Tag: Cyber Security News

Cybersecurity experts have recently observed a concerning trend in attack methodologies, with threat actors increasingly leveraging fileless techniques that weaponize PowerShell and legitimate Microsoft applications to deploy malware while evading detection. These sophisticated attacks operate primarily in memory, leaving minimal…

Read more →

A sophisticated phishing campaign in which threat actors are utilizing a multi-stage attack chain that combines social engineering tactics with modified open-source tools to compromise Windows systems. The campaign, active as of March 2025, employs the ClickFix technique to deceive…

Read more →

Google is advancing its email privacy arsenal with the development of Shielded Email, a feature designed to generate disposable email aliases for users signing up for apps and services.  First uncovered in a Google Play Services v24.45.33 APK teardown by…

Read more →

The United States has paused offensive cyber operations against Russia under an order from Defense Secretary Pete Hegseth, causing debates over geopolitical strategy and domestic cybersecurity priorities.  While U.S. Cyber Command—a Unified Combatant Command overseeing military cyber operations—adheres to the…

Read more →

The cybersecurity landscape of 2024 witnessed an unprecedented increase in mass internet exploitation, driven by attackers’ ability to automate vulnerability exploits within hours of disclosure.  GreyNoise’s 2025 Mass Internet Exploitation Report reveals a systematic industrialization of cyberattacks, with threat actors…

Read more →

Security researchers have uncovered three critical vulnerabilities in Extreme Networks’ IQ Engine (HiveOS) that collectively enable authenticated attackers to escalate privileges, decrypt passwords, and execute arbitrary commands on affected systems.  The flaws—tracked as CVE-2025-27229, CVE-2025-27228, and CVE-2025-27227—were disclosed through coordinated…

Read more →

Cybersecurity firm Silent Push have confirmed recently that North Korean IT workers continue to utilize Astrill VPN services to hide their true IP addresses when seeking employment with international companies. This finding, originally reported by Google’s Mandiant in September 2024,…

Read more →

Unit 42, the threat intelligence team at Palo Alto Networks, has identified a sophisticated threat actor group named JavaGhost that has evolved from website defacement to executing persistent phishing campaigns using compromised AWS environments. The group, active since at least…

Read more →

A massive cybersecurity breach has compromised over 35,000 websites, injecting malicious scripts that completely hijack users’ browser windows and redirect them to Chinese-language gambling platforms. The attack, identified on February 20th, 2025, appears to target regions where Mandarin is common,…

Read more →

U.S. Army Specialist Cameron John Wagenius, 21, is charged with federal offenses for allegedly hacking at least 15 telecom companies and trying to extort a major provider while leveraging stolen call detail records (CDRs) of high-ranking officials. The U.S. Department…

Read more →

A newly disclosed edge case in Substack’s custom domain implementation allows threat actors to hijack inactive subdomains, potentially enabling content spoofing, phishing campaigns, and brand impersonation.  The researcher identified 1,426 vulnerable domains – representing 8% of all Substack-associated custom domains…

Read more →

MediaTek has issued urgent security advisories warning of multiple high-severity vulnerabilities in its system-on-chip (SoC) architectures, including flaws that enable local privilege escalation (LPE) and remote code execution (RCE).  The March 2025 Product Security Bulletin highlights three high severity vulnerabilities…

Read more →

A critical security vulnerability (CVE-2022-46337) in Apache Derby, an open-source relational database implemented entirely in Java, has exposed systems to authentication bypass attacks via LDAP injection.  The flaw, rated with a CVSS score of 9.1, enables attackers to craft malicious…

Read more →

Threat actors have simultaneously released major updates for two prominent info-stealers, Vidar and StealC, marking their transition to version 2.0.  These updates, announced in late February 2025, introduce redesigned builds, modernized features, and enhanced capabilities.  However, cybersecurity experts have uncovered…

Read more →

Have you ever wondered why businesses still face cyber threats, even with the latest security software?  Cybercriminals are always finding new ways to attack. To stay safe, companies need strong and adaptable security measures. Many businesses rely on off-the-shelf security…

Read more →

Security researchers have released a sophisticated new kernel exploit targeting Apple iOS devices, dubbed Trigon, which leverages a critical vulnerability in the XNU kernel’s virtual memory subsystem.  The exploit, linked to the ith “Operation Triangulation” spyware campaign that first weaponized…

Read more →

Threat actors have actively exploited CVE-2025-21333, a critical vulnerability in Microsoft’s Windows Hyper-V NT Kernel Integration Virtual Service Provider (VSP).  This heap-based buffer overflow vulnerability allows local attackers to escalate their privileges to the SYSTEM level, posing a significant security…

Read more →

A critical remote code execution (RCE) vulnerability has been discovered in the Wazuh server, a popular open-source security platform used for threat detection and compliance monitoring. Identified as CVE-2025-24016, this flaw allows attackers with API access to execute arbitrary Python…

Read more →

Amnesty International’s Security Lab has uncovered a sophisticated cyber-espionage campaign in Serbia, where authorities used a zero-day exploit chain developed by Cellebrite to unlock the Android phone of a student activist. The attack, which occurred on December 25, 2024, leveraged…

Read more →

Angel One, a leading financial services platform, disclosed a breach involving unauthorized access to specific client data after some of its Amazon Web Services (AWS) resources were compromised. The incident was discovered on February 27, 2025, when the company received…

Read more →

Microsoft has initiated legal proceedings against a global cybercrime syndicate accused of developing sophisticated tools to bypass safety protocols in its Azure OpenAI Service.  The complaint, filed in the U.S. District Court for the Eastern District of Virginia, alleges that…

Read more →

Security researchers have uncovered a coordinated attack campaign exploiting vulnerabilities in Google’s advertising ecosystem and PayPal’s merchant tools to steal sensitive user data.  The operation leverages Google Search ads impersonating PayPal’s official support channels and abuses PayPal’s no-code checkout system…

Read more →

Microsoft has confirmed that Skype will be permanently retired on May 5, 2025. The move underscores the company’s strategic shift toward consolidating its consumer communication tools under Microsoft Teams, a unified platform designed to bridge personal, educational, and professional collaboration.…

Read more →

A cyber attack leveraging Check Point’s patched CVE-2024-24919 vulnerability has targeted organizations across Europe, Africa, and the Americas. Security analysts have observed direct linkages to Chinese state-sponsored threat actors.  The intrusion chain, which deploys the ShadowPad backdoor and NailaoLocker ransomware,…

Read more →

A critical vulnerability tracked as CVE-2024-48248, has been discovered in the Nakivo Backup & Replication tool, exposing systems to unauthenticated arbitrary file read attacks. Security researchers from watchTowr Labs disclosed the flaw, which affects version 10.11.3.86570 and potentially earlier versions…

Read more →

Ping Identity has issued an urgent security advisory for its PingAM Java Agent, revealing a critical severity vulnerability (CVE-2025-20059) that enables attackers to bypass policy enforcement mechanisms and gain unauthorized access to protected resources.  The flaw, classified as a Relative…

Read more →

A surge in “Pass-the-Cookie” (PTC) attacks is undermining multi-factor authentication (MFA), enabling cybercriminals to hijack session cookies and bypass security measures to access sensitive accounts. Recent advisories from the FBI and cybersecurity firms highlight how attackers exploit stolen browser cookies…

Read more →

Security researchers have uncovered a new campaign leveraging the Njrat remote access trojan (RAT) to abuse Microsoft’s developer-oriented Dev Tunnels service for covert command-and-control (C2) communications.  Historically associated with credential theft and USB-based propagation, the malware now utilizes Microsoft’s infrastructure…

Read more →

A new variant of the Poco RAT malware has emerged as a significant threat to Spanish-speaking organizations across Latin America, leveraging sophisticated PDF decoys and cloud-based delivery systems to infiltrate networks and exfiltrate sensitive data.  Linked to the cyber-mercenary group…

Read more →

Telegram remains the undisputed leader in cybercriminal communications, with recent analysis revealing over 80 million unique identifiers and links to Telegram channels shared across underground forums, a figure exceeding competitors like Discord (2.8 million links) and Session (450,000 IDs).  While…

Read more →

Lynx, a new ransomware variant, has been rising through the ranks of cyber threats since its initial release in mid-2024.   Operating under a Ransomware-as-a-Service (RaaS) model, Lynx targets organizations globally through double extortion campaigns, combining file encryption with systematic data…

Read more →

A sophisticated malware operation exploiting GitHub’s repository system has been uncovered, leveraging fake software cracks and gaming mods to deploy the Redox information stealer across 1,100+ repositories.  The campaign utilizes social engineering tactics and code obfuscation to harvest sensitive credentials,…

Read more →

A sophisticated botnet operation has compromised 1.6 million Android TV devices across 226 nations, leveraging advanced domain generation algorithms and cryptographic evasion techniques to create the largest known IoT threat since the 2016 Mirai attacks.  Dubbed Vo1d, this operation represents…

Read more →

Web filtering solutions involve monitoring and filtering internet traffic to prevent users from accessing specific websites, applications, or types of content that may be deemed inappropriate, unsafe, or non-compliant with organizational guidelines. Web filtering solutions are crucial in managing and…

Read more →

A study published ahead of NDSS 2025 revealed a critical vulnerability in China’s Great Firewall (GFW) DNS injection subsystem, called Wallbleed, which allowed sensitive memory data leaks for over two years before being patched in March 2024. The flaw exposed…

Read more →

Since late 2024, a sophisticated phishing operation leveraging 260 domains to host over 5,000 weaponized PDF files has targeted users across North America, Asia, and Southern Europe.  The campaign employs fake CAPTCHA screens, search engine optimization (SEO) poisoning, and PowerShell-based…

Read more →

A recent analysis uncovered 11,908 live DeepSeek API keys, passwords, and authentication tokens embedded in publicly scraped web data. According to cybersecurity firm Truffle Security, the study highlights how AI models trained on unfiltered internet snapshots risk internalizing and potentially…

Read more →

Dynamic malware analysis tools are critical for detecting and understanding modern cyber threats. These tools execute suspicious software in isolated environments to monitor its behavior, such as file modifications, network activity, or registry changes. Below is a list of the…

Read more →

Microsoft has addressed a significant issue affecting users of classic Outlook on devices running Windows 11, version 24H2. After installing recent Windows updates, including the January 2025 non-security preview update (KB5050094) and the February 11, 2025 update (KB5051987), many users…

Read more →

A cross-site scripting (XSS) vulnerability within the Krpano framework, a popular tool for embedding 360° images and creating virtual tours, has been exploited to inject malicious scripts into over 350 websites. This widespread campaign manipulates search engine results and spreads…

Read more →

A recent surge in user reports has revealed that Google’s Android System SafetyCore—a system service designed to enable on-device content scanning—has been silently installed on Android devices running Android 9 and later since October 2024.  The app, identified by the…

Read more →

The Open Source Security Foundation (OpenSSF) has launched the Open Source Project Security Baseline (OSPS Baseline), a tiered framework designed to standardize security practices for Linux and other open-source projects.  This initiative, aligned with global cybersecurity regulations like the EU…

Read more →

A new wave of phishing attacks impersonating Japanese electronics retail giant Yodobashi Camera has emerged, leveraging urgency and brand trust to steal customer credentials. Cybersecurity firm Symantec reported the campaign, which uses emails titled “Yodobashi.com: ‘Customer Information’ Change Request Notification”…

Read more →

A new attack dubbed nRootTag has exposed over 1.5 billion Apple devices, including iPhones, iPads, Apple Watches, and Macs, to covert tracking by malicious actors.  To be Detailed in a forthcoming USENIX Security Symposium 2025 paper by researchers Junming Chen,…

Read more →

Cisco Systems has issued a critical security advisory addressing a command injection vulnerability in its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode.  Designated as CVE-2025-20161, the flaw allows authenticated local attackers with administrative privileges to execute…

Read more →

A major development in wireless security research has revealed a sophisticated Wi-Fi jamming technique capable of disabling individual devices with millimeter-level precision, leveraging emerging Reconfigurable Intelligent Surface (RIS) technology. Developed by researchers at Ruhr University Bochum and the Max Planck…

Read more →

Authorities arrested a prolific hacker responsible for over 90 data breaches across 65 organizations in the Asia-Pacific region and 25 additional global targets.  The cybercriminal, operating under aliases ALTDOS, DESORDEN, GHOSTR, and 0mid16B, exfiltrated 13 terabytes of sensitive data between…

Read more →

A North Korea-aligned cybercriminal campaign dubbed DeceptiveDevelopment has been targeting freelance software developers through fake job interviews since early 2024. Posing as recruiters on platforms like LinkedIn, Upwork, and cryptocurrency-focused job boards, attackers lure victims with promising job opportunities or…

Read more →

Enterprises require robust network security solutions to protect against evolving cyber threats and ensure the safety of sensitive data. Leading solutions include Palo Alto Networks, Fortinet, Cisco Secure, and Check Point, among others. Palo Alto Networks excels with its AI-driven…

Read more →

GitLab has issued a security advisory warning of multiple high-risk vulnerabilities in its DevOps platform, including two critical Cross-Site Scripting (XSS) flaws enabling attackers to bypass security controls and execute malicious scripts in user browsers.  The vulnerabilities – tracked as…

Read more →

A critical security vulnerability in LibreOffice (CVE-2025-0514) has been patched after researchers discovered that manipulated documents could bypass safeguards and execute malicious files on Windows systems. The flaw, rated 7.2 on the CVSS v4.0 scale, exposes users to potential remote…

Read more →

GreyNoise has confirmed active exploitation of 23 out of 62 vulnerabilities referenced in internal chat logs attributed to the Black Basta ransomware group. These vulnerabilities span enterprise software, security appliances, and widely deployed web applications, with several critical flaws exploited…

Read more →

Cisco has released a security advisory addressing a vulnerability in its Nexus 3000 and 9000 Series Switches that could allow attackers to trigger a denial-of-service (DoS) condition. The vulnerability found in the health monitoring diagnostics of the switches could lead…

Read more →

Phishing kit attacks have become a pervasive threat in cybersecurity landscapes, lowering the barrier to entry for cybercriminals and enabling even low-skilled actors to launch sophisticated campaigns. These kits contain pre-built templates, data-harvesting scripts, and evasion tools designed to mimic…

Read more →

Check Point Research (CPR) has uncovered a sophisticated cyber campaign exploiting a Windows driver signing policy loophole to disable security tools and deploy malware across thousands of systems since June 2024. Attackers leveraged 2,500+ modified variants of the vulnerable Truesight.sys…

Read more →

A cybercriminal operating under the alias “Vanger” has surfaced on underground forums, offering a purported zero-day exploit targeting VMware ESXi hypervisors. The exploit claimed to enable virtual machine escape (VME), is being marketed at a steep price of $150,000. If…

Read more →

A critical DNS misconfiguration in Microsoft Entra ID (formerly Azure Active Directory) disrupted authentication services globally for nearly 90 minutes on February 25, 2025, affecting organizations relying on Seamless Single Sign-On (SSO) and Microsoft Entra Connect Sync.  The outage stemmed…

Read more →

A critical set of 20 vulnerabilities in GRUB2, the ubiquitous bootloader underpinning most Linux distributions and Unix-like systems, has exposed millions of devices to potential secure boot bypass, remote code execution, and persistent firmware-level attacks.  These flaws (CVSS scores up…

Read more →

Genea, one of Australia’s largest IVF providers, has confirmed that an unauthorized third party accessed its systems, potentially compromising sensitive patient data.  The breach has left thousands of patients uncertain about their treatment schedules and medication plans, as critical digital…

Read more →

The MITRE Corporation has unveiled a groundbreaking evaluation framework designed to quantify the risks posed by large language models (LLMs) in offensive cyber operations (OCO).  Dubbed OCCULT (Operational Evaluation Framework for Cyber Security Risks in AI), the methodology aims to…

Read more →

Orange Communication data breach was claimed by a threat actor using the pseudonym “Rey,” who was responsible for leaking 380,000 email records and sensitive corporate data on a dark web forum.  The alleged breach, disclosed earlier this week, includes source…

Read more →

A sophisticated phishing campaign targeting Amazon Prime users has emerged, leveraging counterfeit renewal notifications to harvest login credentials, payment details, and personal verification data. Discovered by the Cofense Phishing Defense Center (PDC) on February 18, 2025, the attack employs multi-stage…

Read more →

Critical vulnerabilities in the Rsync file synchronization tool enable attackers to execute arbitrary code on vulnerable servers, exfiltrate sensitive data, and bypass critical security controls.  The vulnerabilities affect Rsync version 3.2.7 and earlier, with proof-of-concept exploits already demonstrating remote code…

Read more →

A critical security vulnerability in the Essential Addons for Elementor plugin (CVE-2025-24752) has put over two million WordPress websites at risk of cross-site scripting (XSS) attacks.  The vulnerability discovered in the plugin’s handling of user inputs allowed attackers to inject…

Read more →

Have I Been Pwned (HIBP) has incorporated 284 million email addresses compromised by information-stealer malware into its breach notification service. The data originates from a 1.5TB corpus of stealer logs dubbed “ALIEN TXTBASE”, marking one of the largest malware-related dataset…

Read more →

A critical vulnerability, CVE-2025-22467, in Ivanti Connect Secure (ICS) devices has left approximately 2,850 instances worldwide unpatched and vulnerable to remote code execution (RCE) attacks. This flaw, with a CVSS score of 9.9, is categorized as a stack-based buffer overflow…

Read more →

DISA Global Solutions, a leading provider of employment screening services, has confirmed a massive data breach exposing sensitive information of approximately 3.3 million individuals.  The incident, classified as an external system breach (CVE pending), occurred between February 9 and April…

Read more →

A recent discovery has unveiled a sophisticated and fully undetected batch script capable of delivering the powerful malware families XWorm and AsyncRAT.  This script, which remained undetected on VirusTotal for over two days, employs advanced obfuscation techniques and leverages PowerShell…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory on February 25, 2025, confirming that threat actors are actively exploiting a critical privilege escalation vulnerability in Microsoft’s Partner Center platform (CVE-2024-49035). The improper access control flaw, which…

Read more →

Cybersecurity companies are at the forefront of protecting digital systems, networks, and sensitive data from unauthorized access, malicious attacks, and other cyber threats. As technology continues to advance and the digital landscape expands, the importance of cybersecurity has grown exponentially.…

Read more →

A sophisticated malware campaign dubbed “GitVenom” has exploited GitHub’s open-source ecosystem to distribute malicious code through thousands of fraudulent repositories, targeting developers seeking automation tools, cryptocurrency utilities, and gaming hacks. The campaign, active since at least 2023, employs advanced social…

Read more →

A sophisticated threat cluster tracked as UAC-0212 has escalated efforts to compromise critical infrastructure systems in Ukraine, according to a recent advisory from CERT-UA (Government Computer Emergency Response Team of Ukraine). These attacks, active since July 2024, focus on energy,…

Read more →

A coordinated campaign involving at least 16 malicious Chrome extensions infected over 3.2 million users worldwide, leveraging browser security vulnerabilities to execute advertising fraud and search engine optimization manipulation. Discovered by GitLab Threat Intelligence in February 2025, these extensions, ranging…

Read more →

A recent study from a team of cybersecurity researchers has revealed severe security flaws in commercial-grade Large Reasoning Models (LRMs), including OpenAI’s o1/o3 series, DeepSeek-R1, and Google’s Gemini 2.0 Flash Thinking. The research introduces two key innovations: the Malicious-Educator benchmark…

Read more →

In an era where open-source collaboration drives software innovation, a sophisticated cyber campaign dubbed GitVenom has emerged as a critical threat to developers.  Security researchers have uncovered over 200 malicious GitHub repositories designed to distribute information stealers and remote access…

Read more →

A newly disclosed vulnerability in the GRUB2 bootloader’s read command (CVE-2025-0690) has raised concerns about potential Secure Boot bypasses and heap memory corruption in Linux systems.  Red Hat Product Security rates this integer overflow flaw as moderately severe. It could…

Read more →

In a transformative move for smartphone longevity, Qualcomm Technologies, Inc., and Google have announced a collaboration to enable eight years of Android software and security updates for devices powered by Snapdragon mobile platforms.  This initiative, targeting smartphones launching with the…

Read more →

A critical server-side request forgery (SSRF) vulnerability (CVE-2025-27090) has been identified in the Sliver C2 framework’s teamserver implementation, enabling attackers to establish unauthorized TCP connections through vulnerable servers. Affecting versions 1.5.26 through 1.5.42 and pre-release builds below commit Of340a2, this…

Read more →

A newly uncovered technique allows threat actors to bypass Microsoft Outlook’s spam filtering mechanisms, enabling the delivery of malicious ISO files through seemingly benign email links.  This vulnerability exposes organizations to increased risks of phishing and malware attacks, particularly when…

Read more →

Researchers have disclosed KernelSnitch, a novel side-channel attack exploiting timing variances in Linux kernel data structures, achieving covert data transmission rates up to 580 kbit/s and enabling website fingerprinting with 89% accuracy.  The attack targets four critical container types: fixed/dynamic…

Read more →

A critical remote code execution (RCE) vulnerability (CVE-2025–27364) has been identified in all versions of MITRE Caldera prior to commit 35bc06e, exposing systems to potential compromise via unauthenticated attackers.  The flaw resides in the dynamic compilation mechanism of Caldera’s Sandcat…

Read more →

Security researchers from MASSGRAVE have unveiled TSforge, a groundbreaking tool exploiting vulnerabilities in Microsoft’s Software Protection Platform (SPP) to activate every version of Windows from Windows 7 onward, including Office suites and add-ons. This exploit marks the first successful direct…

Read more →

Security researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated malware campaign distributing the LummaC2 information stealer disguised as a cracked version of Total Commander, a popular file management tool for Windows. The operation targets users seeking unauthorized…

Read more →

Event monitoring tools are software solutions designed to track, analyze, and manage events across various systems, applications, or environments. These tools are widely used in IT operations, security monitoring, application performance management, and even live event tracking. They help organizations…

Read more →

A malicious campaign targeting Cisco networking equipment through two critical vulnerabilities, with state-backed actors and other actors exploiting unpatched systems. GreyNoise Intelligence has identified 110 malicious IPs actively exploiting CVE-2023-20198, a privilege escalation flaw in Cisco IOS XE devices. There…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding CVE-2024-20953, a high-severity deserialization vulnerability in Oracle’s Agile Product Lifecycle Management (PLM) software that is being actively exploited in the wild. Added to CISA’s Known Exploited Vulnerabilities…

Read more →

A sophisticated cybercriminal campaign leveraging stolen browser fingerprints to bypass fraud detection systems and impersonate legitimate users has been uncovered by cybersecurity researchers. Dubbed ScreamedJungle, the threat actor has been exploiting vulnerabilities in outdated Magento e-commerce platforms since May 2024…

Read more →

The Australian government has mandated the removal of all Kaspersky Lab software and web services from federal systems and devices, citing heightened risks of foreign interference, espionage, and sabotage.  Issued under the Protective Security Policy Framework (PSPF) Direction 002-2025, the…

Read more →

A sophisticated Android malware campaign dubbed “SpyLend” has infiltrated the Google Play Store, masquerading as a financial utility app to target Indian users. Disguised as “Finance Simplified” (package: com.someca.count), the app has amassed over 100,000 downloads since February 2025, leveraging…

Read more →

When it comes to protecting your website from cyber threats, Web Application Firewalls (WAF) are an essential part of the security infrastructure. Two popular options in the market are SafeLine and CloudFlare, each with its own strengths and weaknesses. In…

Read more →

A new malware strain dubbed GhostSocks is leveraging SOCKS5 backconnect proxies to bypass anti-fraud mechanisms and geographic restrictions, according to a report by cybersecurity firm Infrawatch. The Golang-based malware, first advertised on Russian-language forums in October 2023, has recently expanded…

Read more →

Apple has taken the unprecedented step of disabling its Advanced Data Protection (ADP) feature for UK users after the British government invoked surveillance laws to demand access to encrypted iCloud data.  The move, effective on 21 February 2025, marks the…

Read more →

Security researchers have uncovered alarming vulnerabilities in Eight Sleep’s internet-connected smart beds that could allow attackers to infiltrate home networks and compromise connected devices.  According to cybersecurity expert Dylan Ayrey, the $2,000 temperature-regulating sleep system has a Secure Shell (SSH)…

Read more →

A significant cybersecurity threat has emerged as the BIG SHARK Android Remote Access Trojan (RAT), a cracked version of the infamous Craxs 7.6 RAT, has been leaked online.  This development highlights the evolving risks posed by malicious actors exploiting Android…

Read more →

A sophisticated cyberespionage campaign leveraging the FatalRAT remote access trojan (RAT) is targeting industrial organizations across the Asia-Pacific (APAC) region, according to a Kaspersky ICS CERT report. The attackers, suspected to be Chinese-speaking threat actors, employ a multi-stage infection chain…

Read more →

A sophisticated phishing operation leveraging OpenAI’s ChatGPT branding has targeted over 12,000 users across North America and Europe.  The campaign impersonates ChatGPT subscription renewal notices to harvest login credentials and payment details, exploiting the platform’s restricted access model for GPT-4…

Read more →

In a high-profile security breach, decentralized finance protocol @0xinfini suffered a $49.5 million USDC theft, marking one of the largest stablecoin exploits of the year.  The attacker executed a multi-stage laundering operation, converting stolen USDC to DAI, purchasing 17,696 ETH…

Read more →

The Wireshark Foundation has released version 4.4.4 of its widely used network protocol analyzer, addressing a high-severity vulnerability that could allow attackers to trigger denial-of-service (DoS) conditions by injecting malicious packets. The update resolves CVE-2025-1492, a flaw in the Bundle…

Read more →

DeepSeek has launched FlashMLA, a groundbreaking Multi-head Latent Attention (MLA) decoding kernel optimized for NVIDIA’s Hopper GPU architecture, marking the first major release of its Open Source Week initiative. This innovative tool achieves unprecedented performance metrics of 3000 GB/s memory…

Read more →

A critical 0-day vulnerability in Parallels Desktop virtualization software has been publicly disclosed, enabling local attackers to escalate privileges to root-level access on macOS systems.  All versions of Parallels Desktop, including the most recent 20.2.1 (55876), are vulnerable to the…

Read more →