A newly identified Android banking trojan called Sturnus is raising significant concern among security researchers due to its advanced ability to steal credentials, monitor encrypted messaging apps, and take full control of infected devices. According to ThreatFabric, which analyzed the malware, Sturnus is designed for high level financial fraud and advanced surveillance, making it a […]
Cybersecurity researchers at CTM360 have uncovered an expanding global campaign that hijacks WhatsApp accounts by exploiting deceptive login portals and impersonation tactics. The operation, called HackOnChat, imitates the familiar WhatsApp Web environment to manipulate users into compromising their own accounts. This campaign has grown quickly, targeting individuals across multiple regions and using sophisticated social engineering
CTM360 Reveals a Global WhatsApp Hijacking Operation Called HackOnChat Read More »
A global malvertising operation known as TamperedChef is actively spreading malware through fake installers disguised as trusted software. Attackers are using deceptive tactics to make users download harmful programs, allowing them to establish remote access and persistent control over infected systems. Recent findings from the Acronis Threat Research Unit show that the campaign remains active,
A new phishing campaign is leveraging advanced techniques to steal credentials from unsuspecting users. The Phishing-as-a-Service (PhaaS) kit called Sneaky 2FA has integrated Browser-in-the-Browser (BitB) functionality, making it easier for less experienced attackers to perform large-scale credential theft operations. How BitB Works Security researchers at Push Security reported that the technique is being used to
A large scale cyber campaign has been uncovered in which tens of thousands of outdated or end of life ASUS routers have been compromised across several regions, mainly Taiwan, the United States, and Russia. SecurityScorecard’s STRIKE team has named this global activity Operation WrtHug. The attackers are using old and vulnerable devices to create a
A critical security flaw affecting 7-Zip, tracked as CVE-2025-11001, is currently being actively exploited in the wild. The issue allows remote code execution via symbolic links in ZIP archives and impacts versions prior to 25.00, which was released in July 2025. Details of the Vulnerability The vulnerability arises from improper handling of symbolic links in
Cybersecurity analysts have uncovered a new campaign that combines social engineering with WhatsApp account hijacking to spread a Delphi based banking trojan known as Eternidade Stealer. This large scale operation specifically targets users in Brazil and relies on a Python powered WhatsApp worm to propagate malicious attachments. How the Campaign Operates Research from Trustwave SpiderLabs
Python Based WhatsApp Worm Spreads Eternidade Stealer Across Devices in Brazil Read More »
A China aligned threat actor known as PlushDaemon has been identified using a new Go based network backdoor called EdgeStepper. This tool enables adversary in the middle attacks by hijacking DNS queries and redirecting them to malicious infrastructure. Through this method, attackers can compromise legitimate software update channels and deliver harmful payloads. How the Attack
Security researchers have uncovered a serious risk in ServiceNow’s Now Assist platform. Attackers can exploit default settings and use second order prompt injection to make AI agents work against each other. This weakness allows unauthorized actions such as data theft, record modification, and privilege escalation. How the Threat Works According to AppOmni, the issue arises
Fortinet has issued an important warning regarding a newly discovered security flaw in its FortiWeb product. The vulnerability, identified as CVE 2025 58034, has already been exploited in real world attacks, raising concerns for organizations that rely on FortiWeb for application security. About the Vulnerability This flaw is rated as medium severity and has a