New Malware Discovered Using Prompt Injection to Manipulate AI Models in the Wild
Researchers have uncovered a new malware sample in the wild that employs a unique and unconventional evasion tactic: prompt injection aimed at manipulating AI models…
Month: June 2025
BreachForums Operators Arrested By French Police
BreachForums was arguably the biggest cybercrime forum until it went offline in April amid rumors of the arrest of one of its most prominent members.…
Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android Devices
A sophisticated Android phishing campaign, aptly named “Wedding Invitation,” has emerged as a significant threat targeting mobile users across India. According to a detailed report…
Hackers deploy fake SonicWall VPN App to steal corporate credentials
Hackers deploy fake SonicWall VPN App to steal corporate credentials Pierluigi Paganini June 25, 2025 Hackers spread a trojanized version of SonicWall VPN app to…
New wave of ‘fake interviews’ use 35 npm packages to spread malware
A new wave of North Korea’s ‘Contagious Interview’ campaign is targeting job seekers with malicious npm packages that infect dev’s devices with infostealers and backdoors.…
INTERPOL Cautions of Significant Increase in Cyber Attacks on Western and Eastern Africa
The INTERPOL 2025 Africa Cyberthreat Assessment Report has raised alarms over a dramatic surge in cybercrime across Africa, with Western and Eastern regions reporting that…
Citrix warns of NetScaler vulnerability exploited in DoS attacks
Citrix is warning that a vulnerability in NetScaler appliances tracked as CVE-2025-6543 is being actively exploited in the wild, causing devices to enter a denial of…
US Lawmakers Introduce “No Adversarial AI Act” To Fortify Federal Systems
In a significant bipartisan effort, key U.S. lawmakers today introduced the “No Adversarial AI Act,” legislation designed to erect a critical firewall between U.S. federal…
Google releases Gemini CLI with free Gemini 2.5 Pro
Google has released Gemini 2.5 Pro-powered Gemini CLI, which allows you to use Gemini inside your terminal, including Windows Terminal. Gemini CLI is written in…
nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery
Jun 25, 2025Ravie LakshmananSaaS Security / Vulnerability New research has uncovered continued risk from a known security weakness in Microsoft’s Entra ID, potentially enabling malicious…
WinRAR patches bug letting malware launch from extracted archives
WinRAR has addressed a directory traversal vulnerability tracked as CVE-2025-6218 that, under certain circumstances, allows malware to be executed after extracting a malicious archive. The…
Kubernetes NodeRestriction Flaw Lets Nodes Bypass Resource Authorization
A critical security vulnerability (CVE-2025-4563) in Kubernetes allows nodes to bypass authorization checks for dynamic resource allocation, potentially enabling privilege escalation in affected clusters. The…