Posted inNews
From Dark Reading – Gootloader Malware Resurfaces in Google Ads for Legal Docs
Attackers target a familiar industry, law professionals, by hiding the infostealer in ads delivered via Google-based malvertising. Read More
Posted inNews
From Cyber Security News – Hackers Employ New ClickFix Captcha Technique to Deliver Ransomware
A sophisticated social engineering technique known as ClickFix has emerged, leveraging fake CAPTCHA verification processes to deceive users into executing malicious commands. This method exploits the trust users have in…
_Skorzewiak_via_Alamy.jpg)
Posted inNews
From Dark Reading – Iran’s MOIS-Linked APT34 Spies on Allies Iraq & Yemen
The Islamic Republic is keeping its enemies close and its friends closer, with espionage attacks aimed at nearby neighbors. Read More
Posted inVulnerabilities
From Cybersecurity Help – Google patches Chrome zero-day bug exploited by hackers
CVE-2025-2783 works in conjunction with a remote code execution exploit, which has yet to be identified. Read More
Posted inNews
From Dark Reading – Google Hastily Patches Chrome Zero-Day Exploited by APT
Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware. Read More
.webp)
Posted inNews
From Cyber Security News – New Sophisticated Phishing Attack Exploiting Microsoft 365 Infrastructure To Attack Users
A sophisticated new phishing campaign has been discovered that exploits Microsoft 365’s legitimate infrastructure to conduct highly convincing credential harvesting and account takeover attempts. Unlike traditional phishing attempts that rely…
Posted inArticles
From Krebs on Security – ClickFix: How to Infect Your PC in Three Easy Steps
A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed "ClickFix," the visitor to a hacked or malicious website is…
Posted inNews
From Cyber Security News – LibreOffice Vulnerability Let Attackers Execute Arbitrary Script Using Macro URL
A critical security vulnerability in LibreOffice tracked as CVE-2025-1080, has exposed millions of users to potential remote code execution attacks through manipulated macro URLs. Patched in versions 24.8.5 and 25.2.1…
Posted inNews
From Cyber Security News – 41,500+ VMware ESXi Instances Vulnerable to Code Execution Attacks
Shadowserver observed that 41,500+ internet-exposed VMware ESXi hypervisors as of March 4, 2025, are vulnerable to CVE-2025-22224, a critical zero-day vulnerability actively exploited in attacks. Broadcom patched the vulnerability in…
Posted inNews
From Cyber Security News – Hackers Deliver XWorm via Malicious Registry Files in a New Stegocampaign Attack
Stegoсampaign, a complex attack that leverages phishing, a multi-functional RAT, а loader, and malicious scripts, got a new twist. ANY.RUN’s malware analysts discovered a Stegocampaign variant that uses a Windows…
Posted inNews
From Cyber Security News – Hackers Bypassing Outlook Spam Filter to Deliver Weaponized ISO Files
A newly uncovered technique allows threat actors to bypass Microsoft Outlook’s spam filtering mechanisms, enabling the delivery of malicious ISO files through seemingly benign email links. This vulnerability exposes organizations…
Posted inNews
From Security Week – $1.5 Billion Bybit Heist Linked to North Korean Hackers
[[{"value":"Companies and experts have found evidence linking the $1.5 billion Bybit cryptocurrency heist to North Korean Lazarus hackers. The post $1.5 Billion Bybit Heist Linked to North Korean Hackers appeared…
Posted inNews
From Dark Reading – ‘Darcula’ Phishing Kit Can Now Impersonate Any Brand
With Version 3, would-be phishers can cut and paste a big brand's URL into a template and let automation do the rest. Read More
.webp)
Posted inNews
From Cyber Security News – Weaponized Signal, Line, and Gmail Apps Delivers Malware That Changes System Defenses
A sophisticated cyberattack campaign targeting Chinese-speaking users, malicious actors have weaponized fake versions of popular applications such as Signal, Line, and Gmail. These fake and weaponized apps are distributed via…
Posted inNews
From Security Week – Alabama Man Pleads Guilty to Hacking SEC’s X Account
[[{"value":"Eric Council Jr. pleaded guilty to hacking the X (formerly Twitter) account of the US Securities and Exchange Commission. The post Alabama Man Pleads Guilty to Hacking SEC’s X Account…