OtterCookie v4 Introduces Enhanced Virtual Machine Detection and Advanced Credential Theft Features for Chrome and MetaMask
The North Korean threat actors behind the Contagious Interview campaign have been observed employing upgraded versions of a cross-platform malware known as OtterCookie. This malware is capable of stealing…
The North Korean threat actors behind the Contagious Interview campaign have been observed employing upgraded versions of a cross-platform malware known as OtterCookie. This malware is capable of stealing…
Law Enforcement Disrupts Botnet Operation Utilizing Compromised Routers for Residential Proxy Services
Law enforcement authorities have successfully disrupted a botnet that has compromised thousands of routers over the past 20 years, leading to the establishment of two networks of residential proxies,…
Law enforcement authorities have successfully disrupted a botnet that has compromised thousands of routers over the past 20 years, leading to the establishment of two networks of residential proxies,…
Chinese Threat Actors Exploit SAP Remote Code Execution Vulnerability CVE-2025-31324, Deploy Golang-Based SuperShell
A China-linked threat actor known as Chaya_004 has been identified exploiting a recently disclosed vulnerability in SAP NetWeaver.
Forescout Vedere Labs reported the discovery of a malicious infrastructure…
A China-linked threat actor known as Chaya_004 has been identified exploiting a recently disclosed vulnerability in SAP NetWeaver.
Forescout Vedere Labs reported the discovery of a malicious infrastructure…
Google Agrees to $1.375 Billion Settlement with Texas Regarding Unauthorized Tracking and Biometric Data Practices
Google has agreed to a settlement with the state of Texas, amounting to $1.4 billion, to resolve two lawsuits alleging the company unlawfully tracked users’ locations and retained facial…
Google has agreed to a settlement with the state of Texas, amounting to $1.4 billion, to resolve two lawsuits alleging the company unlawfully tracked users’ locations and retained facial…
Germany Closes eXch Amidst $1.9 Billion Money Laundering Investigation, Seizing €34 Million in Cryptocurrency and 8TB of Data
Germany’s Federal Criminal Police Office (Bundeskriminalamt, BKA) has successfully dismantled the online infrastructure associated with the eXch cryptocurrency exchange due to serious allegations of money laundering and operating an…
Germany’s Federal Criminal Police Office (Bundeskriminalamt, BKA) has successfully dismantled the online infrastructure associated with the eXch cryptocurrency exchange due to serious allegations of money laundering and operating an…
Microsoft Teams to Implement Screen Capture Restrictions During Meetings
Microsoft is in the process of developing a new feature for Teams aimed at enhancing content security during meetings by preventing users from capturing screenshots of sensitive information.
Participants…
Microsoft is in the process of developing a new feature for Teams aimed at enhancing content security during meetings by preventing users from capturing screenshots of sensitive information.
Participants…
Emergence of Noodlophile Infostealer Malware from Deceptive AI Video Generation Tools
Fake AI-driven video generation platforms are being exploited to disseminate a new category of information-stealing malware, referred to as ‘Noodlophile,’ disguised as content generated by supposed artificial intelligence tools.…
Fake AI-driven video generation platforms are being exploited to disseminate a new category of information-stealing malware, referred to as ‘Noodlophile,’ disguised as content generated by supposed artificial intelligence tools.…
🔥3
Department of Justice Reports Potential Data Breach at Berkeley Research Group Involving Sensitive Information on Survivors of Diocesan Abuse
The U.S. Department of Justice has confirmed that a recent data breach at a California consulting firm has led to the exposure of sensitive information belonging to survivors of…
The U.S. Department of Justice has confirmed that a recent data breach at a California consulting firm has led to the exposure of sensitive information belonging to survivors of…
🔥1
Bluetooth 6.1 Enhances Privacy through Randomized RPA Timing Techniques
The Bluetooth Special Interest Group (SIG) has introduced the Bluetooth Core Specification 6.1, which incorporates significant enhancements to the well-established wireless communication protocol. A key feature of this release…
The Bluetooth Special Interest Group (SIG) has introduced the Bluetooth Core Specification 6.1, which incorporates significant enhancements to the well-established wireless communication protocol. A key feature of this release…
Introduction of PDF Download Feature for In-Depth Research in ChatGPT
ChatGPT’s Deep Research feature, which facilitates in-depth research for complex tasks, is set to introduce a long-awaited functionality: the option to save reports as PDF files.
By utilizing the…
ChatGPT’s Deep Research feature, which facilitates in-depth research for complex tasks, is set to introduce a long-awaited functionality: the option to save reports as PDF files.
By utilizing the…
🔥1😁1
Cybersecurity Breach: iClicker Platform Compromised, Exposing Students to Malware through Phony CAPTCHA Mechanism
The iClicker website, a widely used platform for student engagement, fell victim to a sophisticated ClickFix attack targeting students and educators. This security breach involved a deceptive CAPTCHA prompt…
The iClicker website, a widely used platform for student engagement, fell victim to a sophisticated ClickFix attack targeting students and educators. This security breach involved a deceptive CAPTCHA prompt…
👍2
Exploiting Fraudulent AI Tools to Deploy Noodlophile Malware, Affecting Over 62,000 Victims Through Facebook Lures
Threat actors are increasingly exploiting the allure of artificial intelligence (AI) by offering counterfeit AI-powered tools to entice users into downloading malware known as Noodlophile.
Rather than relying on…
Threat actors are increasingly exploiting the allure of artificial intelligence (AI) by offering counterfeit AI-powered tools to entice users into downloading malware known as Noodlophile.
Rather than relying on…
❤1🤔1
Emerging SEO Poisoning Threat: Targeted Malware Campaign Aimed at IT Administrators
Recent intelligence from Varonis has unveiled a notable trend in cyberattacks where adversaries are leveraging SEO poisoning techniques to manipulate IT administrators into downloading malicious software. This tactic involves…
Recent intelligence from Varonis has unveiled a notable trend in cyberattacks where adversaries are leveraging SEO poisoning techniques to manipulate IT administrators into downloading malicious software. This tactic involves…
🔥2
FreeDrain Phishing Scam Depletes Cryptocurrency Assets of Enthusiasts
A sophisticated phishing scheme, comprising a network of counterfeit websites, has been identified as a significant threat to web3 projects, draining cryptocurrency wallets on a large scale for several…
A sophisticated phishing scheme, comprising a network of counterfeit websites, has been identified as a significant threat to web3 projects, draining cryptocurrency wallets on a large scale for several…
🔥2
Weekly Security Update: May 4 – May 10
Last week, our labs observed several significant developments in the realm of information security.
– A new episode of Lock and Code highlights the emergence of AI chatbot programs…
Last week, our labs observed several significant developments in the realm of information security.
– A new episode of Lock and Code highlights the emergence of AI chatbot programs…
👍1
ASUS Addresses Remote Code Execution Vulnerabilities in DriverHub Accessible through HTTP and Malicious .ini Files
ASUS has implemented security updates to rectify two critical vulnerabilities affecting the ASUS DriverHub software. These flaws, if successfully exploited, could allow an attacker to execute remote code on…
ASUS has implemented security updates to rectify two critical vulnerabilities affecting the ASUS DriverHub software. These flaws, if successfully exploited, could allow an attacker to execute remote code on…
👍1
Moldova Detains Individual Associated with DoppelPaymer Ransomware Operations
Moldovan law enforcement agencies have successfully apprehended a 45-year-old suspect implicated in DoppelPaymer ransomware attacks that targeted Dutch entities in 2021.
On May 6, officers executed searches at the…
Moldovan law enforcement agencies have successfully apprehended a 45-year-old suspect implicated in DoppelPaymer ransomware attacks that targeted Dutch entities in 2021.
On May 6, officers executed searches at the…
👍1
Leading Malware Threats: FakeUpdates, Remcos, and AgentTesla Dominate Stealth Attack Landscape
Check Point’s April 2025 malware report highlights an alarming trend characterized by the growing sophistication and obfuscation of cyberattacks. The analysis indicates that attackers are increasingly leveraging well-known malware…
Check Point’s April 2025 malware report highlights an alarming trend characterized by the growing sophistication and obfuscation of cyberattacks. The analysis indicates that attackers are increasingly leveraging well-known malware…
👍1
Assessment of Hacktivist Threats to India in Context of APT36 Espionage Activities
A recent surge in reported hacktivist attacks against India’s digital infrastructure has raised concerns, with claims of over 100 breaches across various sectors, including government and education. These incidents…
A recent surge in reported hacktivist attacks against India’s digital infrastructure has raised concerns, with claims of over 100 breaches across various sectors, including government and education. These incidents…
👍1
Weekly Summary: Zero-Day Vulnerabilities, Developer Malware Threats, IoT Botnet Developments, and AI-Driven Fraud Techniques
What do a source code editor, a smart billboard, and a web server have in common? These elements have all become potential entry points for attacks as cybercriminals redefine…
What do a source code editor, a smart billboard, and a web server have in common? These elements have all become potential entry points for attacks as cybercriminals redefine…
Critical Vulnerability in ASUS DriverHub Enables Malicious Sites to Execute Commands with Elevated Privileges
The ASUS DriverHub driver management utility has been identified as having a critical remote code execution vulnerability that enables malicious websites to execute commands on devices where the software…
The ASUS DriverHub driver management utility has been identified as having a critical remote code execution vulnerability that enables malicious websites to execute commands on devices where the software…