The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that’s targeting diplomatic entities across Europe with a new variant of WINELOADER and a previously unreported malware loader codenamed GRAPELOADER. “While the improved WINELOADER variant is still a modular backdoor used in later stages, GRAPELOADER is a newly observed […]
Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of a new Microsoft Entra ID’s “leaked credentials” detection app called MACE. […]
A new malware-as-a-service (MaaS) platform named ‘SuperCard X’ has emerged, targeting Android devices via NFC relay attacks that enable point-of-sale and ATM transactions using compromised payment card data. […]
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below – node-telegram-utils (132 downloads) node-telegram-bots-api (82 downloads) node-telegram-util (73 downloads) According to supply chain
Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. […]
Google Gemini is testing a ChatGPT-like scheduled tasks feature called “Scheduled Actions,” which will allow you to create tasks that Gemini will execute later. […]
ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to perform unauthorized execution of functions on susceptible devices. The vulnerability, tracked as CVE-2025-2492, has a CVSS score of 9.2 out of a maximum of 10.0. “An improper authentication control vulnerability exists in certain ASUS router firmware series,”
18
Apr
Apr
We’re sharing the latest Google Play Console updates that make it easier for developers to gain actionable performance insights and deliver better user experiences. High…
The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy file-encrypting malware on devices. […]
OpenAI has launched three new reasoning models – o3, o4-mini, and o4-mini-high for Plus and Pro subscribers, but as it turns out, these models do not offer ‘unlimited’ usage. […]