Author: Mash

A phishing campaign is leveraging a counterfeit Google Security page to distribute a Progressive Web App capable of stealing one-time [...]

A popular Chrome extension called QuickLens, which enabled Google Lens searches directly in the browser, was hijacked after being sold [...]

Microsoft is introducing new Windows 11 Insider builds that strengthen security for batch file and CMD script execution in enterprise [...]

Microsoft is investigating a persistent bug causing the mouse pointer to disappear within the classic Outlook desktop client, nearly two [...]

A new information-stealing operation called Arkanix Stealer appeared on dark web forums in late 2025 but vanished after only two [...]

Security researchers have identified PromptSpy, the first Android malware family that integrates generative AI directly into its operational flow. Discovered [...]

A suspected Chinese state-sponsored hacking group has been actively exploiting a critical Dell vulnerability since mid-2024 in a series of [...]

Security researchers have documented the first real-world instance of information-stealing malware targeting configuration files belonging to the popular OpenClaw AI [...]

Threat actors have developed an innovative ClickFix campaign that leverages DNS lookups to distribute malicious payloads, marking the first known [...]

A sophisticated campaign attributed to North Korean hackers is targeting JavaScript and Python developers through fake job interviews involving cryptocurrency-related [...]

Security researcher Wietze Beukema has unveiled four previously undocumented techniques that manipulate Windows shortcut files to conceal malicious payloads. These [...]

Microsoft has resolved a significant security flaw in the Windows 11 Notepad application that enabled attackers to execute software remotely [...]

North Korean hackers are deploying advanced social engineering tactics combined with never-before-seen macOS malware strains to siphon cryptocurrency assets. The [...]

Hackers are actively exploiting critical vulnerabilities in SolarWinds Web Help Desk (WHD) to install legitimate administrative software for harmful purposes. [...]

A widespread spam campaign is once again targeting global inboxes, with many users receiving automated messages from compromised company support [...]

Cyber attackers are misusing a revoked but still functional kernel driver from the EnCase forensic software to create a powerful [...]

Hackers are actively exploiting a severe flaw, designated CVE-2025-11953, in the React Native Metro development server. This vulnerability allows them [...]

Microsoft has issued a new optional update, KB5074105, for Windows 11 versions 24H2 and 25H2. While this C-update is not [...]

Microsoft's recent optional update, KB5074105, is causing problems for some Windows 11 users despite official claims of no known issues. [...]

Google's Threat Intelligence Group, in collaboration with industry partners, has disrupted the infrastructure of IPIDEA, one of the world's largest [...]

Two critical vulnerabilities in the popular open-source automation platform n8n allow authenticated attackers to escape its security sandbox and execute [...]

A new malware-as-a-service (MaaS) operation, dubbed "Stanley," is advertising the creation and publication of malicious Chrome extensions designed to bypass [...]

The North Korean state-linked hacking group Konni is conducting a campaign targeting blockchain engineers with PowerShell malware believed to be [...]

The North Korean threat group Konni is using AI-assisted PowerShell malware to target engineers and developers in the blockchain industry. [...]

The ShinyHunters cybercrime group has claimed responsibility for a series of sophisticated voice phishing (vishing) attacks targeting single sign-on accounts [...]

A wave of automated attacks is targeting Fortinet FortiGate devices by exploiting a vulnerability in the single sign-on (SSO) feature [...]

A new family of Android click-fraud trojans is using TensorFlow machine learning models to autonomously detect and interact with online [...]

A critical vulnerability in the Advanced Custom Fields: Extended (ACF Extended) WordPress plugin allows unauthenticated attackers to gain administrative control [...]

A new malware strain named PDFSider has been deployed in attacks against a Fortune 100 financial company, serving as a [...]

A new wave of the GhostPoster campaign has been discovered, involving 17 malicious extensions across Chrome, Firefox, and Microsoft Edge [...]

Microsoft has acknowledged a new bug preventing some Windows 11 Enterprise and IoT devices from shutting down properly after installing [...]

The Gootloader malware campaign has adopted a sophisticated evasion technique using malformed ZIP archives composed of up to 1,000 concatenated [...]

A critical vulnerability in Fortinet's Security Information and Event Management (SIEM) platform, tracked as CVE-2025-25256, allows unauthenticated remote attackers to [...]

The user database from the latest version of the notorious BreachForums cybercrime marketplace has been leaked online, exposing information for [...]

A critical command injection vulnerability in several legacy D-Link DSL routers is being actively exploited by threat actors. Tracked as [...]

A new social engineering campaign is targeting the European hospitality sector by using deceptive Blue Screen of Death (BSOD) screens [...]

A threat group calling itself "Scattered Lapsus$ Hunters" claims to have successfully breached the cybersecurity firm Resecurity, stealing alleged internal [...]

The Kimwolf botnet has infected over two million devices globally by exploiting a critical vulnerability in residential proxy networks, allowing [...]

Scammers have sent fraudulent emails to Grubhub users promising a tenfold return on any Bitcoin sent to a specified wallet. [...]

A fraudulent domain masquerading as the popular Microsoft Activation Scripts (MAS) tool is being used to infect users with a [...]