Daily Cyber News

Malicious Chrome Extension Steals MEXC API Keys While Posing as a Trading Tool

Cybersecurity analysts have uncovered a dangerous Google Chrome extension designed to steal API credentials from users of MEXC, a centralized cryptocurrency exchange operating in more than 170 countries. The extension disguises itself as a legitimate automated trading utility, tricking users into granting access that ultimately compromises their accounts. The extension, identified as MEXC API Automator with the […]

Malicious Chrome Extension Steals MEXC API Keys While Posing as a Trading Tool Read More »

ServiceNow Fixes Critical AI Platform Flaw Enabling Unauthenticated User Impersonation

ServiceNow has disclosed and patched a critical security vulnerability in its artificial intelligence platform that could have allowed unauthenticated attackers to impersonate legitimate users and perform actions on their behalf. The flaw, tracked as CVE-2025-12420 and rated 9.3 on the CVSS scale, affects components within the ServiceNow AI ecosystem. The vulnerability has been named BodySnatcher

ServiceNow Fixes Critical AI Platform Flaw Enabling Unauthenticated User Impersonation Read More »

CISA Alerts on Active Exploitation of Gogs Vulnerability Allowing Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of a serious security vulnerability affecting Gogs, a self-hosted Git service. The flaw has now been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, signaling confirmed real-world attacks. The vulnerability, tracked as CVE-2025-8110 with a CVSS score of 8.7, stems from a

CISA Alerts on Active Exploitation of Gogs Vulnerability Allowing Code Execution Read More »

n8n Supply Chain Attack Exploits Community Nodes to Hijack OAuth Tokens

Security researchers have uncovered a supply chain attack targeting the n8n workflow automation ecosystem, where malicious actors abused community published npm packages to steal OAuth credentials from developers. According to findings published by Endor Labs last week, attackers uploaded eight deceptive npm packages that appeared to function as legitimate n8n integration nodes. These packages were

n8n Supply Chain Attack Exploits Community Nodes to Hijack OAuth Tokens Read More »

GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials

A renewed wave of GoBruteforcer activity has been observed targeting databases linked to cryptocurrency and blockchain projects. The campaign aims to hijack vulnerable servers and enroll them into a botnet capable of brute forcing user credentials for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux based systems. Campaign Drivers and Initial Findings According

GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials Read More »

Instagram Confirms No System Breach and Fixes External Party Password Reset Issue

Instagram has clarified that its internal systems were not compromised following reports of unexpected password reset emails sent to users. The company confirmed that the incident was caused by an external party abusing a now resolved issue, and emphasized that user accounts remain secure. Clarification Following Data Leak Reports The statement comes after widespread discussion

Instagram Confirms No System Breach and Fixes External Party Password Reset Issue Read More »

Data Breach at Texas Gas Station Operator Exposes Information of Over 377,000 Customers

A major cybersecurity incident has impacted Gulshan Management Services, Inc., a gas station operator headquartered in Sugar Land, Texas, resulting in the exposure of personal information belonging to more than 377,000 customers. The breach has raised serious concerns about the protection of customer data within retail and fuel service operations across multiple US states. Breach

Data Breach at Texas Gas Station Operator Exposes Information of Over 377,000 Customers Read More »

New MacSync Stealer Uses Signed macOS App to Bypass Gatekeeper and Steal Data

Cybersecurity researchers have uncovered a new and more deceptive variant of the MacSync malware targeting macOS users. Unlike earlier versions that depended on visible user interaction tricks such as ClickFix techniques, this updated strain disguises itself as a legitimately signed and notarised Apple application. By doing so, it successfully bypasses macOS Gatekeeper protections and quietly

New MacSync Stealer Uses Signed macOS App to Bypass Gatekeeper and Steal Data Read More »

Instagram Data Leak Exposes Sensitive Information of 17.5M Accounts

A major data exposure incident has reportedly impacted around 17.5 million Instagram user accounts, with sensitive personal information now circulating on dark web marketplaces. The issue was highlighted earlier this week by cybersecurity firm Malwarebytes, triggering serious concerns about user privacy, account security, and the potential for large scale abuse. What Information Was Exposed According

Instagram Data Leak Exposes Sensitive Information of 17.5M Accounts Read More »

MuddyWater Launches RustyWater RAT Through Spear-Phishing Targeting Middle East Sectors

Cybersecurity researchers have uncovered a new spear phishing campaign linked to the Iranian threat actor MuddyWater, also known by multiple aliases, targeting critical sectors across the Middle East. The operation delivers a Rust based remote access trojan called RustyWater, signaling a continued shift toward more advanced and stealthy malware frameworks. Campaign Overview According to a

MuddyWater Launches RustyWater RAT Through Spear-Phishing Targeting Middle East Sectors Read More »