Dragon Breath, also known as APT-Q-27 or Golden Eye, has launched a new malware campaign using a tool called RONINGLOADER. This tool is designed to disable security protections on Windows systems. After weakening the system, it installs a modified form of the Gh0st RAT trojan. Researchers say the campaign shows strong technical planning and skill. … Continued
A large-scale ransomware campaign by the group known as Akira has reportedly amassed more than USD 244 million in illicit proceeds. The figure reflects recent research into the operations of this threat actor. The income stems from numerous attacks and extortion payments across organisations worldwide. Akira uses a ransomware-as-a-service (RaaS) model, allowing affiliates to carry … Continued
A serious flaw has been discovered in the web application firewall product FortiWeb by Fortinet. Attackers are exploiting it to create new administrator accounts on devices without any login credentials. This means someone could gain full control of the device simply by sending a specially crafted request. The issue was found on devices that have … Continued
Operation Endgame was a global action carried out by international law-enforcement agencies. The mission was aimed at disrupting three major cyber-crime operations: Rhadamanthys, VenomRAT and Elysium. These tools were responsible for large-scale data theft and remote attacks. The operation became one of the biggest coordinated cyber crackdowns. Authorities successfully took down 1,025 servers used to … Continued
CISA has issued an alert about a critical security flaw in WatchGuard Firebox devices after confirming that attackers are already exploiting it in the real world. The vulnerability has been added to the Known Exploited Vulnerabilities list, which highlights threats that need urgent attention. Thousands of Firebox appliances across different countries are affected by this … Continued
Google has introduced a new system called Private AI Compute, a breakthrough in how artificial intelligence processes personal data. The aim is to combine the power of cloud computing with the privacy protection users expect from on-device processing. This means users can enjoy smarter, faster AI features without worrying about their private data being exposed. … Continued
A new Android malware called Fantasy Hub has been discovered by cybersecurity researchers. This malware is being sold as a full Malware-as-a-Service (MaaS) package on underground forums. It is designed to give hackers remote access to infected Android phones. The service is mainly promoted through Russian-speaking cybercrime channels. Fantasy Hub works like a remote access … Continued
A dangerous new malware called GlassWorm has made a return, targeting developers through Visual Studio Code (VS Code) extensions. This self-spreading worm is capable of infecting legitimate extensions, stealing developer credentials, and even taking remote control of systems. The campaign was first detected in October 2025 and, despite cleanup efforts, researchers have confirmed that new … Continued
A large-scale phishing campaign is targeting hotel systems across the world. Attackers are using a clever social engineering trick called “ClickFix” to fool hotel staff. This method convinces them to run harmful commands that secretly install malware. Security researchers have confirmed that this campaign is active and widespread. The attackers begin by sending fake emails … Continued
Google has introduced a dedicated reporting tool for businesses to report review extortion on their profiles. Previously, businesses had to use the general tool for reporting inappropriate reviews, but the new tool specifically helps address situations where customers threaten to leave negative reviews unless they are paid or receive some form of compensation. What’s happening? … Continued
