OpenAI has announced that it successfully disrupted three major cyber operations that attempted to exploit ChatGPT for malicious activities, including malware creation and phishing campaigns. Russian Threat Actor Used ChatGPT for Malware Development One of the disrupted groups was a Russian-language actor who misused ChatGPT to design and enhance a Remote Access Trojan (RAT) and […]
Google’s DeepMind has introduced a groundbreaking AI agent named CodeMender, designed to automatically identify, fix, and rewrite vulnerable code to prevent future exploits. This development strengthens Google’s ongoing efforts in AI-driven vulnerability detection, complementing tools such as Big Sleep and OSS-Fuzz. How CodeMender Works CodeMender operates both reactively and proactively, meaning it not only fixes
Google’s New AI Not Only Detects Vulnerabilities but Also Automatically Patches Code Read More »
Researchers at Aryaka Threat Research Labs, Aditya K Sood and Varadharajan K, report that attackers impersonate recruiters, sending seemingly legitimate job descriptions and corporate documents that conceal malicious payloads. These lures are designed to look authentic, encouraging recipients to open files that initiate a multi-stage infection. How the attack works The campaign commonly uses ZIP
BatShadow Group Deploys Go-Based ‘Vampire Bot’ Malware Targeting Job Seekers Read More »
Cybersecurity experts have closely monitored the development of XWorm malware, evolving it into a highly adaptable tool capable of executing a broad range of malicious operations on infected systems. Trellix researchers Niranjan Hegde and Sijo Jacob explained, “XWorm’s architecture is modular, consisting of a core client and multiple specialized components known as plugins. Each plugin
XWorm 6.0 Resurfaces with Over 35 Plugins, Upgraded Data Theft Features Read More »
Microsoft has attributed a recent wave of cyberattacks to a threat group identified as Storm-1175, linking it to the exploitation of a critical flaw in Fortra’s GoAnywhere MFT software. The attacks ultimately led to the deployment of Medusa ransomware, affecting several organizations globally. The vulnerability, tracked as CVE-2025-10035 with a CVSS score of 10.0, is
Microsoft Links Storm-1175 to GoAnywhere Exploit, Medusa Ransomware Deployment Read More »
A newly uncovered remote code execution (RCE) flaw in Redis, known as RediShell, has revealed that attackers could gain complete control over the host system. The issue, tracked as CVE-2025-49844, was discovered by Wiz Research and carries the maximum CVSS score of 10.0, placing it among the most critical security threats identified to date. The
13-Year-Old Critical Redis RCE Flaw Allowed Attackers Full Host Access Read More »
Researchers have published full technical details and proof-of-concept exploit code for a critical remote code execution, RCE, vulnerability in Google Chrome’s V8 JavaScript engine. The bug stems from a WebAssembly type canonicalization regression that creates nullability confusion, and a separate JavaScript Promise Integration, JSPI, state-switching weakness that enables a novel sandbox bypass. This article explains
Google Chrome RCE Flaw Disclosed, Exploit Code Published Read More »
A new cybersecurity investigation has revealed a large-scale cyber fraud operation linked to a Chinese-speaking group named UAT-8099. This group is reportedly involved in SEO manipulation, data theft, and unauthorized access to systems via compromised Microsoft IIS servers. The attackers primarily target regions like India, Thailand, Vietnam, Canada, and Brazil, with victims including universities, tech
Chinese Cybercrime Gang Operates Worldwide SEO Fraud Scheme Through Hacked IIS Servers Read More »
A new intelligence report has revealed connections between two Chinese research firms, the Beijing Institute of Electronics Technology and Application (BIETA) and its subsidiary Beijing Sanxin Times Technology Co., Ltd. (CIII), and China’s Ministry of State Security (MSS). According to cybersecurity firm Recorded Future, BIETA appears to be managed or influenced by the MSS based
Fresh Report Connects BIETA and CIII Research Firms to China’s MSS Cyber Activities Read More »
A public proof-of-concept, PoC, has been published for CVE-2025-32463, a local privilege escalation flaw in the Sudo utility that can allow a local attacker to gain root privileges under certain configurations. Security researcher Rich Mirch discovered the issue, and a working exploit plus usage instructions are available in an open GitHub repository, increasing the pressure
PoC Released for Sudo Vulnerability Allowing Attackers to Gain Root Access Read More »