Chollima APT Hackers Weaponize LNK File to Deploy Sophisticated Malware
The Ricochet Chollima advanced persistent threat group has launched a targeted campaign against activists and organizations focused on North Korea, beginning in March 2025. The…
Category: CyberSecurityNews
Hikvision Wireless Access Points Vulnerability Enables Malicious Command Execution
A critical authenticated command execution vulnerability has been disclosed affecting multiple Hikvision Wireless Access Point (WAP) models. The flaw, tracked as CVE-2026-0709, stems from insufficient…
Apache Syncope Vulnerability Let Attackers Hijack User Sessions
A critical XML External Entity (XXE) vulnerability has been disclosed in the Syncope identity management console. The flaw could allow administrators to expose sensitive user…
APT28 Hackers Exploiting Microsoft Office 0-Day in the Wild to Deploy Malware
APT28, the Russia-linked advanced persistent threat group, has launched a sophisticated campaign targeting Central and Eastern Europe using a zero-day vulnerability in Microsoft Office. The…
Malicious App on The Google Play with 50K+ Downloads Deploy Anatsa Banking Malware
A dangerous banking malware called Anatsa has been discovered spreading through the Google Play Store, reaching more than fifty thousand downloads before detection. The malicious…
OpenClaw AI Agent Skills Abused by Threat Actors to Deliver Malware
Hundreds of malicious skills designed to deliver trojans, infostealers, and backdoors disguised as legitimate automation tools. VirusTotal has uncovered a significant malware distribution campaign targeting…
Notepad++ Hack Detailed Along With the IoCs and Custom Malware Used
A sophisticated espionage campaign attributed to the Chinese Advanced Persistent Threat (APT) group Lotus Blossom (also known as Billbug). The threat actors compromised the infrastructure…
Windows 11 Bug Hides Password Sign-in Option From the Lock Screen
Microsoft has acknowledged a strange user interface bug affecting specific Windows environments where the password sign-in option appears to vanish from the lock screen. The…
Hackers Exploiting Microsoft Office 0-day Vulnerability to Deploy Malware
The Russia-linked threat group UAC-0001, also known as APT28, has been actively exploiting a critical zero-day vulnerability in Microsoft Office. The group is using this…
NationStates Suffers Databreach – Game site Temporarily Offline
A long-running online nation simulation game has been taken temporarily offline following a security breach that compromised its central production server. The team estimates the…
30 Wind and Solar Farms in Poland Faced Coordinated Cyberattacks
On December 29, 2025, Poland faced a coordinated assault targeting more than 30 wind and solar farms, alongside a large combined heat and power plant…
DynoWiper Data-Wiping Malware Attacking Energy Companies to Destroy Data
A dangerous new data-wiping malware known as DynoWiper has emerged, targeting energy companies in Poland with destructive attacks designed to permanently erase critical data. The…