malicious
-
AI-Powered Cloaking Tools Help Threat Actors Hide Malicious Domains from Security Scans
Threat actors are increasingly adopting AI-powered cloaking services to obfuscate phishing domains, counterfeit e-commerce sites, and malware distribution endpoints from…
Read More » -
Livewire Flaw Puts Millions of Laravel Apps at Risk of RCE Attacks
A critical vulnerability discovered in Livewire, a popular full-stack framework for Laravel applications, exposes millions of web properties to unauthenticated…
Read More » -
Snake Keylogger Bypasses Windows Defender and Uses Scheduled Tasks to Steal Credentials
Threat actors have been using a sophisticated phishing operation to impersonate Turkish Aerospace Industries (TUSAŞ) in order to attack Turkish…
Read More » -
Fancy Bear Hackers Target Governments and Military Entities with Advanced Tools
Fancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating…
Read More » -
Lumma Infostealer Steals Browser Data and Sells It as Logs on Underground Markets
Infostealers are specialized malware variants that routinely steal large amounts of sensitive data from compromised systems. This includes session tokens,…
Read More » -
Microsoft Teams Exploited to Deliver Matanbuchus Ransomware Payload
A sophisticated cyberattack campaign has emerged targeting organizations through Microsoft Teams impersonation, delivering the updated Matanbuchus 3.0 malware loader that…
Read More » -
Cracked Apps Delivering Infostealers Identified as Leading Attack Vector in June 2025
The AhnLab Security Intelligence Center (ASEC) published a thorough analysis in June 2025 that identified infostealer malware masquerading as keygens…
Read More » -
Government Organizations Targeted via AWS Lambda URL Endpoint Exploits
Unit 42 researchers from Palo Alto Networks have been monitoring a sophisticated threat cluster designated CL-STA-1020, which has been systematically…
Read More » -
Grok-4 Jailbroken Using Echo Chamber and Crescendo Exploit Combo
Security researchers have successfully demonstrated a sophisticated jailbreak attack against Grok-4, X’s advanced AI language model, by combining two powerful…
Read More » -
Researchers Bypass Meta’s Llama Firewall Using Prompt Injection Vulnerabilities
Researchers at Trendyol, a leading e-commerce platform, have uncovered multiple vulnerabilities in Meta’s Llama Firewall, a suite of tools designed…
Read More » -
Fortinet FortiWeb Fabric Connector Flaw Enables Remote Code Execution
Security researchers have identified a severe pre-authentication SQL injection vulnerability in Fortinet’s FortiWeb Fabric Connector, designated as CVE-2025-25257, that allows…
Read More » -
Network-Based Tool for COM and RPC Exploitation
The need for solutions that improve detection skills against sophisticated attacks is growing in the ever-changing cybersecurity world. COMmander emerges…
Read More » -
Hacker Returns $42 Million in Stolen Crypto in Exchange for $5 Million Bounty
A security flaw in the GMX V1 software was made public, causing a significant upheaval in the decentralized finance (DeFi)…
Read More » -
Mis-scoped AWS Organizations Policy Allowed Hackers to Seize Full Control of AWS Environment
Security professionals have uncovered serious vulnerabilities in AWS Organizations in a ground-breaking study by Cymulate Research Labs that might allow…
Read More »