A sophisticated cross-platform credential stealer has been discovered in the NPM ecosystem, employing advanced sandbox evasion techniques to harvest sensitive data from developer workstations. The malware specifically targets Windows, Linux, and macOS systems, using environment fingerprinting to det
Cisco recently experimented with using AI to automate security incident report writing, revealing both the potential and limitations of AI in cybersecurity operations. While the AI successfully generated structured reports and saved time on routine documentation, it also produced inaccuracies, misse
Cybercriminals are distributing ValleyRAT malware through counterfeit Microsoft Teams download websites. The malicious campaign targets unsuspecting users searching for legitimate Microsoft Teams installations, delivering a sophisticated remote access trojan (RAT) capable of data exfiltration, syste
Google inadvertently published technical details of an unpatched security vulnerability in Chromium before a fix was available, potentially exposing millions of Chrome, Edge, and other Chromium-based browser users to exploitation. The premature disclosure has sparked concerns about coordinated vulne
Security researchers discovered a devastating 0-click exploit chain targeting Google Pixel 10 devices that requires just five lines of code to bypass kernel security. The vulnerability leverages a race condition in the device’s window management subsystem, allowing attackers to gain kernel-level exe
A sophisticated supply chain attack compromised multiple @antv npm packages with Mini Shai-Hulud malware, specifically designed to steal CI/CD credentials from automated build systems. The malicious code targets environment variables containing sensitive tokens during package installation, affecting
Zimperium zLabs uncovered a 10-month Android malware campaign involving 250 fake apps that silently enrolled victims in premium SMS services across four countries. The operation abused Google’s SMS Retriever API and hidden WebViews to bypass user consent and intercept authentication codes.
Europol and international partners dismantled First VPN, a service widely used by ransomware gangs, seizing 33 servers and arresting its alleged administrator. The operation, codenamed Saffron, also exposed thousands of users whose data is now in the hands of investigators across 16 countries.
A contractor working with the Cybersecurity and Infrastructure Security Agency (CISA) inadvertently exposed Amazon Web Services (AWS) GovCloud credentials on a public GitHub repository. The leaked keys provided access to sensitive federal government cloud infrastructure, raising serious questions ab
A sophisticated Android ad fraud operation called “Trapdoor” has been discovered operating through 455 malicious apps on Google Play Store, generating fake ad clicks to defraud advertisers. The campaign remained undetected for months, affecting millions of users who unknowingly participated in large