the dangers of GitHub Device Code Phishing—a technique that leverages the OAuth 2.0 Device Authorization Grant flow. This method can turn a simple eight-digit code and a phone call into a full compromise of an organization’s GitHub…

Read more →

A shocking security vulnerability in McDonald’s AI-powered hiring system has exposed the personal information of millions of job applicants, after security researchers discovered they could access the entire database using the laughably weak password “123456.” The breach affects McHire.com, McDonald’s…

Read more →

The JFrog Security Research team has discovered a critical security vulnerability in mcp-remote, a widely used tool that enables Large Language Model clients to communicate with remote servers, potentially allowing attackers to achieve full system compromise through remote code execution.…

Read more →

A sophisticated supply chain attack targeting cryptocurrency developers through the compromise of ETHcode, a legitimate Visual Studio Code extension with nearly 6,000 installations. The attack, executed through a malicious GitHub pull request, demonstrates how threat actors can weaponize trusted development…

Read more →

A sophisticated Trojan malware campaign has been targeting mobile device users across iOS and Android platforms since February 2024, with cybersecurity researchers identifying a significant escalation in photo theft capabilities that poses particular risks to cryptocurrency users and individuals storing…

Read more →

Microsoft has released critical security updates addressing a severe remote code execution vulnerability that could allow attackers to execute malicious code across networks without user interaction. The vulnerability, tracked as CVE-2025-47981, affects Windows client machines running Windows 10 version 1607…

Read more →

A new Android vulnerability called TapTrap that allows malicious apps to bypass the operating system’s permission system without requiring any special permissions themselves. The attack exploits activity transition animations—a core feature of Android’s user interface—to trick users into unknowingly granting…

Read more →

A sophisticated threat network called “Triad Nexus,” which operates through the FUNNULL content delivery network (CDN) to hide malicious infrastructure within major Western cloud providers including Amazon and Microsoft. The operation, led by sanctioned individual Lizhi Liu, has facilitated over…

Read more →

Google has announced the expansion of its Advanced Protection Program to Chrome on Android, providing enhanced security features specifically designed for high-risk users including journalists, elected officials, and public figures. The new device-level security setting, available on Android 16 with…

Read more →

A sophisticated new distribution method for XwormRAT malware that leverages steganography techniques to hide malicious code within legitimate files. This discovery highlights the evolving tactics of cybercriminals who are increasingly using advanced obfuscation methods to bypass security detection systems and…

Read more →

A critical security vulnerability in Microsoft 365’s PDF export functionality has been discovered and subsequently patched, highlighting significant risks to sensitive enterprise data. The vulnerability, which earned its discoverer a $3,000 bounty from Microsoft’s Security Response Center (MSRC), exposed a…

Read more →

A sophisticated campaign by an initial access broker (IAB) group exploiting leaked Machine Keys from ASP.NET websites to gain unauthorized access to targeted organizations. The threat group, tracked as TGR-CRI-0045, has been active since October 2024 with a significant surge…

Read more →

Microsoft has disclosed a significant security vulnerability in Windows BitLocker that allows attackers to bypass critical security protections through a physical attack vector. The vulnerability, designated as CVE-2025-48818, was officially released on July 8, 2025, and affects the disk encryption…

Read more →

A sophisticated new campaign involving the Anatsa Android banking trojan, marking its third major offensive against mobile banking customers in the United States and Canada. This latest operation demonstrates the malware’s evolving threat landscape and its operators’ persistent focus on…

Read more →

Splunk has published a critical security advisory revealing that its Security Orchestration, Automation and Response (SOAR) platform was shipping vulnerable versions of more than a dozen popular open-source packages—some with publicly available exploits. Advisory SVD-2025-0712 confirms that Splunk SOAR versions…

Read more →

Splunk has released critical security updates for its Enterprise platform, addressing multiple vulnerabilities in bundled third-party packages across several product versions. The company issued Advisory SVD-2025-0710 on July 7, 2025, urging immediate updates to protect against various security exposures ranging…

Read more →

A critical security vulnerability has been discovered in Fortinet’s FortiWeb web application firewall that allows unauthenticated attackers to execute malicious SQL commands through the device’s graphical user interface. The flaw, designated as CVE-2025-25257, poses significant risks to organizations relying on FortiWeb…

Read more →

A critical security vulnerability has been discovered in Citrix’s Windows Virtual Delivery Agent that could allow attackers with low-level system access to escalate their privileges to SYSTEM level, potentially granting them complete control over affected systems. The vulnerability, tracked as…

Read more →

Security researchers have uncovered two significant vulnerabilities in Zoom Clients for Windows, exposing users to potential Denial of Service (DoS) attacks. The flaws, identified as classic buffer overflow vulnerabilities, could allow an authorized user to disrupt Zoom services via network…

Read more →

A chilling discovery by Koi Security has exposed a sophisticated browser hijacking campaign dubbed “RedDirection,” compromising over 1.7 million users through 11 Google-verified Chrome extensions. This operation, which also spans Microsoft Edge with additional extensions totaling 2.3 million infections across…

Read more →

A recent in-depth analysis by threat intelligence experts sheds critical light on the pervasive issue of outdated and unreliable data circulating on the dark web. The report, spanning a comprehensive 26-minute read, delves into the world of combolists text files…

Read more →

A China-Nexus Threat Actor has launched a highly advanced assault against China Mobile Tietong Co., Ltd., a division of China Mobile, one of the biggest telecom behemoths in the nation, in a compelling illustration of state-aligned cyberwarfare. Named “DragonClone” by…

Read more →

Monero (XMR), a cryptocurrency, saw a spectacular surge in early 2025, rising 45% from $196 to $285 by May, with a notable peak in April. This surge coincided with a high-profile Bitcoin theft in the US, where the stolen assets…

Read more →

Arctic Wolf has uncovered a cunning cybersecurity threat that exploits search engine optimization (SEO) poisoning and malvertising tactics to distribute Trojanized versions of widely used IT tools such as PuTTY and WinSCP. This campaign cunningly targets IT professionals and system…

Read more →

A newly identified ransomware group, BERT, tracked by Trend Micro as Water Pombero, has emerged as a significant threat to organizations across Asia, Europe, and the US. First observed in April, BERT targets critical sectors such as healthcare, technology, and…

Read more →

Check Point Research has revealed important details about the phishing domain patterns and advanced attack techniques of the infamous Scattered Spider organization, which has brought a new wave of cyberthreats under close investigation. Known for their aggressive social engineering tactics,…

Read more →

Cyble Research and Intelligence Labs (CRIL) recently discovered a very advanced phishing campaign that used the LogoKit phishing kit, which was initially discovered in 2021, to pose as reliable organizations such as Hungary’s Computer Emergency Response Team (HunCERT). This ongoing…

Read more →

The Cybereason Global Security Operations Center (GSOC) has uncovered a sophisticated campaign by threat actors who are exploiting compromised WordPress websites to distribute malicious versions of the legitimate NetSupport Manager Remote Access Tool (RAT). This campaign, detailed in a recent…

Read more →

Microsoft released its July 2025 Patch Tuesday security updates on July 8, 2025, addressing 130 vulnerabilities across its software ecosystem, including one publicly disclosed zero-day vulnerability and numerous critical security flaws that pose significant risks to organizations worldwide. The July…

Read more →

Ivanti has released critical security updates for its Connect Secure and Policy Secure products, addressing six medium-severity vulnerabilities that could potentially lead to denial-of-service attacks and unauthorized access. The cybersecurity firm announced today that while no customers have been exploited…

Read more →

Fortinet has disclosed a critical security vulnerability in FortiOS that could allow authenticated attackers to execute arbitrary code through a heap-based buffer overflow in the cw_stad daemon, affecting multiple versions of the popular network security operating system. Critical Security Flaw…

Read more →

MediaTek has released a comprehensive security bulletin addressing 16 critical vulnerabilities across its extensive chipset portfolio, including smartphone, tablet, AIoT, smart display, smart platform, OTT, computer vision, audio, and TV chipsets. The July 2025 security update reveals seven high-severity and nine medium-severity…

Read more →

Security researchers have released proof-of-concept exploits for CVE-2025-5777, a critical vulnerability in Citrix NetScaler ADC and Gateway devices dubbed “CitrixBleed2.” The flaw allows unauthenticated attackers to extract sensitive data from device memory, including session tokens that can be used to bypass…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a critical path traversal vulnerability in Ruby on Rails, designated as CVE-2019-5418. The agency added this five-year-old security flaw to its Known Exploited…

Read more →

The Atomic macOS Stealer (AMOS), a notorious piece of info-stealing malware targeting Apple users, has undergone a significant update, introducing an embedded backdoor for the first time. This development, reported by Moonlock a cybersecurity division of MacPaw marks a critical…

Read more →

SAP released critical security updates on July 8, 2025, addressing 27 vulnerabilities across its enterprise software portfolio, with seven classified as critical-severity flaws. The monthly Security Patch Day also included three updates to previously released security notes, underscoring the ongoing…

Read more →

Security researchers have discovered a critical vulnerability in DNN (formerly DotNetNuke), one of the oldest open-source content management systems, that allows attackers to steal NTLM credentials through a sophisticated Unicode normalization bypass technique. The vulnerability, tracked as CVE-2025-52488, affects the…

Read more →

FortiGuard Labs has discovered a current campaign that targets Microsoft Windows users with the NordDragonScan infostealer, which is a worrying trend for cybersecurity. This high-severity threat leverages a complex infection chain to infiltrate systems, harvest sensitive data, and exfiltrate it…

Read more →

A critical vulnerability has been discovered in Apple’s macOS SMBClient, exposing millions of users to the risk of remote code execution (RCE) and potentially catastrophic kernel crashes. Tracked as CVE-2025-24269, this flaw is rated with a CVSS score of 9.8, marking it…

Read more →

 The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding the active exploitation of a long-standing vulnerability in PHPMailer, a widely used open-source email-sending library for PHP applications. The flaw, tracked as CVE-2016-10033, poses a significant threat to…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding an actively exploited vulnerability in Synacor’s Zimbra Collaboration Suite (ZCS), urging organizations to take immediate action to mitigate the threat. The flaw, tracked as CVE-2019-9621, is a…

Read more →

A recent security analysis has uncovered critical vulnerabilities in the infotainment systems of KIA vehicles, raising alarm across the automotive cybersecurity community. These flaws allow attackers to inject and execute malicious code through specially crafted PNG image files, potentially compromising vehicle safety…

Read more →

Dr.Web Security Space for mobile devices reported that malware activity on Android devices increased significantly in the second quarter of 2025. Adware trojans, particularly from the Android.HiddenAds family, remained the most prevalent threat, despite an 8.62% decrease in user encounters.…

Read more →

The Parrot Security team has released Parrot Security OS 6.4, a robust update featuring community-driven enhancements and contributions. As the probable final chapter of the 6.x series, this release refines the security-focused OS and sets the stage for the upcoming…

Read more →

Cybercriminals continue to use kernel-level malware as a preferred weapon against Windows systems amid a terrifying increase in cyberthreats. Operating at ring 0 the highest privilege level in the operating system such malware grants attackers unparalleled access to disable security…

Read more →

“Slopsquatting” is a new supply-chain danger that has surfaced in the quickly changing field of AI-driven software development, presenting serious hazards to developers who depend on sophisticated coding agents. Unlike traditional typosquatting, which capitalizes on human typing errors, slopsquatting exploits…

Read more →

ESET researchers have uncovered a series of malicious tools deployed by BladedFeline, an Iran-aligned advanced persistent threat (APT) group, targeting Kurdish and Iraqi government officials. Active since at least 2017, BladedFeline has been linked with medium confidence to the notorious…

Read more →

Batavia, an unidentified spyware, has been using a sophisticated phishing operation to target Russian industrial organizations since July 2024. Kaspersky researchers have identified a sharp rise in detections since early March 2025, with over 100 users across dozens of organizations…

Read more →

Taiwan’s National Security Bureau (NSB) has issued a stark warning about cybersecurity risks associated with several widely used China-developed mobile applications, including Rednote, Weibo, TikTok, WeChat, and Baidu Cloud. Following an in-depth investigation conducted in collaboration with the Ministry of…

Read more →

Online customers around the world are getting ready for huge discounts and unique offers as July 8, the much-anticipated Amazon Prime Day 2025, draws near. However, this global shopping event has also become a prime target for cybercriminals, with over…

Read more →

The AiLock ransomware organization, which Zscaler first discovered in March 2025, has become a powerful force in the ransomware-as-a-service (RaaS) market, which is a frightening trend for cybersecurity professionals. This malicious entity operates with a sophisticated structure, leveraging both a…

Read more →

The dark web forum DarkForums, which has been a site for data breaches and leaks since BreachForums was shut down in mid-April, was the scene of two major leaks in late May involving Chinese cybersecurity organizations: VenusTech, a well-known IT…

Read more →

The Socket Threat Research Team recently discovered a troubling network of malicious Firefox browser extensions that pose serious threats to user security and privacy. Initially focusing on a single extension, “Shell Shockers,” which redirected users to tech support scam sites,…

Read more →

The advanced attack campaigns of a top Advanced Persistent Threat (APT) group known as “NightEagle,” internally coded as APT-Q-95, were revealed by top cybersecurity company Qian Pangu in a ground-breaking revelation at the 2025 Malaysia National Cyber Defense and Security…

Read more →

CYFIRMA has uncovered a highly sophisticated cyber-espionage campaign orchestrated by APT36, also known as Transparent Tribe, a Pakistan-based threat actor with a notorious history of targeting Indian defense and government sectors. This latest operation marks a significant shift in tactics,…

Read more →

Ingram Micro Holding Corporation (NYSE: INGM), a global leader in technology distribution and supply chain solutions, has confirmed that it recently experienced a ransomware attack targeting certain internal systems. The company issued a statement today addressing the ongoing system outage…

Read more →

A sophisticated phishing campaign targeting UK residents has been active since late May 2025, with a significant surge in activity during the second half of June. This malicious operation impersonates the Department for Work and Pensions (DWP), a key UK…

Read more →

In an era marked by a persistent cost-of-living crisis and economic uncertainty, many individuals are seeking side hustles or better-paying jobs to make ends meet. However, threat actors are exploiting this desperation with sophisticated employment scams, netting over $264 million…

Read more →

Security researchers have uncovered a series of critical vulnerabilities in Comodo Internet Security 2025, exposing users to remote code execution (RCE) attacks that could grant threat actors SYSTEM-level privileges. These flaws affect Comodo Internet Security Premium version 12.3.4.8162 and potentially…

Read more →

The XWorm Remote Access Trojan (RAT), a longstanding favorite among cybercriminals, has recently showcased a significant evolution in its attack methodology, employing an array of sophisticated stagers and loaders to evade detection and infiltrate systems. Known for its comprehensive malicious…

Read more →

A new and alarming Android malware family, dubbed Qwizzserial, has emerged as a significant threat, particularly targeting users in Uzbekistan. Discovered by Group-IB in March 2024, this SMS stealer is designed to intercept two-factor authentication (2FA) codes and steal sensitive…

Read more →

Microsoft has announced a significant change for Windows 11 users: the removal of Windows PowerShell 2.0, a legacy scripting platform, from upcoming builds. This move, first revealed in the Windows 11 Insider Preview Build 27891 released to the Canary Channel,…

Read more →

Elastic Security Labs has uncovered multiple campaigns leveraging SHELLTER, a commercial AV/EDR evasion framework originally designed for offensive security evaluations by red teams. Since late April 2025, threat actors have been using what appears to be Shellter Elite v11.0, released…

Read more →

Microsoft has announced a significant update to the Windows Update experience, introducing a smarter and more responsive interface designed to keep users better informed about their device’s security status. This latest update, available for Windows 11 version 21H2 and Windows…

Read more →

A new tool named RingReaper is raising eyebrows among defenders and red teamers alike. By leveraging the legitimate, high-performance Linux kernel feature known as io_uring, RingReaper demonstrates how advanced attackers can sidestep even modern Endpoint Detection and Response (EDR) systems.…

Read more →

A newly highlighted vulnerability in the Linux boot process exposes a critical weakness in the security posture of many modern distributions. Despite widespread adoption of Secure Boot, full-disk encryption, and bootloader passwords, attackers can still bypass these defenses by exploiting…

Read more →

Two critical vulnerabilities have been discovered in ScriptCase, a popular low-code PHP web application generator, which puts thousands of servers at risk of remote code execution and complete compromise. The flaws, tracked as CVE-2025-47227 and CVE-2025-47228, affect the Production Environment module (also known…

Read more →

Security researchers disclosed a critical local privilege escalation (LPE) vulnerability affecting Fedora, SUSE, and other major Linux distributions. The flaw, tracked as CVE-2025-6019, resides in the interaction between the udisksd daemon and its backend library, libblockdev. A proof-of-concept (PoC) exploit has been released, demonstrating…

Read more →

A newly published proof-of-concept (PoC) for the critical CitrixBleed 2 vulnerability (CVE-2025-5777) has sent shockwaves through the cybersecurity community, with experts warning of imminent mass exploitation risks for organizations using Citrix NetScaler ADC and Gateway devices. The Vulnerability: CitrixBleed 2…

Read more →

A new wave of cyberattacks is targeting WordPress websites through malicious SEO plugins that can lead to complete site takeover. Security analysts have uncovered sophisticated malware campaigns where attackers disguise their plugins to blend seamlessly with legitimate site components, making…

Read more →

Instagram has begun rotating its TLS certificates on a daily basis, with each certificate valid for just over a week. This approach, which goes far beyond current industry standards, was discovered during routine network debugging and has since been confirmed…

Read more →

A newly disclosed vulnerability, CVE-2025-46647, has been identified in the openid-connect plugin of Apache APISIX, a widely used open-source API gateway. This flaw, rated as important, could allow attackers to gain unauthorized access across different identity issuers under specific misconfigurations. The vulnerability…

Read more →

Every security practitioner knows that employees are the weakest link in an organization, butthis is no longer the case. SquareX’s research reveals that Browser AI Agents are more likely tofall prey to cyberattacks than employees, making them the new weakest…

Read more →

Scattered Spider, also tracked under aliases such as UNC3944, Scatter Swine, and Muddled Libra, has emerged as a formidable financially motivated cybercriminal group since at least May 2022. Initially known for targeting telecommunications and tech firms with phishing and SIM-swapping…

Read more →

Cybercriminals are increasingly weaponizing legitimate software installer frameworks like Inno Setup to distribute malware, turning user-friendly tools into covert vehicles for malicious payloads. Originally designed to simplify software deployment on Windows, Inno Setup has become a favored tool among threat…

Read more →