Attackers are Using WSL2 as a Stealthy Hideout Inside Windows Systems
Windows Subsystem for Linux 2 (WSL2) is meant to give developers a fast Linux environment on Windows. Now attackers are turning that benefit into a…
Category: CyberSecurityNews
Cloudflare Zero-Day Vulnerability Enables Any Host Access Bypassing Protections
A critical zero-day vulnerability in Cloudflare’s Web Application Firewall (WAF) allowed attackers to bypass security controls and directly access protected origin servers through a certificate…
Attackers Redirected Employee Paychecks Without Breaching a Single System
A seemingly simple phone call became the gateway to a sophisticated attack that diverted employee paychecks without any malware or network breach. An organization discovered…
New Spear-Phishing Attack Abusing Google Ads to Deliver EndRAT Malware
A new spear-phishing campaign known as Operation Poseidon has emerged, exploiting Google’s advertising infrastructure to distribute EndRAT malware while evading traditional security measures. he attack…
CIRO Confirms Data Breach – 750,000 Canadian Investors Have been Impacted
Approximately 750,000 Canadian investors were affected by a sophisticated phishing attack first disclosed in August 2025. The self-regulatory organization announced the full extent of the…
Livewire Filemanager Vulnerability Exposes Web Applications to RCE Attacks
A significant security vulnerability has been discovered in Livewire Filemanager, a widely used file management component embedded in Laravel web applications. Tracked as CVE-2025-14894 and…
Free Converter Apps that Convert your Clean System to Infected in Seconds
Malicious file converter applications distributed through deceptive advertisements are infecting thousands of systems with persistent remote access trojans (RATs). These seemingly legitimate productivity tools perform…
Ukraine Police Exposed Russian Hacker Group Specializes in Ransomware Attack
Ukrainian and German law enforcement have disrupted a Russian‑affiliated hacker group that has been carrying out high‑impact ransomware attacks against organizations worldwide, causing losses estimated…
5 Malicious Chrome Extensions Attacking Enterprise HR and ERP Platforms for Complete Takeover
Five coordinated malicious Chrome extensions have emerged as a sophisticated threat to enterprise security, targeting widely-used human resources and financial platforms used by thousands of…
17 New Malicious Chrome GhostPoster Extensions with 840,000+ Installs Steals User Data
Cybercriminals have distributed 17 malicious browser extensions across Chrome, Firefox, and Edge platforms, collectively downloading over 840,000 times and compromising user security for years. The…
PDFSIDER Malware Actively Used by Threat Actors to Bypass Antivirus and EDR Systems
PDFSIDER is a newly exposed backdoor that gives attackers long term control of Windows systems while slipping past many antivirus and endpoint detection and response…
Hackers Using Malicious Extensions to Display Fake Browser Warnings
Cybersecurity researchers have discovered a sophisticated malware campaign using an unusual but effective tactic: deliberately crashing users’ browsers. The threat, named CrashFix, operates through a…