Cybersecurity professionals across East and Southeast Asia are facing a sophisticated new threat as China-linked attackers deploy a weaponized MSI installer disguised as a legitimate WhatsApp setup package. This malicious campaign represents a significant escalation in social engineering tactics, leveraging…
Tag: Cyber Security News
Mocha Manakin Using Paste and Run Technique to Trick Users Into Downloading Malicious Payloads
A sophisticated new threat actor known as Mocha Manakin has emerged in the cybersecurity landscape, employing an increasingly popular social engineering technique called “paste and run” to deceive users into executing malicious scripts on their systems. This deceptive method has…
Record Breaking 7.3 Tbps DDoS Attack Blasting 37.4 Terabytes in Just 45 Seconds
The largest distributed denial-of-service (DDoS) attack ever documented was successfully stopped by Cloudflare in mid-May 2025, with attackers unleashing a devastating 7.3 terabits per second (Tbps) attack that delivered 37.4 terabytes of malicious traffic in just 45 seconds. This unprecedented…
Threat Actors Poisoning Google Search Results to Display The Scammer’s Phone Number Instead of Real Number
In a concerning development for internet users, cybercriminals have devised a sophisticated new technique to manipulate Google search results, effectively poisoning them to display fraudulent contact information. Unlike traditional phishing schemes that rely on fake websites, this novel approach leverages…
Hackers Exploit ComfyUI 700+ AI Image Generation Servers to Deploy Malware
A sophisticated malware campaign targeting ComfyUI, a popular AI image generation framework, has successfully compromised at least 695 servers worldwide, security researchers have discovered. The attack represents a significant escalation in threats against AI infrastructure, exploiting vulnerabilities in ComfyUI to…
Threat Actors Leverage Hosting Platform Vercel to Deliver Remote Access Malware
Cybercriminals have discovered a sophisticated new method to distribute malicious remote access tools by exploiting Vercel, a legitimate frontend hosting platform, to host convincing phishing pages that deliver weaponized versions of LogMeIn software. This emerging threat demonstrates how attackers increasingly…
Insomnia API Client Vulnerability Arbitrary Code Execution via Template Injection
A severe security vulnerability has been discovered in the widely-used Insomnia API Client that allows attackers to execute arbitrary code through malicious template injection. The vulnerability, tracked as CVE-2025-1087 and assigned a critical CVSS score of 9.3, affects the popular…
ClamAV 1.4.3 and 1.0.9 Released With Fix for Vulnerabilities that Enable Remote Code Execution
Multiple high-severity vulnerabilities, including a dangerous buffer overflow capable of remote code execution, have been fixed in critical security updates released by the ClamAV team for versions 1.4.3 and 1.0.9. These patch releases target several security issues that affect all…
New TxTag Phishing Attack Leverages .gov Domain to Trick Employees
A sophisticated phishing campaign targeting employees with fake toll payment notices has been identified, combining government domain spoofing with social engineering tactics. The attackers craft messages claiming to be from TxTag, warning recipients that their accounts face suspension unless outstanding…
PowerShell Loaders With In-Memory Execution Techniques To Evade Disk-Based Detection
Cybersecurity researchers have uncovered a sophisticated PowerShell-based attack campaign that leverages advanced in-memory execution techniques to bypass traditional disk-based security controls. The malicious infrastructure spans across Chinese, Russian, and global hosting providers, demonstrating the international scope of modern cyber threats.…
Hackers Exploit Atlassian’s Model Context Protocol by Submitting a Malicious Support Ticket
A sophisticated attack vector targeting Atlassian’s Model Context Protocol (MCP) that allows external threat actors to gain privileged access to internal systems through malicious support tickets. The attack, dubbed “Living off AI,” exploits the trust boundary between external users submitting…
Apache SeaTunnel Vulnerability Allows Unauthorized Users to Perform Deserialization Attack
Apache SeaTunnel, the widely used distributed data integration platform, has disclosed a significant security vulnerability that enables unauthorized users to execute arbitrary file read operations and deserialization attacks through its RESTful API interface. The vulnerability, tracked as CVE-2025-32896 and reported…
AntiDot – 3-in-1 Android Malware Let Attackers Full Control of Compromised Devices
A sophisticated new Android botnet malware called AntiDot has emerged as a significant threat to mobile device security, offering cybercriminals unprecedented control over infected devices. This malicious software operates as part of a Malware-as-a-Service (MaaS) model, marketed by threat actor…
Massive 16 Billion Passwords From Apple, Facebook, Google and More Leaked From 320 Million Computers
A new report has uncovered a staggering 16 billion login credentials from major platforms, including Apple, Facebook, Google, GitHub, Telegram, and government services. The massive leak, discovered through 30 separate datasets, represents an unprecedented threat to global cybersecurity and digital…
IBM QRadar SIEM Vulnerabilities Allows Attackers to Execute Arbitrary Commands
Multiple high-severity vulnerabilities in IBM QRadar SIEM could allow attackers to execute arbitrary commands and access sensitive data. The most critical flaw, tracked as CVE-2025-33117, carries a CVSS score of 9.1 and enables privileged users to upload malicious files that…
GodFather Android Malware Leverages On-Device Virtualization Technique to Hijack Legitimate Banking Apps
A sophisticated evolution of the GodFather banking malware has emerged, introducing a groundbreaking attack methodology that exploits on-device virtualization to compromise legitimate mobile applications. This advanced threat represents a significant departure from traditional overlay attacks, creating complete isolated virtual environments…
Tesla Wall Connector Charger Hacked Through Charging Port in 18-Minute Attack
Tesla’s popular Wall Connector home charging system was exploited during the January 2025 Pwn2Own Automotive competition, demonstrating how attackers could gain control of the device through the charging cable itself. The groundbreaking attack targeted the Tesla Wall Connector Gen 3,…
New Sophisticated Attack Exploits Google App Passwords to Bypass Multi-Factor Authentication
A sophisticated Russian state-sponsored cyber operation has successfully exploited Google’s App-Specific Password (ASP) feature to bypass multi-factor authentication protections, targeting prominent critics of Russia in a campaign that demonstrates the evolving threat landscape facing high-profile individuals. The attack, attributed to…
Qilin Ransomware Emerges as World’s Top Threat, Demands $50 Million Ransom
Qilin ransomware has rapidly ascended to become the world’s most prevalent ransomware threat, accumulating over $50 million in ransom payments throughout 2024 alone. Originally developed as ‘Agent’ in 2022 and later recorded in the Rust programming language, this sophisticated malware…
Silver Fox APT Using Weaponized Medical Software to Deploy Remote Access Tools & Disable AV
A sophisticated China-based advanced persistent threat group known as Silver Fox has emerged as a significant cybersecurity concern, leveraging trojanized medical software to infiltrate healthcare organizations and public sector entities. Active since 2024, this state-sponsored group has demonstrated advanced capabilities…