Security researchers have introduced a new technique called HashJack, which uses the “#” part of a URL to hide malicious instructions. This portion of a link is normally ignored by servers, making the attack hard to detect. When an AI browser or assistant loads the link, it reads the hidden instructions from the fragment. This … Continued
A harmful Chrome extension called Crypto Copilot has been caught secretly adding extra fees during Raydium swaps. Security researchers found that it quietly inserted hidden Solana transfers inside every transaction. Users thought they were only confirming a normal Raydium swap, but another instruction was added in the background. This caused small amounts of SOL to … Continued
Malicious Blender (.blend) model files are now being used to spread the StealC V2 infostealing malware. Attackers hide harmful Python scripts inside 3D model files and upload them to asset marketplaces. When users open these models in Blender, the script runs automatically if the auto-run option is enabled. This makes the infection extremely easy to … Continued
A new malware campaign called Shai-Hulud is causing serious trouble for npm users. Security researchers have confirmed that this malware spreads like a worm inside the JavaScript ecosystem. It takes over developer accounts and injects malicious code into popular packages. Because of its scale, it is being seen as one of the biggest recent supply-chain … Continued
Iberia Airlines has informed its customers that a data breach at one of its suppliers has exposed certain customer information. The Spanish flag carrier says unauthorized access to the supplier’s systems compromised the confidentiality of some customer data. The incident highlights how third-party vendors can become weak links in enterprise security. The airline says it … Continued
A serious cybersecurity threat has come to light as attackers are now using the ShadowPad malware to exploit a major flaw in Windows Server Update Services (WSUS). The vulnerability, identified as CVE-2025-59287, allows attackers to run commands on a WSUS server without needing any login. Security researchers have confirmed that this flaw is already being … Continued
Salesforce has announced that it detected unauthorized activity linked to OAuth connections created by applications published by Gainsight. These apps are widely used by Salesforce customers, and the unusual behavior raised concerns that some customer data may have been accessed without approval. Salesforce stressed that the incident is connected to third-party integrations, not to a … Continued
Cybersecurity researchers have identified a new malicious tool called Matrix Push, which abuses browser notifications to run phishing and malware attacks. It turns the normal web-push feature into a method for attackers to reach users directly. The tool makes fake alerts look completely legitimate. Because of this, many people may not realize they are being … Continued
CTM360 has uncovered a large global campaign designed to hijack WhatsApp accounts, known as HackOnChat. The operation uses fake login portals and malicious pages that look identical to official WhatsApp services. These pages trick users into giving attackers access. The goal is to steal active sessions and verification keys. Attackers rely on two main tactics: … Continued
Iran-linked hackers carried out a detailed digital reconnaissance on a commercial ship just days before a real-world missile strike attempt. Security researchers revealed that these hackers mapped the vessel’s AIS data and even accessed its onboard cameras. This activity happened shortly before the physical attack. Experts say the timing shows the cyber actions were connected … Continued
