Author: Mash

Scammers have sent fraudulent emails to Grubhub users promising a tenfold return on any Bitcoin sent to a specified wallet. [...]

A fraudulent domain masquerading as the popular Microsoft Activation Scripts (MAS) tool is being used to infect users with a [...]

Security researchers have identified two distinct campaigns distributing sophisticated malware loaders through deceptive distribution channels. The first leverages cracked software [...]

A critical vulnerability in the UEFI firmware of motherboards from ASUS, Gigabyte, MSI, and ASRock allows attackers with physical access [...]

A new campaign named "GhostPairing" is exploiting WhatsApp's legitimate device-linking feature to hijack user accounts without requiring authentication. Attackers initiate [...]

The inaugural Zeroday Cloud hacking competition in London has awarded security researchers a total of $320,000 for uncovering and demonstrating [...]

A malicious campaign named GhostPoster is concealing JavaScript code within the PNG logo files of over a dozen Firefox extensions. [...]

A new malware-as-a-service (MaaS) operation named SantaStealer is being marketed on cybercrime forums, promoted for its ability to run in [...]

A newly discovered zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan) service allows attackers to crash the critical [...]

A malicious campaign on the official VSCode Marketplace has been distributing 19 extensions that contain hidden malware within their bundled [...]

A new Android malware named DroidLock is targeting Spanish-speaking users by locking their devices and demanding a ransom. Distributed through [...]

Multiple prominent ransomware gangs are utilizing a packer-as-a-service platform called Shanya to conceal and deploy malware designed to disable endpoint [...]

Microsoft has removed a significant barrier for its Windows 11-exclusive security feature, Smart App Control, by eliminating the mandatory clean [...]

Cloudflare experienced a major global outage today, causing widespread "500 Internal Server Error" messages for many websites. The company has [...]

A command injection vulnerability in Array Networks AG Series VPN appliances is being actively exploited by attackers to deploy webshells [...]

Microsoft has issued the KB5070311 optional preview update for Windows 11, addressing 49 known issues, including significant problems with File [...]

A persistent malware operation dubbed "ShadyPanda" has infected over 4.3 million users through malicious browser extensions on Google Chrome and [...]

A new vulnerability dubbed "HashJack" allows attackers to conceal malicious instructions within the fragment identifier (the part following a '#' [...]

Microsoft has confirmed that recent Windows 11 updates are causing the password sign-in option to disappear from the lock screen [...]

A high-severity vulnerability has been discovered in the widely used 'node-forge' JavaScript cryptography library, enabling attackers to bypass digital signature [...]

A new campaign linked to Russian threat actors is distributing the StealC V2 information-stealing malware by hiding it within malicious [...]

A recent investigation into a Qilin ransomware attack demonstrated how security analysts can reconstruct an incident even with severely limited [...]

Security researchers successfully compiled a database of 3.5 billion WhatsApp user accounts by exploiting an API endpoint that lacked rate-limiting [...]

Nvidia has confirmed that recent Windows security updates from October 2025 are causing performance degradation in games running on Windows [...]

A sophisticated new Android banking trojan named Sturnus has been discovered, capable of stealing credentials and enabling full remote control [...]

A severe security flaw in the popular W3 Total Cache (W3TC) WordPress plugin enables unauthenticated attackers to execute arbitrary PHP [...]

Microsoft has announced that the System Monitor (Sysmon) tool will be directly integrated into future versions of Windows 11 and [...]

Google has released an urgent security update for its Chrome browser to address a zero-day vulnerability that is being actively [...]

Google will soon begin flagging Android applications on the Play Store that exhibit high background activity and cause significant battery [...]

Microsoft is addressing a known issue where the first extended security update (ESU) for Windows 10, KB5068781, fails to install [...]

AMD has confirmed a high-severity vulnerability within the RDSEED instruction of its latest Zen 5 architecture CPUs, which compromises the [...]

A self-propagating worm, dubbed 'IndonesianFoods,' is spamming the npm registry by automatically generating and publishing new packages at an alarming [...]

The DanaBot malware has reemerged in a new version after a six-month hiatus following a major international law enforcement operation. [...]

A critical vulnerability in the Triofox file-sharing platform is being actively exploited by a threat actor to gain full system [...]

Three newly discovered vulnerabilities in the runC container runtime could allow attackers to break out of container isolation and gain [...]

With Windows 10 having reached its official end of support on October 14, 2025, users must enroll in the Extended [...]

A newly identified spyware, dubbed LandFall, was deployed by exploiting a zero-day vulnerability in Samsung's Android image processing library. The [...]

Google's Threat Intelligence Group has identified a significant trend where cybercriminals are now using large language models (LLMs) to create [...]

A critical vulnerability in the popular Post SMTP WordPress plugin is being actively exploited by hackers to hijack administrator accounts [...]

Microsoft has acknowledged a bug in an optional Windows 11 update that prevents the Task Manager from closing properly. After [...]