A British man has pleaded guilty in the United States to his role in a large cybercrime scheme that used SMS phishing, company network intrusions, and SIM swapping to steal at least $1 million in virtual currency from victims across…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about severe vulnerabilities in Gardyn Home Kit smart garden systems. Carrying a maximum severity score of 9.3 out of 10, these flaws could allow unauthenticated attackers to hijack…
A critical flaw in Anthropic’s Model Context Protocol (MCP) exposes over 150 million downloads to potential compromise. The vulnerability could enable full system takeover across up to 200,000 servers. The OX Security Research team identified the flaw as a fundamental design…
A newly identified malware campaign is raising serious concerns across the cybersecurity community by delivering two very different threats at the same time. Attackers are now using a single, obfuscated loader to push both Gh0st Remote Access Trojan (RAT) and…
Security researchers have uncovered a highly sophisticated attack campaign that weaponizes a legitimate, digitally signed Intel utility to secretly deploy malware, all without touching a single line of the original program’s code. The campaign, dubbed Operation PhantomCLR, represents a serious evolution…
A North Korean threat group known as UNC1069 has been running a sophisticated campaign that tricks cryptocurrency and Web3 professionals into joining fake online meetings, only to infect their computers with malware designed to steal digital assets. The group pretends…
Iran’s Ministry of Intelligence and Security (MOIS) has been running a long and carefully organized cyber campaign using three separate hacker identities. These identities, known as Homeland Justice, Karma/KarmaBelow80, and Handala, were widely believed to be independent hacktivist groups. However,…
A critical Broken Object Level Authorization (BOLA) vulnerability in Lovable, the popular AI-powered app builder platform, is reportedly allowing unauthorized users to access sensitive project data, including source code, database credentials, AI chat histories, and real customer information from thousands…
A new and deceptive attack campaign has emerged where threat actors are impersonating IT helpdesk personnel through Microsoft Teams to trick employees into granting remote access to their systems. What makes this campaign dangerous is how it uses trusted, everyday…
Threat actors are now weaponizing QEMU, a legitimate open-source machine emulator and virtualizer, as a covert backdoor to steal credentials and deliver ransomware without triggering endpoint security alerts. This alarming shift in attacker behavior highlights how freely available, trusted software…
A new ransomware strain known as JanaWare has been quietly targeting home users and small to medium-sized businesses in Turkey, using a customized version of the well-known Adwind Remote Access Trojan (RAT) as its delivery vehicle. The campaign is notable…
Microsoft is actively working to resolve a service disruption that has left a subset of Teams desktop client users unable to launch the application, with the company now monitoring the rollback of the problematic update to confirm full recovery. Microsoft…
Microsoft has released Windows 11 Insider Preview Build 26300.8170 to the Dev Channel, introducing notable improvements to Secure Boot visibility, storage management, and the Feedback Hub experience. The most security-relevant update in this build is a revamped Secure Boot experience…
The National Security Agency is reportedly deploying Anthropic’s advanced AI model, Mythos Preview. Meanwhile, the Department of Defense has labeled the company a “supply chain risk,” highlighting an internal contradiction. The conflict between Anthropic and the Pentagon dates back to…
A fast growing Android malware campaign is using a framework called MiningDropper to push far more dangerous threats onto phones disguised as normal apps. Researchers describe it as a multi stage delivery system that can lead to infostealers, remote access…
