Author: Mash

North Korean hackers are deploying advanced social engineering tactics combined with never-before-seen macOS malware strains to siphon cryptocurrency assets. The [...]

Hackers are actively exploiting critical vulnerabilities in SolarWinds Web Help Desk (WHD) to install legitimate administrative software for harmful purposes. [...]

A widespread spam campaign is once again targeting global inboxes, with many users receiving automated messages from compromised company support [...]

Cyber attackers are misusing a revoked but still functional kernel driver from the EnCase forensic software to create a powerful [...]

Hackers are actively exploiting a severe flaw, designated CVE-2025-11953, in the React Native Metro development server. This vulnerability allows them [...]

Microsoft has issued a new optional update, KB5074105, for Windows 11 versions 24H2 and 25H2. While this C-update is not [...]

Microsoft's recent optional update, KB5074105, is causing problems for some Windows 11 users despite official claims of no known issues. [...]

Google's Threat Intelligence Group, in collaboration with industry partners, has disrupted the infrastructure of IPIDEA, one of the world's largest [...]

Two critical vulnerabilities in the popular open-source automation platform n8n allow authenticated attackers to escape its security sandbox and execute [...]

A new malware-as-a-service (MaaS) operation, dubbed "Stanley," is advertising the creation and publication of malicious Chrome extensions designed to bypass [...]

The North Korean state-linked hacking group Konni is conducting a campaign targeting blockchain engineers with PowerShell malware believed to be [...]

The North Korean threat group Konni is using AI-assisted PowerShell malware to target engineers and developers in the blockchain industry. [...]

The ShinyHunters cybercrime group has claimed responsibility for a series of sophisticated voice phishing (vishing) attacks targeting single sign-on accounts [...]

A wave of automated attacks is targeting Fortinet FortiGate devices by exploiting a vulnerability in the single sign-on (SSO) feature [...]

A new family of Android click-fraud trojans is using TensorFlow machine learning models to autonomously detect and interact with online [...]

A critical vulnerability in the Advanced Custom Fields: Extended (ACF Extended) WordPress plugin allows unauthenticated attackers to gain administrative control [...]

A new malware strain named PDFSider has been deployed in attacks against a Fortune 100 financial company, serving as a [...]

A new wave of the GhostPoster campaign has been discovered, involving 17 malicious extensions across Chrome, Firefox, and Microsoft Edge [...]

Microsoft has acknowledged a new bug preventing some Windows 11 Enterprise and IoT devices from shutting down properly after installing [...]

The Gootloader malware campaign has adopted a sophisticated evasion technique using malformed ZIP archives composed of up to 1,000 concatenated [...]

A critical vulnerability in Fortinet's Security Information and Event Management (SIEM) platform, tracked as CVE-2025-25256, allows unauthenticated remote attackers to [...]

The user database from the latest version of the notorious BreachForums cybercrime marketplace has been leaked online, exposing information for [...]

A critical command injection vulnerability in several legacy D-Link DSL routers is being actively exploited by threat actors. Tracked as [...]

A new social engineering campaign is targeting the European hospitality sector by using deceptive Blue Screen of Death (BSOD) screens [...]

A threat group calling itself "Scattered Lapsus$ Hunters" claims to have successfully breached the cybersecurity firm Resecurity, stealing alleged internal [...]

The Kimwolf botnet has infected over two million devices globally by exploiting a critical vulnerability in residential proxy networks, allowing [...]

Scammers have sent fraudulent emails to Grubhub users promising a tenfold return on any Bitcoin sent to a specified wallet. [...]

A fraudulent domain masquerading as the popular Microsoft Activation Scripts (MAS) tool is being used to infect users with a [...]

Security researchers have identified two distinct campaigns distributing sophisticated malware loaders through deceptive distribution channels. The first leverages cracked software [...]

A critical vulnerability in the UEFI firmware of motherboards from ASUS, Gigabyte, MSI, and ASRock allows attackers with physical access [...]

A new campaign named "GhostPairing" is exploiting WhatsApp's legitimate device-linking feature to hijack user accounts without requiring authentication. Attackers initiate [...]

The inaugural Zeroday Cloud hacking competition in London has awarded security researchers a total of $320,000 for uncovering and demonstrating [...]

A malicious campaign named GhostPoster is concealing JavaScript code within the PNG logo files of over a dozen Firefox extensions. [...]

A new malware-as-a-service (MaaS) operation named SantaStealer is being marketed on cybercrime forums, promoted for its ability to run in [...]

A newly discovered zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan) service allows attackers to crash the critical [...]

A malicious campaign on the official VSCode Marketplace has been distributing 19 extensions that contain hidden malware within their bundled [...]

A new Android malware named DroidLock is targeting Spanish-speaking users by locking their devices and demanding a ransom. Distributed through [...]

Multiple prominent ransomware gangs are utilizing a packer-as-a-service platform called Shanya to conceal and deploy malware designed to disable endpoint [...]

Microsoft has removed a significant barrier for its Windows 11-exclusive security feature, Smart App Control, by eliminating the mandatory clean [...]

Cloudflare experienced a major global outage today, causing widespread "500 Internal Server Error" messages for many websites. The company has [...]