Fake TikTok and WhatsApp Apps Infect Android Devices with ClayRat Spyware
Zimperium’s zLabs warns of ClayRat, a fast-spreading Android spyware targeting Russia. It hides in fake apps like TikTok and steals texts, calls records, and camera photos.
CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts
Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions ≤6.0) has an authentication bypass issue allowing attackers to log in as any […]
Your Shipment Notification is Now a Malware Dropper
Forcepoint X-Labs reports a surge in sophisticated email attacks using obfuscated JavaScript and steganography to deliver dangerous RATs and info-stealers like Formbook and Agent Tesla. Learn how to defend against the threat.
New Chaos-C++ Ransomware Targets Windows by Wiping Data, Stealing Crypto
FortiGuard Labs reveals Chaos-C++, a new Chaos ransomware variant that deletes files over 1.3 GB instead of encrypting them and uses clipboard hijacking to steal cryptocurrency.
Fake Teams Installers Dropping Oyster Backdoor (aka Broomstick)
Hackers are using fake Microsoft Teams installers found in search results and ads to deploy the Oyster backdoor. Learn how to protect your PC from this remote-access threat.
Discord denies massive breach, confirms limited exposure of 70K ID photos
Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data on 5.5M users, clarifying that only about 70K ID photos were actually exposed. The attackers claimed they have breached Discord’s Zendesk support instance, but […]
APT Hackers Abuse ChatGPT to Develop Advanced Malware and Phishing Campaigns
Security researchers at Volexity have uncovered compelling evidence that China-aligned threat actors are leveraging artificial intelligence platforms like ChatGPT to enhance their sophisticated cyberattack capabilities. The group, tracked as UTA0388, h…
Qilin ransomware claimed responsibility for the attack on the beer giant Asahi
Qilin ransomware claimed responsibility for the recent attack on the beer giant Asahi that disrupted operations in Japan. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest brewing company, known for producing top-selling beers like Asahi Super Dry, as well as soft drinks and other beverages. It operates both domestically and internationally, with a […]
DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape
DragonForce, LockBit, and Qilin formed a ransomware alliance to boost attack effectiveness, marking a major shift in the cyber threat landscape. Ransomware groups DragonForce, LockBit, and Qilin formed a strategic alliance to enhance their attack capabilities, signaling an evolving cyber threat landscape. The alliance aims at sharing tools and infrastructure to enhance attack effectiveness. The […]
New Shuyal Stealer Targets 17 Web Browsers for Login Data and Discord Tokens
Researchers warn of Shuyal Stealer, malware that gathers browser logins, system details, and Discord tokens, then erases evidence via Telegram.