LLMs have become increasingly democratized over the past two years, making access to them easier than ever. However, with the emergence of any new technology or tool, there is always the risk of it being exploited for malicious purposes, and LLMs are no exception. According to a recent research report, OpenAI’s new operator, launched in … Continued
For the third consecutive month in 2025, Apple has rolled out an emergency security patch to fix an actively exploited zero-day vulnerability. The flaw, identified as CVE-2025-24201, exists in WebKit, Apple’s open-source browser engine utilized by Safari and other apps across macOS, iOS, and iPadOS Affected Devices iPhone XS and newer iPad Pro (3rd generation … Continued
Davis Lu, a 55 year old software developer from Texas has been convicted of planting Logic Bomb to intentionally damage the computer systems at his ex-employer, a MNC Eaton. Davis worked at Eaton from 207 to 2019, could face up to 10 years in prison. Background Lu worked as a software developer at Eaton, which … Continued
XCSSET malware’s latest version targets Xcode projects, that can evade traditional security methods. Its primary motive is to steal sensitive user data and system information and exfiltrate it to remote servers controlled by threat actors. Background XCSSET, a sophisticated malware strain discovered in 2022, has become more dangerous. XCSSET now employs complex obfuscation methods such … Continued
For the last few months, there has been a surge in the distribution of a backdoor known as “DCRat” in the gaming community. This backdoor is available to cybercriminals through a Malware-as-a-Service (MaaS) model. The threat actors also assist cybercriminals in setting up the infrastructure for hosting the C2 servers. Background This backdoor is from … Continued
A recent investigative report has uncovered a connection between the Belsen Group and ZeroSeven Group, with both having connections to Yemen. The Belsen Group was spotlighted for leaking Fortinet data and selling network access. Belsen Group The Belsen Group first appeared on cybercrime forums in early January 2025 under the alias Belsen_Group. Their Initial activity … Continued
Since last year November, the Colombian judicial system has been facing regular cyberattacks orchestrated by the threat actor Blind Eagle(APT-C-36). So far, this campaign has compromised more than 1,600 systems and exposed critical vulnerabilities within critical infrastructure. Who is Blind Eagle Blind Eagle(APT-C-36) is a cyber threat actor active since 2018, primarily targeting government institutions … Continued
Who Is Dark Storm Dark Storm Team, the pro-Palestinian hacking group, has claimed responsibility for the recent cyberattack that caused widespread outages on X, formerly Twitter. The group, which emerged in 2023, is known for its advanced cyber warfare tactics and successful breaches of high-security systems. Dark Storm Team’s attacks are politically motivated, with a … Continued
A recent investigation has uncovered a sophisticated malware campaign using the SilentCryptominer, a crypto currency mining malware, which is distributed through blackmailing YouTubers. Attackers are coercing YouTubers into promoting malicious phishing like under the guise of legitimate software, leading to widespread, unsuspecting installations among viewers. Modus Operandi It begins by cybercriminals filing false complaints against … Continued
Sidewinder, a notorious APT, (Advanced Persistent Threat) group, has recently upgraded its arsenal and widened its attack scope, with a recent focus on the nuclear reactor and maritime logistics companies. This threat actor is highly active in Southeast Asia, whose primary targets are military and government agencies of Pakistan, China, Sri Lanka, and Nepal. Now … Continued
