Threat Actors Weaponizing .hwp Files to Deliver RokRAT Malware
Cybersecurity researchers have uncovered a sophisticated malware campaign where threat actors are exploiting Hangul Word Processor (.hwp) documents to distribute...
Read more →Category: CyberSecurityNews
New AI-Powered Wi-Fi Biometrics WhoFi Tracks Humans Behind Walls with 95.5% Accuracy
WhoFi surfaced last on the public repository ArXiv, stunning security teams with a proof-of-concept that turns ordinary 2.4 GHz routers...
Read more →
NoName057(16)’s Hackers Attacked 3,700 Unique Devices Over Last Thirteen Months
The pro-Russian hacktivist group NoName057(16) has orchestrated a massive distributed denial-of-service campaign targeting over 3,700 unique hosts across thirteen months,...
Read more →
Splunk Details on How to Detect, Mitigate and Respond to CitrixBleed 2 Attack
CitrixBleed 2 (CVE-2025-5777) erupted in 2025 when researchers uncovered an out-of-bounds read in Citrix NetScaler ADC and Gateway that lets...
Read more →
CISA warns of Google Chromium 0-Day Input Validation Vulnerability Exploited in Attacks
CISA has issued an urgent warning about a critical vulnerability in Google Chromium that threat actors are actively exploiting. The...
Read more →
UNC3944 Attacking VMware vSphere and Enabling SSH on ESXi Hosts to Reset ‘root’ Passwords
UNC3944, a financially driven threat organization associated with “0ktapus,” “Octo Tempest,” and “Scattered Spider,” launched a sophisticated cyber campaign that...
Read more →
Weaponized LNK File Disguised as Credit Card Security Email Steals User Data
Cybercriminals have evolved their social engineering tactics with a sophisticated malware campaign that exploits users’ trust in financial institutions. The...
Read more →
Critical Vulnerability in JavaScript Library Exposes Millions of Apps to Code Execution Attacks
A critical security vulnerability has been discovered in the widely-used JavaScript form-data library, potentially exposing millions of applications to code...
Read more →
Lumma Stealer Via Fake Cracked Software Steals Login Credentials and Private Files
The brief lull following May’s multinational takedown of the Lumma Stealer infrastructure proved deceptive. Within weeks, telemetry again lit up...
Read more →
Brave Browser Blocks Microsoft Recall by Default Due to Privacy Concerns
A significant privacy protection measure with the Brave browser now blocks Microsoft’s controversial Recall feature by default starting in version...
Read more →
How Businesses Prevent Credential Theft with Early Phishing Detection
Phishing attacks are evolving rapidly, allowing cybercriminals to bypass traditional security systems like email filters and static defenses. As a...
Read more →
New ZuRu Malware Variant Weaponizes Termius SSH Client to Attack macOS Users
A fresh strain of the long-running macOS.ZuRu family has surfaced, hiding inside a doctored of the popular Termius SSH client...
Read more →