Cybercrime

Malicious Chrome Extensions Exposed for Stealing Business Data, Emails, and Browsing History

Browser extensions are once again under scrutiny after multiple investigations revealed coordinated campaigns abusing Google Chrome add ons to steal business intelligence, authentication codes, emails, and browsing history. Security researchers have identified several malicious extensions impersonating productivity tools, AI assistants, and social media customization plugins. These threats specifically target platforms such as Meta Business Suite, Facebook Business Manager, Google Chrome, […]

Malicious Chrome Extensions Exposed for Stealing Business Data, Emails, and Browsing History Read More »

First Malicious Outlook Add-In Discovered Stealing Over 4,000 Microsoft Credentials

Cybersecurity researchers have uncovered what is believed to be the first malicious Microsoft Outlook add-in observed in active attacks. The discovery highlights a new evolution in supply chain threats targeting trusted software marketplaces. According to security firm Koi Security, an unidentified attacker hijacked a previously legitimate but abandoned Outlook add-in domain to host a fraudulent

First Malicious Outlook Add-In Discovered Stealing Over 4,000 Microsoft Credentials Read More »

TeamPCP Worm Abuses Cloud Infrastructure to Build Criminal Operations

Cybersecurity experts have uncovered a large and coordinated malicious campaign that abuses cloud native environments to construct infrastructure used for cybercrime operations. Researchers describe the activity as a worm driven operation that spreads automatically across exposed cloud services. The campaign was first observed around December 25, 2025, and relies on publicly exposed Docker APIs, Kubernetes

TeamPCP Worm Abuses Cloud Infrastructure to Build Criminal Operations Read More »

German Agencies Warn of Signal Phishing Attacks Targeting Politicians, Military, and Journalists

Germany’s Federal Office for the Protection of the Constitution, known as BfV, together with the Federal Office for Information Security BSI, have issued a joint cybersecurity alert regarding an active phishing campaign abusing the Signal messaging platform. According to the advisory, the campaign is attributed to a likely state-sponsored threat actor and is specifically aimed at politicians, military officials, diplomats,

German Agencies Warn of Signal Phishing Attacks Targeting Politicians, Military, and Journalists Read More »

CERT Polska Details Coordinated Cyber Attacks on Over 30 Wind and Solar Farms

CERT Polska, Poland’s national computer emergency response team, has disclosed details of a coordinated cyber attack campaign that targeted more than 30 wind and photovoltaic energy farms, a private manufacturing sector company, and a major combined heat and power plant supplying heat to nearly half a million customers. The attacks occurred on December 29, 2025,

CERT Polska Details Coordinated Cyber Attacks on Over 30 Wind and Solar Farms Read More »

Survey of Over 100 Energy Systems Reveals Critical OT Cybersecurity Gaps

A recent study conducted by OMICRON has uncovered serious cybersecurity shortcomings within operational technology networks used across substations, power plants, and control centers globally. The assessment, which analyzed more than 100 real world energy installations, reveals repeated technical, organizational, and functional weaknesses that continue to expose critical infrastructure to cyber threats. The research is based

Survey of Over 100 Energy Systems Reveals Critical OT Cybersecurity Gaps Read More »

CERT/CC Warns Binary Parser Bug Enables Privilege Level Code Execution in Node.js

The CERT Coordination Center (CERT/CC) has issued a warning about a security vulnerability in the widely used binary-parser npm library that could allow attackers to execute arbitrary JavaScript code under certain conditions. The flaw is tracked as CVE-2026-1245 and affects all versions of binary-parser released before 2.3.0. The issue was fixed on November 26, 2025, and users are strongly advised

CERT/CC Warns Binary Parser Bug Enables Privilege Level Code Execution in Node.js Read More »

Black Basta Ransomware Leader Added to EU Most Wanted List and INTERPOL Red Notice

Law enforcement authorities in Ukraine and Germany have identified two Ukrainian nationals suspected of supporting the Russia linked Black Basta ransomware as a service operation. Officials also confirmed that the alleged leader of the group has now been placed on both the European Union Most Wanted list and INTERPOL Red Notice database. The suspect has been named as Oleg Evgenievich Nefedov, a 35

Black Basta Ransomware Leader Added to EU Most Wanted List and INTERPOL Red Notice Read More »

Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Behind Online Fraud

Microsoft has successfully taken legal measures in the U.S. and U.K. to dismantle RedVDS, a subscription-based cybercrime service that enabled criminals to carry out widespread online fraud. The action included seizing domains redvds[.]com, redvds[.]pro, and vdspanel[.]space, effectively taking the illegal service offline. RedVDS allowed threat actors to access cheap, disposable virtual computers for as little as $24 per month,

Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Behind Online Fraud Read More »

Fortinet Patches Critical FortiSIEM Vulnerability Allowing Unauthenticated Remote Code Execution

Fortinet has released security updates to address a critical vulnerability in FortiSIEM that could allow unauthenticated attackers to execute arbitrary code on affected systems. The flaw poses a serious risk to organizations using vulnerable FortiSIEM deployments, particularly those with exposed management services. Vulnerability Overview The issue, tracked as CVE-2025-64155, carries a CVSS score of 9.4, indicating critical

Fortinet Patches Critical FortiSIEM Vulnerability Allowing Unauthenticated Remote Code Execution Read More »