New Malware Attack Deploys Malicious Chrome and Edge Extensions To Steal Sensitive Data
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting Brazilian users through malicious browser extensions designed to steal sensitive banking credentials and financial data.
The operation, dubbed "Operation Phantom Enigma," represents a significant escalation in...
New Crocodilus Malware Let Attacker Gain Full Control of Your Android Device
A sophisticated new Android banking Trojan named Crocodilus has emerged as a significant global threat, demonstrating advanced device-takeover capabilities that grant cybercriminals unprecedented control over infected smartphones.
First discovered in March 2025, this malware has...
Windows Authentication Coercion Attacks Pose Significant Threats to Enterprise Networks
Windows authentication coercion attacks continue to pose substantial risks to enterprise Active Directory environments in 2025, despite Microsoft's ongoing efforts to implement protective measures.
These sophisticated attacks allow threat actors with minimal privileges to gain...
Threat Actors Exploit ‘Prove You Are Human’ Scheme To Deliver Malware
Cybersecurity researchers have uncovered a sophisticated malware campaign that weaponizes users' trust in routine internet verification processes to deliver malicious payloads.
The scheme exploits familiar "prove you are human" prompts, transforming seemingly innocent website interactions...
Hackers Weaponize Ruby Gems To Exfiltrate Telegram Tokens and Messages
A sophisticated supply chain attack has emerged targeting the RubyGems ecosystem, exploiting geopolitical tensions surrounding Vietnam's recent Telegram ban to steal sensitive developer credentials and communications.
The malicious campaign involves two typosquatted Ruby gems designed...
New Linux PumaBot Attacking IoT Devices by Brute-Forcing SSH Credentials
Cybersecurity researchers have identified a sophisticated new threat targeting the expanding Internet of Things ecosystem.
PumaBot, a Go-based Linux botnet, has emerged as a significant concern for organizations operating vulnerable IoT devices, particularly surveillance systems.
Unlike...
State-Sponsored Groups Actively Targeting Manufacturing Sector and OT systems
A comprehensive analysis reveals an alarming escalation in cyberattacks targeting the manufacturing sector, with state-sponsored threat actors and hacktivist groups increasingly focusing their efforts on operational technology systems that control critical industrial processes.
The manufacturing...
North Face Fashion Brand Warns of Credential Stuffing Attack
The North Face, a prominent outdoor fashion retailer, has issued a comprehensive security notification to customers following the discovery of a credential stuffing attack against its website on April 23, 2025.
The incident represents a...
Apple’s iOS Activation Vulnerability Allows Injection of Unauthenticated XML Payloads
A critical security vulnerability has been discovered in Apple's iOS activation infrastructure that allows attackers to inject unauthenticated XML payloads during the device setup phase.
This flaw, affecting the latest iOS 18.5 stable release as...
Russian Hacker Black Owl Attacking Critical Industries To Steal Financial Details
A sophisticated Russian hacktivist group operating under multiple aliases has emerged as a significant threat to critical infrastructure across Russia, employing advanced malware and social engineering techniques to infiltrate and destroy organizational systems.
The group,...
