Tag: emerging threats

3147 articles

New npm Malware Campaign Exclusive: Severe Crypto Redirects

New npm Malware Campaign Exclusive: Severe Crypto Redirects

When the libraries you trust become trapdoors, developers are in for a rude awakening: a new npm malware campaign by dino_reborn hides in seven packages and uses cloaking and fake CAPTCHAs to selectively redirect victims to cryptocurrency phishing flows. This supply‑chain‑style attack evades scanners by activating only under certain conditions, turning convenience into a costly risk.

Analyst 207
AI-Enhanced Tuoni Framework: Exclusive Affordable Win

AI-Enhanced Tuoni Framework: Exclusive Affordable Win

A single crafted message—leveraging AI‑enhanced Tuoni C2, steganography and in‑memory execution—slipped past defenses at scale, showing attackers are getting smarter and stealthier. Its a wake‑up call: rapid detection, cross‑team coordination and tougher verification are now essential.

Analyst 207
DoorDash Confirms Data Breach: Exclusive Alarming Details

DoorDash Confirms Data Breach: Exclusive Alarming Details

DoorDash data breach confirmed — get our exclusive, alarming details on what was exposed, who’s at risk, and the quick steps you can take right now to protect your information.

Analyst 207
GenAI Stunning Surge Sparks Alarming Biometric Fraud

GenAI Stunning Surge Sparks Alarming Biometric Fraud

If a photo—or a few seconds of audio—can open a bank account in your name, we have a problem. Generative AI is churning out deepfakes and synthetic identities that can fool biometric checks and fuel a new wave of scalable fraud.

Analyst 207
FTSE 100 Exclusive: Alarming 500,000 Stolen Credentials

FTSE 100 Exclusive: Alarming 500,000 Stolen Credentials

Half a million stolen credentials tied to FTSE 100 staff have surfaced in criminal data stores — a blunt wake-up call that weak passwords and reused logins are leaving Britain’s biggest firms dangerously exposed. Socura’s findings show how easily attackers can impersonate insiders and turn simple credential theft into costly breaches unless boards treat cyber as a strategic priority.

Analyst 207
Microsoft Stops Stunning Record 5.72Tbps DDoS; Best Defense

Microsoft Stops Stunning Record 5.72Tbps DDoS; Best Defense

Microsoft’s automated defenses shrugged off a jaw‑dropping 5.72 Tbps DDoS (almost 3.64 billion pps), keeping services running — but the IoT botnet behind it shows how default settings and underprotected devices still make the internet ripe for even bigger attacks.

Analyst 207
Google Exclusive Fix for Critical Chrome V8 Zero-Day

Google Exclusive Fix for Critical Chrome V8 Zero-Day

Google just pushed an emergency Chrome update to fix a critical, actively exploited V8 JavaScript type‑confusion zero‑day (CVE‑2025‑13223, CVSS 8.8); update your browser—or call IT—now, because a single malicious page can lead to full host compromise.

Analyst 207
Kraken Exclusive: Dangerous Ransomware Threat Escalates

Kraken Exclusive: Dangerous Ransomware Threat Escalates

Meet Kraken ransomware: an emergent cartel that borrows proven playbooks—exploiting SMB flaws, stalking networks for days, then encrypting systems and threatening data leaks—to squeeze big payouts. Cisco Talos warns this shift from scattershot attacks to precision double‑extortion raises the stakes for already overstretched defenders and demands smarter, faster responses.

Analyst 207
Europol Exclusive: Takedown of Dangerous Gaming Links

Europol Exclusive: Takedown of Dangerous Gaming Links

Europol’s exclusive takedown dismantles a network of dangerous gaming links putting players at risk — see what they uncovered and how to protect your accounts and devices.

Analyst 207
Weekly Recap Exclusive: Critical Fortinet and AI Breaches

Weekly Recap Exclusive: Critical Fortinet and AI Breaches

Who watches the watchers? This week’s cascade of breaches shows attackers weaponizing trusted infrastructure — from Fortinet gear to VPNs, app stores and AI — turning familiar tools into stealthy, profitable attack platforms that slip past alert fatigue and outdated defenses.

Analyst 207
Dragon Breath Exclusive: Critical RONINGLOADER Gh0st RAT

Dragon Breath Exclusive: Critical RONINGLOADER Gh0st RAT

Think twice before clicking Next — researchers warn Dragon Breath is hiding a multi‑stage RONINGLOADER inside trojanized NSIS installers (masquerading as Chrome or Teams) to install a modified Gh0st RAT that gives attackers stealthy, persistent remote access for credential theft, lateral movement and data exfiltration.

Analyst 207
Cyber-Attack Deals Stunning Costly $258m Q2 Blow to JLR

Cyber-Attack Deals Stunning Costly $258m Q2 Blow to JLR

A major ransomware incident cost Jaguar Land Rover $258m in Q2 and helped drive a $639m loss — a stark wake‑up call that a single cyber‑intrusion can paralyze networked factories for weeks. The outage halted production, delayed deliveries and squeezed suppliers as JLR prioritised a cautious, forensic‑led recovery over a rushed restart.

Analyst 207
RondoDox Exclusive: Dangerous Botnet Widens Reach

RondoDox Exclusive: Dangerous Botnet Widens Reach

XWiki admins, take note: RondoDox is actively exploiting a critical eval‑injection (CVE‑2025‑24893) to achieve unauthenticated remote code execution and enroll unpatched hosts into its botnet. Patch immediately and harden exposed endpoints—or assume compromise and start remediation.

Analyst 207
North Korean Hackers Exclusive: Dangerous JSON Channels

North Korean Hackers Exclusive: Dangerous JSON Channels

What if your next dependency quietly pulled a malicious payload from an innocent-looking JSON? North Korean-linked actors are exploiting public JSON storage services like JSON Keeper, JSONsilo, and npoint.io to seed stealthy backdoors into developer supply chains and swap payloads on the fly to evade detection.

Analyst 207
AI Bugs: Stunning Critical Flaws Expose Meta, Nvidia, MS

AI Bugs: Stunning Critical Flaws Expose Meta, Nvidia, MS

Turns out the plumbing behind the AI boom—ZMQ messaging and unsafe pickle deserialization—can let attackers slip in and execute arbitrary code. Recent disclosures expose critical remote‑code vulnerabilities across Meta, Nvidia, Microsoft and popular PyTorch inference stacks.

Analyst 207
Akira Ransomware Stunning $244M Haul Sparks Severe Alarm

Akira Ransomware Stunning $244M Haul Sparks Severe Alarm

Akira ransomware has pulled in roughly $244 million since September 2025—and in some attacks thieves exfiltrated data in as little as two hours. By exploiting unpatched VPN/firewall appliances and neutralizing MFA with automated playbooks, Akira’s affiliates turn trusted defenses into rapid exit routes for high-speed extortion.

Analyst 207
Google Files Lawsuit Against Lighthouse Kit Exclusive Blow

Google Files Lawsuit Against Lighthouse Kit Exclusive Blow

Google just went to court to take apart a sprawling smishing operation it says was run by 25 people tied to a Chinese cyber collective, accusing them of using deceptive texts to spread malware, recruit botnets, and sell stolen credentials. The company is seeking asset freezes and third-party cooperation — pairing legal muscle with technical takedowns to short-circuit the infrastructure behind SMS-based attacks.

Analyst 207
Russian Hackers Massive 4.3K Fake Sites Costly Hotel Breach

Russian Hackers Massive 4.3K Fake Sites Costly Hotel Breach

Think twice before clicking that booking confirmation — a Russian-speaking group has spun up more than 4,300 fake hotel and travel sites this year, using spam, AI-tuned lures and compromised booking plugins to mimic confirmations and steal payment and ID details.

Analyst 207
IndonesianFoods Worm Exclusive: Alarming 44,000 Malware

IndonesianFoods Worm Exclusive: Alarming 44,000 Malware

Exclusive: The IndonesianFoods worm has already infected 44,000 devices. Find out how it spreads and the simple steps you can take right now to protect your data.

Analyst 207
Handcuffs and broken chain link symbolize takedown of malicious network amidst scattered cables and laptop glow.

Operation Endgame 3.0: Exclusive Critical Malware Takedown

Law enforcement’s multinational takedown that removed the Rhadamanthys infostealer, neutralized VenomRAT and dismantled the Elysium botnet is a major win for international cooperation — but as malware becomes an industrialized, modular business, experts warn this victory may only be a temporary setback for adaptable criminal networks.

Analyst 207
Operation Endgame: Stunning Success Against Global Botnets

Operation Endgame: Stunning Success Against Global Botnets

Imagine dozens of faceless botnets toppled in days — Operation Endgame, led by Europol and Eurojust, did just that by seizing servers, payment rails and money mules to choke cybercrime’s lifeblood. By disrupting tools like Rhadamanthys Stealer, Venom RAT and the Elysium botnet, this coordinated campaign shows why hitting infrastructure beats chasing low‑level renters.

Analyst 207
ThreatsDay Bulletin: Exclusive Critical Cyber Roundup

ThreatsDay Bulletin: Exclusive Critical Cyber Roundup

Every click can be the opening move in a campaign of trust-based deception. This bulletin shows how fast-moving actors like COLDRIVER are making signatures obsolete and why shifting to behavioral, intent-driven defenses is now essential.

Analyst 207
Synnovis Issues Exclusive Breach Notice After Damaging Hack

Synnovis Issues Exclusive Breach Notice After Damaging Hack

Synnovis breach notice: after a damaging hack the company has issued an exclusive alert — here’s what was exposed, who’s affected, and simple steps you can take now to protect yourself.

Analyst 207
CISA Exclusive: Stunning WatchGuard Flaw Threatens 54,000

CISA Exclusive: Stunning WatchGuard Flaw Threatens 54,000

Heads up: a critical unauthenticated bug (CVE‑2025‑9242) in WatchGuard Fireware VPN appliances can let attackers execute code and seize VPN gateways, putting roughly 54,000 devices at risk. CISA has added it to its KEV list — apply WatchGuard’s patches and lock down management interfaces immediately.

Analyst 207