cybersecurity threats
-
New Supply Chain Malware Operation Targets GlueStack Packages
A new supply chain attack has targeted GlueStack packages, affecting nearly one million downloads and allowing hackers to execute commands and steal information from compromised systems.
-
Cybersecurity Alert: Malicious Browser Extensions Target Brazilian Users in Widespread Phishing Campaign
A new phishing campaign has surfaced, aiming at Brazilian users through malicious browser extensions that stole sensitive authentication data. The operation has reportedly infected 722 systems across different countries.
-
Hackers Exploit Voice Phishing to Breach Corporate Systems
A group of hackers known as UNC6040 is exploiting voice phishing to gain access to corporate systems, particularly targeting Salesforce, with tactics that rely on manipulating employees rather than exploiting technical vulnerabilities.
-
New Malware Campaign Targets macOS Users with Social Engineering Tactics
A new malware campaign is targeting macOS users with deceptive tactics, employing fake Spectrum websites and the ClickFix method to deliver the Atomic macOS Stealer malware. Security experts warn of the evolving threat landscape for Apple users.
-
New PathWiper Malware Targets Ukrainian Infrastructure, Analysts Warn of Ongoing Cyber Threats
A new data wiper malware named PathWiper has targeted critical infrastructure in Ukraine, highlighting the ongoing cyber threats posed by advanced persistent threat actors linked to Russia. Cisco Talos has detailed the malware’s capabilities and its similarities with previously observed threats.
-
FBI Issues Warning as BADBOX 2.0 Malware Infects Over 1 Million Devices
The FBI has warned that the BADBOX 2.0 malware has infected over one million consumer devices, transforming them into tools for cybercriminals. The widespread malware affects various Android IoT gadgets, posing significant threats to home network security.
-
Data Leak Exposes Personal Information of Over 3.6 Million Users
A recent data breach has exposed the personal information of over 3.6 million users associated with the app-building platform Passion.io, raising serious privacy and security concerns. Cybersecurity expert Jeremiah Fowler discovered the unsecured database containing sensitive data, prompting immediate action from the company.
-
Critical Roundcube Webmail Exploit Sold on Dark Web, Security Experts Warn
Security experts warn of a critical vulnerability in Roundcube webmail, CVE-2025-49113, which has been exploited by hackers selling RCE exploits online. The flaw has led to a patch but concerns remain over its potential impact due to the application’s popularity.
-
Microsoft Unveils European Security Program to Combat State-Sponsored Cyber Threats
Microsoft has launched a new European Security Program to provide free AI-powered cybersecurity tools to governments facing threats from state-sponsored hackers. The initiative aims to strengthen cyber defenses across Europe amid rising cyber threats from Russia, China, Iran, and North Korea.
