A sophisticated Android ad fraud operation called “Trapdoor” has been discovered operating through 455 malicious apps on Google Play Store, generating fake ad clicks to defraud advertisers. The campaign remained undetected for months, affecting millions of users who unknowingly participated in large
Elon Musk revealed that US military suicide drones have been operating on Starlink satellite internet connections, directly violating SpaceX’s terms of service and usage policies. The unauthorized use of commercial satellite infrastructure for offensive military operations raises critical questions
Two former executives of US-based payment processing companies have pleaded guilty to federal charges for their role in facilitating a massive tech support scam operation. The executives knowingly processed payments for fraudulent tech support schemes that defrauded thousands of victims, primarily e
InvisibleFerret malware has evolved its evasion tactics by abandoning traditional Python scripts in favor of compiled Python (.pyd) and shared object (.so) files. This strategic shift allows the malware to bypass signature-based detection systems that primarily focus on script-based threats. The upd
Cisco SD-WAN controllers under active zero-day attack. Critical auth bypass flaw lets attackers grab admin access. Patch immediately if you’re running affected versions.
Google has released an emergency security update for Chrome addressing multiple critical vulnerabilities, including CVE-2025-0411 and CVE-2025-0410, which could allow remote attackers to execute arbitrary code on affected systems. These high-severity bugs affect Chrome’s V8 JavaScript engine and ANG
GitLab has released security updates addressing multiple critical vulnerabilities in both Community Edition (CE) and Enterprise Edition (EE), including severe flaws in its Duo AI features, authorization bypass issues, and denial-of-service (DoS) vectors. The most severe vulnerabilities allow unautho
A critical zero-day vulnerability in KnowledgeDeliver Learning Management System (LMS) is being actively exploited in the wild to deploy BLUEBEAM web shells. Attackers are leveraging an unrestricted file upload flaw to gain persistent access to compromised systems, affecting educational institutions
Threat actors are employing sophisticated social engineering tactics by disguising malicious Linux payloads as legitimate SSH-related files during software package installations. The attack leverages user trust in familiar system utilities, hiding malware within files named to resemble standard Open
A legitimate Lenovo diagnostics driver has been weaponized by threat actors to terminate Endpoint Detection and Response (EDR) processes through a Bring Your Own Vulnerable Driver (BYOVD) attack. The vulnerable driver allows attackers with administrative privileges to execute code at the kernel leve