Cybersecurity researchers have identified a modified and highly obfuscated version of the Shai-Hulud malware. The discovery suggests that threat actors are actively experimenting with changes to the malware rather than launching a large-scale attack. The activity appears controlled and deliberate, indicating a testing phase. Experts believe this could be preparation for more advanced campaigns. The … Continued
Cybersecurity researchers have uncovered a new phishing campaign where attackers abused a legitimate Google Cloud email feature to trick users. Instead of hacking Google directly, the criminals misused an official automation service to send emails that appeared genuine. Because the messages came from a trusted Google-related address, many recipients did not suspect anything unusual. This … Continued
The RondoDox botnet has been found actively exploiting a critical software vulnerability called React2Shell. This flaw affects applications built using React Server Components and Next.js, which are widely used across the internet. By abusing this weakness, attackers are able to remotely access servers without authentication. Security experts warn that the activity is ongoing and widespread. … Continued
The U.S. government has lifted sanctions on three individuals previously linked to the Intellexa spyware consortium. The decision was announced in late December 2025. It reflects a change following a formal review by U.S. authorities. The update was recorded in official sanctions listings. The individuals whose sanctions were removed are Sara Hamou, Andrea Gambazzi, and … Continued
The Walt Disney Company has agreed to pay $10 million to settle a lawsuit related to children’s data privacy violations. The case was brought by U.S. government authorities. It accused Disney of allowing the collection of personal data from children without proper consent. The settlement was approved by a federal court in late December 2025. … Continued
Silver Fox, a cyber threat group tracked by security researchers, has launched a targeted phishing campaign aimed at users in India. The attackers are using tax-related email messages to lure victims into opening malicious files. These emails are crafted to look like official tax notices, refund alerts, or compliance messages. The timing makes them especially … Continued
Mustang Panda, a China-linked cyber espionage group, has been caught using a new and more advanced attack technique. Security researchers found that the group is now deploying a signed kernel-mode rootkit to install a malware backdoor called ToneShell. This approach allows the attackers to hide deep inside Windows systems. As a result, the malware becomes … Continued
Cybersecurity researchers have uncovered a phishing campaign that abused the npm package registry to steal login credentials. The operation involved 27 malicious npm packages created specifically for phishing purposes. These packages were not designed to provide useful code to developers. Instead, they were used as hosting infrastructure for credential-stealing pages. The campaign remained active for … Continued
A critical security vulnerability affecting MongoDB has been discovered and is currently being exploited worldwide. The issue is tracked as CVE-2025-14847 and has raised serious concerns across the cybersecurity community. Experts warn that unpatched MongoDB servers are at high risk of sensitive data exposure. Organizations using MongoDB are being urged to act immediately. The vulnerability … Continued
A critical security vulnerability has been identified in the core component of LangChain, a popular framework used to build AI applications. The issue affects how LangChain handles serialized data in its Python implementation. Security researchers warn that the flaw could expose sensitive information. The risk is high due to LangChain’s widespread use. The vulnerability has … Continued
