Posted inVulnerabilities
From Cybersecurity Help – Malicious Chrome extensions caught stealing ChatGPT and DeepSeek conversations
The malicious add-ons masquerade as legitimate AI sidebar tools. Read More
Posted inVulnerabilities
From Cybersecurity Help – RCE flaw in legacy D-Link DSL gateway devices actively exploited in the wild
The vulnerability enables unauthenticated RCE by allowing attackers to inject and run shell commands on exposed devices. Read More
Posted inVulnerabilities
From Cybersecurity Help – Threat actor allegedly sells corporate data linked to cloud file-sharing breaches
Hudson Rock says initial access was likely obtained using credentials harvested by infostealers like RedLine, Lumma, and Vidar. Read More
Posted inVulnerabilities
From Cybersecurity Help – Russian hackers target European hospitality industry with fake BSoD malware
The campaign, dubbed ‘PHALT#BLYX,’ begins with phishing emails posing as reservation cancellations from popular hotel booking platforms. Read More
Posted inVulnerabilities
From Cybersecurity Help – Kimwolf Android botnet infects over 2M devices via residential proxies
Kimwolf is believed to be an Android variant of AISURU and may be behind a series of record-setting DDoS attacks late last year. Read More
Posted inVulnerabilities
From Cybersecurity Help – Russia-linked hackers target Ukraine via Viber malware campaign
The group has maintained “high-intensity intelligence gathering activities” against Ukrainian institutions throughout 2025. Read More
Posted inVulnerabilities
From Cybersecurity Help – Trust Wallet links $8.5M browser extension hack to industry-wide Sha1-Hulud attack
The attackers gained access after Trust Wallet’s developer GitHub secrets were exposed. Read More
Posted inVulnerabilities
From Cybersecurity Help – New APT37’s Artemis campaign using trojanized HWP documents
The operation uses social engineering and technical evasion techniques, delivering malware through trojanized HWP documents. Read More
Posted inVulnerabilities
From Cybersecurity Help – DarkSpectre browser extension campaigns compromise over 8.8M users worldwide
The latest campaign alone impacted 2.2 million users through malicious browser extensions distributed across the three major browsers. Read More
Posted inVulnerabilities
From Cybersecurity Help – Two cybersecurity experts plead guilty for ALPHV BlackCat ransomware attacks
Goldberg worked at incident response firm Sygnia, while Martin, served as a ransomware negotiator for financial technology company DigitalMint. Read More
Posted inVulnerabilities
From Cybersecurity Help – Recently disclosed MongoBleed vulnerability under active exploitation worldwide
ensys and the Shadowserver Foundation identified roughly 87,000 and 74,854 potentially exposed systems worldwide, respectively. Read More
Posted inVulnerabilities
From Cybersecurity Help – Cyber Security Week in Review: December 26, 2025
In brief: Fortinet warns of a five-year-old FortiOS flaw exploited in the wild, Russian defense-industry orgs targeted in a new campaign, and more. Read More
Posted inVulnerabilities
From Cybersecurity Help – US seizes fraud domain, charges operator of fake ID marketplaces
The seized domain served as a backend control panel that stored and managed illegally harvested bank login credentials. Read More
Posted inVulnerabilities
From Cybersecurity Help – Malicious Phantom Shuttle Chrome extensions hijack user traffic
The extensions route all web traffic through attacker-controlled proxy servers using hardcoded credentials hidden with a custom encoding scheme. Read More
Posted inVulnerabilities
From Cybersecurity Help – Goffee cyberspies target Russian military personnel and defense-industry orgs
The group is experimenting with new techniques to evade detection but still shows gaps in technical execution and language accuracy. Read More