Critical Argo CD API Vulnerability Exposes Repository Credentials
A critical vulnerability has been discovered in Argo CD that allows API tokens with limited permissions to access sensitive repository credentials. The flaw in the…
Category: CyberSecurityNews
“GPUGate” Malware Abuses Uses Google Ads and GitHub to Deliver Advanced Malware Payload
A sophisticated malware campaign, dubbed “GPUGate,” abuses Google Ads and GitHub’s repository structure to trick users into downloading malicious software. The Arctic Wolf Cybersecurity Operations…
Kali Linux vs Parrot OS
Penetration testing and ethical hacking have been dominated by specialized Linux distributions designed to provide security professionals with comprehensive toolsets for vulnerability assessment and network…
SafePay Ransomware Claiming Attacks Over 73 Victim Organizations in a Single Month
A new ransomware threat has emerged as one of 2025’s most prolific cybercriminal operations, with SafePay ransomware claiming attacks against 73 victim organizations in June…
New Report Claims Microsoft Used China-Based Engineers For SharePoint Support and Bug Fixing
A recent investigation has revealed that Microsoft employed China-based engineers to maintain and support SharePoint software, the same collaboration platform that was recently compromised by…
TAG-150 Hackers Deploying Self-Developed Malware Families to Attack Organizations
A sophisticated new threat actor designated TAG-150 has emerged as a significant cybersecurity concern, demonstrating rapid development capabilities and technical sophistication in deploying multiple self-developed…
Threats Actors Weaponize ScreenConnect Installers to Gain Initial Access to Organizations
A sophisticated cyber campaign has emerged targeting U.S.-based organizations through trojanized ConnectWise ScreenConnect installers, marking a significant evolution in remote monitoring and management (RMM) tool…
Wealthsimple Data Breach Exposes Personal Information of Some Users
Canadian fintech giant Wealthsimple announced today that it has suffered a data breach, resulting in the unauthorized access of personal information belonging to a small…
Hackers Weaponize Fake Microsoft Teams Site to Deploy Odyssey macOS Stealer
A sophisticated cyber campaign is targeting macOS users by distributing the potent “Odyssey” information stealer through a deceptive website impersonating the official Microsoft Teams download…
New Malware Leverages Windows Character Map to Bypass Windows Defender and Mine Cryptocurrency for The Attackers
A recently discovered strain of cryptomining malware has captured the attention of security teams worldwide by abusing the built-in Windows Character Map application as an…
Hackers Use AI Platforms to Steal Microsoft 365 Credentials in Phishing Campaign
Cybercriminals are increasingly exploiting the trust organizations place in artificial intelligence platforms to conduct sophisticated phishing attacks, according to a new report from cybersecurity firm…
North Korean Threat Actors Reveal Their Tactics in Replacing Infrastructure With New Assets
Over the past year, cybersecurity researchers have observed a surge in activity from North Korean threat actors leveraging military-grade social engineering techniques to target professionals…