Cybercrime

Unpatched Firmware Vulnerability Leaves TOTOLINK EX200 Open to Full Remote Device Takeover

The CERT Coordination Center (CERT/CC) has issued a security advisory detailing a serious unpatched vulnerability affecting the TOTOLINK EX200 wireless range extender, which could allow a remote attacker to gain complete control over the device. The vulnerability, tracked as CVE-2025-65606, originates from improper error handling within the device’s firmware upload mechanism. Although no CVSS score has been […]

Unpatched Firmware Vulnerability Leaves TOTOLINK EX200 Open to Full Remote Device Takeover Read More »

Critical AdonisJS Bodyparser Vulnerability (CVSS 9.2) Allows Arbitrary File Write on Servers

Users of the @adonisjs/bodyparser npm package are being urged to update immediately after the disclosure of a critical security vulnerability that could allow remote attackers to write arbitrary files on affected servers. The issue is tracked as CVE-2026-21440 and carries a CVSS score of 9.2, indicating high severity. According to project maintainers, the flaw stems from a path traversal vulnerability within AdonisJS’s

Critical AdonisJS Bodyparser Vulnerability (CVSS 9.2) Allows Arbitrary File Write on Servers Read More »

Russia-Aligned Hackers Exploit Viber to Target Ukrainian Military and Government Entities

A Russia aligned cyber threat group tracked as UAC-0184 has been observed abusing the Viber messaging platform to conduct targeted attacks against Ukrainian military and government organizations. The activity was detailed in a new technical report released by the 360 Threat Intelligence Center. Researchers stated that the group has maintained a high operational tempo throughout 2025, focusing

Russia-Aligned Hackers Exploit Viber to Target Ukrainian Military and Government Entities Read More »

Kimwolf Android Botnet Infects Over 2 Million Devices Through Exposed ADB and Proxy Networks

Cybersecurity researchers have uncovered large scale activity linked to an Android botnet known as Kimwolf, which has compromised more than two million devices by abusing exposed Android Debug Bridge (ADB) services and tunneling through residential proxy networks. The findings were revealed in a recent analysis by Synthient. According to researchers, threat actors operating the Kimwolf botnet

Kimwolf Android Botnet Infects Over 2 Million Devices Through Exposed ADB and Proxy Networks Read More »

New VVS Stealer Malware Targets Discord Accounts Using Obfuscated Python Code

Cybersecurity researchers have uncovered a new Python based information stealing malware known as VVS Stealer, also referred to as VVS $tealer, which is actively targeting Discord users by harvesting account credentials and authentication tokens. According to an analysis published by Palo Alto Networks Unit 42, this stealer has been circulating in underground Telegram channels since at least

New VVS Stealer Malware Targets Discord Accounts Using Obfuscated Python Code Read More »

Infostealers Allow Attackers to Hijack Legitimate Business Infrastructure for Malware Hosting

Cybersecurity researchers are warning about a growing cybercrime cycle in which credentials stolen by infostealer malware are being used to compromise legitimate business websites and convert them into malware hosting platforms. According to recent findings from the Hudson Rock Threat Intelligence Team, this self reinforcing ecosystem allows attackers to repeatedly expand their infrastructure by turning

Infostealers Allow Attackers to Hijack Legitimate Business Infrastructure for Malware Hosting Read More »

Transparent Tribe Initiates New RAT Attacks Targeting Indian Government and Academic Institutions

Cybersecurity researchers have attributed a new wave of targeted cyber espionage activity to the threat group known as Transparent Tribe, also tracked as APT36, aimed at Indian government bodies, academic institutions, and strategically significant organizations. According to a technical analysis published by CYFIRMA, the campaign relies on deceptive delivery methods, most notably a malicious Windows shortcut (LNK)

Transparent Tribe Initiates New RAT Attacks Targeting Indian Government and Academic Institutions Read More »

Cybercriminals Exploit Google Cloud Email Feature in Multi-Stage Phishing Campaign

Cybersecurity experts have uncovered a large-scale phishing operation in which threat actors abused a legitimate Google Cloud feature to send deceptive emails that appeared to originate directly from Google infrastructure. According to findings shared by Check Point, attackers misused Google Cloud’s Application Integration service, specifically its built-in email notification capability, to distribute phishing messages from a genuine

Cybercriminals Exploit Google Cloud Email Feature in Multi-Stage Phishing Campaign Read More »

RondoDox Botnet Abuses Critical React2Shell Vulnerability to Hijack IoT Devices and Web Servers

Cybersecurity researchers have uncovered a prolonged nine-month campaign that targeted Internet of Things (IoT) devices and web applications to recruit them into a botnet named RondoDox. As of December 2025, threat actors have been observed exploiting the newly disclosed React2Shell vulnerability (CVE-2025-55182, CVSS 10.0) to gain unauthorized access to vulnerable systems, according to an analysis

RondoDox Botnet Abuses Critical React2Shell Vulnerability to Hijack IoT Devices and Web Servers Read More »

Silver Fox Targets Indian Users Using Tax-Themed Emails to Deliver ValleyRAT Malware

Cybersecurity researchers have identified a new phishing campaign targeting users in India, carried out by the China-linked threat actor known as Silver Fox. The operation uses income tax related email lures to distribute ValleyRAT, a modular remote access trojan also referred to as Winos 4.0. According to an analysis published by CloudSEK, the attack relies

Silver Fox Targets Indian Users Using Tax-Themed Emails to Deliver ValleyRAT Malware Read More »