Tag Archives: it security

FCC Bans Foreign-Made Drones and Key Parts Over U.S. National Security Risks

The U.S. Federal Communications Commission (FCC) on Monday announced a ban on all drones and...

23
Dec
Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that...

22
Dec
⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More

Cyber threats last week showed how attackers no longer need big hacks to cause big...

22
Dec
How to Browse the Web More Sustainably With a Green Browser

As the internet becomes an essential part of daily life, its environmental footprint continues to...

22
Dec
Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale

Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver...

22
Dec
Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence

Threat hunters have discerned new activity associated with an Iranian threat actor known as Infy...

21
Dec
U.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus Malware

The U.S. Department of Justice (DoJ) this week announced the indictment of 54 individuals in...

20
Dec
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code...

19
Dec
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Cybersecurity researchers have disclosed details of a new campaign that has used cracked software distribution...

19
Dec
WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard has released fixes to address a critical security flaw in Fireware OS that it...

19
Dec
Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

Authorities in Nigeria have announced the arrest of three “high-profile internet fraud suspects” who are...

19
Dec
New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by...

19
Dec
China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of...

18
Dec
HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

Hewlett Packard Enterprise (HPE) has resolved a maximum-severity security flaw in OneView Software that, if...

18
Dec
ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

This week’s ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding new angles...

18
Dec
North Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto Theft

Threat actors with ties to the Democratic People’s Republic of Korea (DPRK or North Korea)...

18
Dec
The Case for Dynamic AI-SaaS Security as Copilots Scale

Within the past year, artificial intelligence copilots and agents have quietly permeated the SaaS applications...

18
Dec
Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

The North Korean threat actor known as Kimsuky has been linked to a new campaign...

18
Dec
CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting...

18
Dec
Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances

Cisco has alerted users of a maximum-severity zero-day flaw in Cisco AsyncOS software that has...

18
Dec
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances

SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA)...

17
Dec
Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks

A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of...

17
Dec
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

The Russian state-sponsored threat actor known as APT28 has been attributed to what has been...

17
Dec
New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

The threat actor linked to Operation ForumTroll has been attributed to a fresh set of...

17
Dec
Fix SOC Blind Spots: See Threats to Your Industry & Country in Real Time

Modern security teams often feel like they’re driving through fog with failing headlights. Threats accelerate,...

17
Dec
China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe...

17
Dec
GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

A new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser...

17
Dec
Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity...

16
Dec
Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the popular...

16
Dec
Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

Amazon’s threat intelligence team has disclosed details of a “years-long” Russian state-sponsored campaign that targeted...

16
Dec