Cyber Security

Compromised dYdX npm and PyPI Packages Spread Wallet Stealers and RAT Malware

Cybersecurity researchers have uncovered a software supply chain attack involving compromised packages on npm and the Python Package Index (PyPI) that were used to distribute cryptocurrency wallet stealers and remote access malware. The malicious activity targeted developer tools associated with the dYdX v4 protocol, a decentralized exchange used for margin and perpetual trading. The affected package versions are listed below. Affected Packages […]

Compromised dYdX npm and PyPI Packages Spread Wallet Stealers and RAT Malware Read More »

AISURU and Kimwolf Botnet Launch Record-Breaking 31.4 Tbps DDoS Attack

Cybersecurity researchers have attributed a record-breaking distributed denial-of-service attack to the AISURU and Kimwolf botnet, which generated traffic peaks of 31.4 terabits per second and lasted approximately 35 seconds, making it one of the largest DDoS attacks ever recorded. Cloudflare confirmed that the attack occurred in November 2025 and was automatically detected and mitigated by its systems. The company said the incident

AISURU and Kimwolf Botnet Launch Record-Breaking 31.4 Tbps DDoS Attack Read More »

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE Vulnerability to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog, confirming that the flaw is being actively exploited in real world attacks. The vulnerability, identified as CVE-2025-40551 with a CVSS score of 9.8, involves the deserialization of untrusted data. Successful exploitation

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE Vulnerability to KEV Catalog Read More »

eScan Antivirus Update Servers Compromised to Distribute Multi Stage Malware

The update infrastructure of eScan antivirus, a security product developed by Indian cybersecurity firm MicroWorld Technologies, has been compromised in a supply chain attack that allowed unknown threat actors to distribute multi-stage malware to both enterprise and consumer systems. According to Morphisec researcher Michael Gorelik, the attackers abused eScan’s legitimate update mechanism to push malicious

eScan Antivirus Update Servers Compromised to Distribute Multi Stage Malware Read More »

Researchers Uncover Chrome Extensions Exploiting Affiliate Links and Stealing ChatGPT Access

Cybersecurity researchers have discovered a cluster of malicious Google Chrome extensions designed to hijack affiliate links, exfiltrate user data, and steal OpenAI ChatGPT authentication tokens. These extensions exploit the trust users place in popular e-commerce and AI-related browser tools to gain persistent access to sensitive information. Amazon Ads Blocker and Affiliate Hijacking One notable extension, Amazon

Researchers Uncover Chrome Extensions Exploiting Affiliate Links and Stealing ChatGPT Access Read More »

Survey of Over 100 Energy Systems Reveals Critical OT Cybersecurity Gaps

A recent study conducted by OMICRON has uncovered serious cybersecurity shortcomings within operational technology networks used across substations, power plants, and control centers globally. The assessment, which analyzed more than 100 real world energy installations, reveals repeated technical, organizational, and functional weaknesses that continue to expose critical infrastructure to cyber threats. The research is based

Survey of Over 100 Energy Systems Reveals Critical OT Cybersecurity Gaps Read More »

Russian ELECTRUM Linked to December 2025 Cyber Attack on Polish Power Grid

A coordinated cyber attack that struck multiple locations across the Polish power grid in late December 2025 has been attributed, with medium confidence, to a Russian state sponsored threat group known as ELECTRUM. Operational technology security firm Dragos revealed the findings in a newly published intelligence brief, describing the incident as the first large scale cyber attack focused on distributed energy

Russian ELECTRUM Linked to December 2025 Cyber Attack on Polish Power Grid Read More »

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Vulnerabilities

Zoom and GitLab have released urgent security updates addressing multiple high-severity vulnerabilities that could allow remote code execution (RCE), denial-of-service (DoS) attacks, and two-factor authentication (2FA) bypass. Zoom MMR Remote Code Execution The most critical flaw affects Zoom Node Multimedia Routers (MMRs) and carries a CVSS score of 9.9/10. Tracked as CVE-2026-22844, the vulnerability was discovered internally by Zoom’s Offensive Security team. According

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Vulnerabilities Read More »

VoidLink Linux Malware Framework Created with AI Assistance Hits 88,000 Lines of Code

Cybersecurity researchers have uncovered new details about a highly advanced Linux malware framework known as VoidLink, revealing that the project was likely developed by a single threat actor using artificial intelligence assistance. The findings suggest a major shift in how sophisticated malware can now be created with limited human resources. According to a detailed analysis released

VoidLink Linux Malware Framework Created with AI Assistance Hits 88,000 Lines of Code Read More »

LOTUSLITE Backdoor Targets U.S. Policy Entities Through Venezuela-Themed Spear Phishing

Cybersecurity researchers have revealed a new malware campaign aimed at U.S. government and policy organizations, using politically themed lures to deliver a backdoor called LOTUSLITE. The campaign exploits geopolitical tensions between the U.S. and Venezuela. Attackers distributed a ZIP archive named “US now deciding what’s next for Venezuela.zip”, which contains a malicious DLL. This DLL is executed

LOTUSLITE Backdoor Targets U.S. Policy Entities Through Venezuela-Themed Spear Phishing Read More »