New Stealth K.G.B RAT Marketed by Threat Actors on Underground Forums
Threat actors on an underground cybercrime forum are allegedly promoting a new remote access Trojan (RAT) bundle dubbed “K.G.B RAT + Crypter + HVNC,” claiming…
Month: December 2025
3 Zero Day Vulnerabilities Found in PickleScan
The JFrog security research team has disclosed three zero-day vulnerabilities in PickleScan, a widely used tool for scanning Python pickle files, warning that the flaws…
Beware of the New ‘Executive Award’ Campaign That Uses ClickFix to Deliver Stealerium Malware
A new and dangerous phishing campaign is targeting organizations with a deceptive “Executive Award” theme that combines social engineering with advanced malware delivery. This two-stage…
Authorities Seize Domains Linked to Tai Chang Cryptocurrency Investment Scam
The United States Justice Department has seized a website domain used to steal money from Americans through fake cryptocurrency investments. The domain, tickmilleas.com, was operated…
7 Year Long ShadyPanda Attack Spied on 4.3M Chrome and Edge Users – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Cybersecurity researchers at Koi Security have exposed a massive espionage operation by a group named ShadyPanda that infected over 4.3 million Chrome and Microsoft Edge…
Turning Disruptive Technology into a Strategic Advantage
Most people know the story of Paul Bunyan. A giant lumberjack, a trusted axe, and a challenge from a machine that promised to outpace him.…
Critical Elementor Plugin Vulnerability Let Attackers Takeover WordPress Site Admin Control
A critical security flaw in the popular “King Addons for Elementor” WordPress plugin has left thousands of websites at risk of complete takeover, security researchers…
Threat Actors Using Matanbuchus Downloader to Deliver Ransomware and Maintain Persistence
Threat actors are increasingly abusing the Matanbuchus malicious downloader as a key enabler for hands-on-keyboard ransomware operations, using its backdoor-like capabilities to deliver secondary payloads,…
Malicious Rust Crate Delivers OS-Specific Malware to Web3 Developer Systems
Dec 03, 2025Ravie LakshmananMalware / Web3 Security Cybersecurity researchers have discovered a malicious Rust package that’s capable of targeting Windows, macOS, and Linux systems, and…
AWS CEO Garmin pitches ‘billions of agents’ as enterprise AI future
Amazon Web Services (AWS) chief executive Matt Garmin projected a full agentic artificial intelligence (AI) future for the cloud infrastructure supplier’s customers during his keynote…
India mandates SIM-linked messaging apps to fight rising fraud
India mandates SIM-linked messaging apps to fight rising fraud Pierluigi Paganini December 03, 2025 India ordered messaging apps to work only with active SIM cards…
Angular Platform Vulnerability Allows Malicious Code Execution Via Weaponized SVG Animation Files
A critical Stored XSS vulnerability in Angular’s template compiler (CVE-2025-66412) allows attackers to execute arbitrary code by weaponizing SVG animation attributes. Bypassing Angular’s built-in security…