tools

July 2, 2025

Cybercriminals Use Malicious PDFs to Impersonate Microsoft, DocuSign, and Dropbox in Targeted Phishing Attacks

Cisco’s Talos security team has uncovered a surge in sophisticated phishing campaigns leveraging malicious PDF payloads to impersonate trusted brands…
Read More »
July 1, 2025

New DEVMAN Ransomware by DragonForce Targets Windows 10 and 11 Users

A new ransomware variant, dubbed DEVMAN, has surfaced in the cyberthreat landscape, showcasing a complex lineage tied to the notorious…
Read More »
June 30, 2025

Hackers Deliver Remcos Malware Via .pif Files and UAC Bypass in Windows

A sophisticated phishing campaign has emerged, distributing the notorious Remcos Remote Access Trojan (RAT) through the DBatLoader malware. This attack…
Read More »
June 30, 2025

Hackers Leverage Critical Langflow Flaw to Deploy Flodrix Botnet and Seize System Control

A sophisticated cyberattack campaign has emerged, exploiting a critical vulnerability in Langflow, a widely-used Python-based framework for building AI applications,…
Read More »
June 29, 2025

Weaponized DeepSeek Installers Deploy Sainbox RAT and Hidden Rootkit

Netskope Threat Labs has uncovered a malicious campaign exploiting fake software installers, including those mimicking popular tools like DeepSeek, Sogou,…
Read More »
June 29, 2025

Beware of Trending TikTok Videos Promoting Pirated Apps That Deliver Stealer Malware

A sophisticated social engineering campaign has surfaced on TikTok, leveraging the platform’s massive user base and algorithmic reach to distribute…
Read More »
June 28, 2025

Threat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web Shells

Threat actors have been observed exploiting file upload vulnerabilities to deploy web shells and advanced malware on both Windows and…
Read More »
June 25, 2025

New Malware Discovered Using Prompt Injection to Manipulate AI Models in the Wild

Researchers have uncovered a new malware sample in the wild that employs a unique and unconventional evasion tactic: prompt injection…
Read More »
June 24, 2025

America, Netflix, and Microsoft Hacked to Inject Fake Phone Numbers

Jérôme Segura, cybercriminals are exploiting search parameter vulnerabilities to inject fake phone numbers into the legitimate websites of major brands…
Read More »
June 24, 2025

Over 2,000 Devices Compromised by Weaponized Social Security Statement Phishing Attacks

CyberArmor analysts have uncovered a meticulously crafted phishing campaign that has already compromised over 2,000 devices by exploiting the trusted…
Read More »
June 23, 2025

Google Integrates GenAI to Counter Indirect Prompt Injection Attack Vectors

Google has revealed a thorough protection technique aimed at indirect prompt injection attacks, a subtle but powerful threat, marking a…
Read More »
June 23, 2025

SparkKitty Targets iOS and Android Devices via App Store and Google Play Attacks

A sophisticated spyware campaign, dubbed SparkKitty, has emerged as a significant threat to both iOS and Android users, infiltrating even…
Read More »
June 23, 2025

Amazon EKS Flaws Expose AWS Credentials and Enable Privilege Escalation

Recent research has uncovered critical security flaws in Amazon Elastic Kubernetes Service (EKS) that could expose sensitive AWS credentials and…
Read More »
June 22, 2025

Mattermost Vulnerabilities Let Attackers Execute Remote Code Via Path Traversal

Mattermost, a widely-used open-source collaboration platform, has recently disclosed critical vulnerabilities in its software that could allow attackers to execute…
Read More »
June 22, 2025

Israeli Social Media Users Targeted in Covert Iranian Influence Campaign

A covert Iranian social media operation has been uncovered, targeting Israeli users on platform X with a psychological campaign designed…
Read More »
June 22, 2025

OpenVPN Driver Vulnerability Let Attackers Crash Windows Systems

Network administrators and cybersecurity experts will be pleased to learn that OpenVPN 2.7_alpha2 will be released on June 19, 2025,…
Read More »
June 19, 2025

Over 100,000 WordPress Sites Exposed to Privilege Escalation via MCP AI Engine

The Wordfence Threat Intelligence team identified a severe security flaw in the AI Engine plugin, a widely used tool installed…
Read More »
June 18, 2025

Chollima Hackers Target Windows and MacOS with New GolangGhost RAT Malware

A North Korean-affiliated threat actor called Famous Chollima (also known as Wagemole) has launched a sophisticated remote access trojan (RAT)…
Read More »
June 18, 2025

SuperCard Malware Hijacks Android Devices to Steal Payment Card Data and Relay it to Attackers

F6, a leading developer of technologies to combat cybercrime, has reported the emergence of SuperCard, a malicious modification of the…
Read More »
June 17, 2025

New Sorillus RAT Targets European Organizations Through Tunneling Services

An important development discovered in March 2025 by Orange Cyberdefense’s Managed Threat Detection teams in Belgium was that a European…
Read More »

Previous page Next page