Intel
A recent discovery has revealed that 57 Chrome extensions, collectively installed by 6 million users, possess potentially dangerous capabilities. These extensions can monitor browsing behavior, access cookies from various domains, and execute remote scripts, posing significant privacy and security threats. Uncovering the Hidden Extensions The extensions in question are not
Healthcare and pharmaceutical sectors are currently under siege from a sophisticated malware campaign deploying ResolverRAT, a newly identified remote access trojan. This malware is disseminated through phishing emails that masquerade as urgent legal notices, such as copyright infringement alerts, to manipulate recipients into action. Phishing Tactics and Malware Delivery The
A severe vulnerability identified in the Erlang/OTP SSH, designated as CVE-2025-32433, poses a significant risk by enabling unauthenticated remote code execution on susceptible systems. This flaw demands urgent attention and patching to prevent potential exploitation. Understanding the Vulnerability The vulnerability, discovered by researchers at Ruhr University Bochum, has been
The China-linked Advanced Persistent Threat (APT) group known as Mustang Panda has recently upgraded its toolkit, deploying a new custom backdoor named MQsTTang. This development comes as the group intensifies its cyberattacks across Europe, Asia, and Australia. Mustang Panda, also referred to as Camaro Dragon, RedDelta, or Bronze President, has
Recent studies reveal that automated traffic now constitutes the majority of web activity, with a significant rise in bot-driven interactions. The 2025 "Bad Bot Report" by Thales and Imperva highlights that bots are responsible for 37% of all internet traffic, marking a 5% increase from the previous year.
Recently, a significant cybersecurity threat has emerged, affecting over 16,000 Fortinet devices worldwide. These devices have been compromised with a symlink backdoor, granting attackers read-only access to sensitive files on previously breached systems. This alarming situation highlights the ongoing risks associated with cyberattacks and the importance of robust security
An emerging ransomware group known as "CrazyHunter" has been identified as a significant threat to Taiwanese organizations, particularly in vital sectors such as healthcare and education. This group has gained attention for its sophisticated attack methods and reliance on open-source tools. CrazyHunter's Tactics and Tools According
The Apache Roller blogging platform recently addressed a critical vulnerability that could allow persistent unauthorized access even after users changed their passwords. This flaw, identified as CVE-2025-24859, stemmed from inadequate session expiration, which failed to invalidate active user sessions following a password update. The Apache Software Foundation (ASF) has introduced
A new spear-phishing campaign orchestrated by the Russian state-sponsored group Midnight Blizzard is targeting diplomatic entities across Europe. This campaign introduces a novel malware loader named 'GrapeLoader' alongside a new variant of the 'WineLoader' backdoor. Overview of the Cyberattack Midnight Blizzard, also known as 'Cozy