A New Era of Social Engineering Attacks In the constantly evolving landscape of cybersecurity threats, a particularly insidious technique has gained alarming traction among the most sophisticated threat actors in the world. According to recent findings from Proofpoint, multiple state-sponsored hacking groups from Iran, North…
Continue reading...
A malicious Python package named “disgrasya” has been discovered on Python Package Index (PyPI), used as a tool for credit card fraud. This package exploited the WooCommerce API to automate stolen card verification and reached over 34,000 downloads, highlighting a serious and widespread threat in…
Continue reading...
In March 2025, cybersecurity researchers from ThreatFabric sounded the alarm over a new Android threat: Crocodilus, a highly sophisticated banking trojan specifically targeting users in Spain and Turkey—but with the potential to go global. Unlike typical malware clones, Crocodilus emerged as a fully-developed threat from…
Continue reading...
In today’s fast-evolving digital landscape, where cyber attackers constantly innovate, security researchers are sounding the alarm about a new sophisticated threat: CoffeeLoader. Recently analyzed by Zscaler ThreatLabz, this malware is designed to download and execute secondary payloads while evading traditional antivirus and EDR (Endpoint Detection…
Continue reading...
The cybersecurity developments highlight a growing trend: threat actors are becoming more sophisticated, targeting software supply chains, exploiting unpatched vulnerabilities, and leveraging advanced persistent threats (APTs) for espionage. Cybercriminals exploited GitHub repositories to distribute malicious code and compromise downstream users. These attacks typically involve injecting…
Continue reading...
In a significant cybersecurity alert, the Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities (KEV) catalog. This action follows active exploitation of the flaw, which poses severe risks to organizations relying…
Continue reading...
In a significant development, cybersecurity researchers have uncovered that MirrorFace, a threat actor group linked to China, has broadened its cyber espionage activities beyond its traditional focus on Japan. Recent findings indicate that the group targeted a diplomatic organization in the European Union, marking a…
Continue reading...
Cybercriminals are exploiting new vulnerabilities in widely used enterprise software, posing severe risks to businesses and government agencies. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five critical security flaws in Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog. These flaws are already under active…
Continue reading...
