A sophisticated new malware strain called “Arcane” is targeting gamers through YouTube videos and steal wide range of sensitive data from VPN, gaming clients, and network utilities like ngrok, Playit, Cyberduck, FileZilla and DynDNS. How Arcane Stealer Works Arcane Stealer Distribution(Source:Securelist) The initial attack begins with YouTube videos … Continued
Ukrainian cybersecurity officials have identified a new malware campaign specifically targeting the country’s defense infrastructure, according to an alert from the Computer Emergency Response Team of Ukraine (CERT-UA). This development comes amid controversy about Signal’s cooperation with Ukrainian authorities. According to The Record, Signal allegedly stopped responding to requests from Ukrainian law enforcement regarding Russian … Continued
Security experts have identified that malicious actors are currently taking advantage of a security weakness in ChatGPT, enabling them to insert harmful URL redirects within the AI chatbot’s interface. In just one week, over 10,000 exploitation attempts were traced back to a single malicious IP addresses What is it Security analysts uncovered this vulnerability within … Continued
A large-scale phishing campaign has recently targeted GitHub users, affecting more than 12,000 repositories. The attackers lured developers into authorizing a malicious OAuth app by sending fake “Security Alert” issues. The phishing alert appeared to be a legitimate security warning: “Security Alert: Unusual Access Attempt – We have detected a login attempt on your GitHub … Continued
For the last few months, RansomHub a cybercriminal group has partnered with FakeUpdates a malware-as-a-service (MaaS) to deliver ransomware against US government organizations. The threat actor behind FakeUpdates is “SocGholish”. Who is RansomHub RansomHub first came to public attention in February 2024, operating as a Ransomware-as-a-Service (RaaS) group.The group offers a higher level of autonomy … Continued
Microsoft Incident Response researchers have discovered a powerful new remote access trojan (RAT) called StilachiRAT with sophisticated capabilities for credential theft and cryptocurrency wallet. Technical Capabilities System reconnaissance: Executes WMI queries via WQL to gather system information and hardware identifiers, creating a unique device fingerprint derived from system serial numbers and attacker RSA keys. Cryptocurrency … Continued
What is an LLM? A Large Language Model (LLM) is a type of AI system designed to process and generate text. Built on transformer neural network architectures, LLMs can analyze and predict language with exceptional accuracy by leveraging enormous datasets. This ability to understand and produce human-like text has made LLMs a game-changer across various … Continued
Cybercriminals are deploying are sophisticated a phishing campaign that uses malicious Microsoft OAuth apps masquerading as legitimate Adobe and DocuSign apps to steal Microsoft 365 credentials and distribute malware. How This Campaign Works … Continued
AI has revolutionized many sectors, and cybersecurity is no exception. As cyber threats and the cost of breaches are increasing, AI has made its way into the cybersecurity professionals’ arsenal. It is now used in a way that was previously unimaginable, like enhancing threat detection, reducing the response time in case of a breach, and … Continued
Cybersecurity researchers have uncovered a series of highly sophisticated instructions targeting Fortinet firewall appliances to deploy new ransomware strain “SuperBlack”. This occurred between January and March 2025. The malicious campaign, attributed to a threat actor labeled “Mora_001,” operated throughout Q1 2025, leveraging unpatched security flaws to intrude corporate networks. Technical Vulnerability Exploitation Chain … Continued
