Cybersecurity
General cybersecurity news and analysis

Android Devices Exclusive: KONNI APT Critical Alert
Imagine the smart display on your counter becoming the remote trigger that erases the phone in your pocket — researchers warn a North Korean-linked group called KONNI is abusing Google’s Find My Device and device-management features to remotely wipe Android devices. This tactic can destroy data, break two‑factor access and cripple businesses, a stark reminder that everyday conveniences can be weaponized for sabotage.

Prompt Injection: Exclusive Look at Dangerous AI Browsers
Think your AI assistant only reads whats on screen? Researchers warn that CometJacking — hidden prompts tucked into a URL — can trick “AI browsers” into handing over emails, calendar entries and cloud files without passwords or user prompts.

GootLoader WordPress: Exclusive Font Trick Is Dangerous
Think an exclusive font is harmless? Think again — GootLoader is hiding malicious JavaScript in fonts and other benign WordPress assets, letting tiny site tweaks become a fast route to full-network takeovers.

Hackers Exploit Exclusive Critical Triofox Flaw
A patch for CVE-2025-47812 didn’t stop attackers from exploiting Triofox — threat actors rapidly weaponized the remote-code-execution flaw to compromise unpatched or misconfigured instances. It’s a blunt reminder that publishing a fix isn’t protection unless organizations patch quickly and verify their deployments.

CISA Exclusive: Critical Zero-Day Added to KEV
When CISA added a critical zero-day vulnerability to the KEV, it was a blunt wake-up call — the flaw is already being weaponized by LandFall spyware against millions of Samsung devices. With federal patching now mandatory, the race is on to stop real-world attacks and protect users’ privacy.

Quantum Route Redirect Phishing Kit: Stunningly Dangerous
The Quantum Route Redirect phishing kit quietly hijacks web traffic, rerouting victims to eerily convincing fake sites. Learn how this route redirect phishing attack works and what you can do to stay one step ahead.

China-Aligned UTA0388 Exclusive: Dangerous AI Phishing
Imagine your inbox posing as a trusted colleague—researchers say UTA0388, a China‑aligned cluster, now uses AI to craft eerily personalized, time‑sensitive spear‑phishing that steals credentials and plants stealthy, long‑term access.

New Attacks Against Secure Enclaves: Stunning, Severe Flaws
Think your data’s safe while it’s being processed? New, surprisingly low-cost attacks against secure enclaves prove otherwise, exposing severe weaknesses that demand urgent fixes like authenticated memory and continuous attestation.

Weekly Recap: Exclusive Cyber Threats – Essential Alert
From Android spyware that turns phones into persistent surveillance hubs to malware hiding inside virtual machines and side‑channel leaks exposing AI chats, last week’s discoveries show attackers favor stealth and persistence over brute force. If you run systems, write policy, or just carry a smartphone, it’s time to harden mobile, VM, and AI defenses before that silent compromise finds a way in.

ClickFix Phishing Exclusive: Critical Hotel Malware Alert
Imagine a routine support ticket that silently installs malware—attackers are using ClickFix‑style pages sent from compromised hotel emails to steal credentials or drop remote‑access tools like PureRAT. Be cautious: don’t paste commands or log in from unexpected support links—verify the sender and the page first.

NCSC Set to Retire Web & Mail Check: Exclusive Urgent Alert
NCSC is retiring Web Check and Mail Check — if your organisation relies on them, now’s the time to act. Migrate your scans, prioritise critical assets, and find affordable alternatives before those safety nets disappear.

Microsoft Exclusive Warns of Dangerous Whisper Leak
Think encryption keeps your AI chats private? Microsoft warns that streaming language models can leak conversation topics through packet timing and size, letting a passive network observer turn traffic patterns into probabilistic guesses about what you said.

Surveillance Watch: Exclusive Mozilla Map Reveals Threat
Think surveillance is just fiction? Mozilla fellow Esraa Al Shafei’s new map reveals surveillanceware as a full-blown industry — tracking the vendors, buyers and funders who turn intrusion into commerce and putting that trade on public display.

Landfall spyware Exclusive: Dangerous 0-day Hits Samsung
LANDFALL spyware quietly used an unknown Samsung Android zero‑day to install persistent surveillance on Galaxy phones — recording calls, harvesting photos and tracking locations — until an emergency April patch finally stopped it. This narrow, high‑precision campaign is a stark reminder that one hidden bug can turn millions of devices into listening posts.

Cybercrims Exclusive: Critical .NET Time-Bomb Threat
Imagine a slow-burning digital time bomb hidden in trusted .NET NuGet packages—discovered in 2023, these malicious libraries can stay dormant for years before detonating, forcing a hard rethink of how we trust and protect the software supply chain.

Faking Receipts with AI: Exclusive Risks and Best Fixes
AI can now produce receipt forgeries so convincing — from paper texture and signatures to context-aware itemization — that expense systems and people are being fooled. Read on for the real risks of receipt forgery and the practical fixes, from automated verification to smarter processes, that stop fraud and restore trust.

Enterprise Credentials: Stunning Threats, Critical Fixes
One believable I thought it was from IT can hand attackers the keys to your company — enterprise credentials are now the battleground, from hard‑coded device logins to leaked cloud secrets. Rotation, least‑privilege access, and moving secrets out of code with vaults and managed identities aren’t optional anymore; they’re your frontline defenses.

Google Maps Launches Exclusive Effortless Tool vs Extortion
When a one-star review reads like a ransom note, Google Maps is giving small businesses a direct line to fight back. The new dedicated form makes reporting review bombing and extortion attempts effortless, helping protect reputations and revenue.

TeamViewer Exclusive Security Design Builds Best Trust
If your espresso machine can be controlled over the internet, its connection should be as private as a bank transfer. TeamViewer’s security-first design bakes end-to-end encryption, zero-trust principles, and admin controls into remote access so convenience never means compromise.

Cisco Exclusive: Critical Firewall Exploit Hits 6 Months
Six months on, the Cisco firewall exploit has morphed from a footnote into a full-blown crisis—attackers are actively targeting ASA and FTD devices, and U.S./U.K. agencies are shouting “fix it now” as organizations race to patch and contain systemic risk.

I Paid Twice Phishing: Exclusive Scam Alert for Booking.com
Think you paid the hotel twice? A sophisticated I Paid Twice phishing campaign is hijacking Booking.com, Airbnb and Expedia bookings—using injected scripts and fake payment pages to trick travelers into handing over extra payments.

Trojanized ESET Installers Expose Stunning Harmful Backdoor
Think twice before hitting Install — a May 2025 campaign used trojanized ESET installers, convincing fake vendor pages, and targeted spear‑phishing to slip a stealthy backdoor into Ukrainian victims. This attack is a stark reminder that even trusted updates and familiar brands can be weaponized for espionage.

Multi-Turn Attacks Reveal Stunning Open-Weight LLM Flaws
What if the helpful chat that answers your questions could be slowly nudged into doing harm? Ciscos analysis shows multi-turn attacks can trick open-weight LLMs into unsafe or disallowed outputs—sometimes with success rates near 90%—putting search, support, education and other services at risk.

Most common passwords: Exclusive list of the worst
We all scoff at 123456, yet it still tops the charts because convenience and password reuse beat security. That complacency makes credential-stuffing cheap and effective, letting attackers turn one weak password into dozens of account takeovers.