Cybersecurity researchers have revealed a highly severe security flaw in the n8n workflow automation platform that could allow attackers to execute arbitrary code on vulnerable systems under specific conditions. The vulnerability is tracked as CVE-2025-68613 and has received a CVSS score of 9.9, placing it among the most critical software flaws disclosed this year. The issue was identified […]
Cybersecurity researchers have uncovered a malicious software package hosted on the npm repository that masquerades as a fully functional WhatsApp API while secretly stealing sensitive user data and granting attackers persistent access to victims’ WhatsApp accounts. The package, called lotusbail, has been downloaded more than 56,000 times since it was published in May 2025 by
Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens Read More »
Cybersecurity researchers are warning about a rapidly evolving Android malware ecosystem where threat actors are combining malicious droppers, SMS stealing functions, and full remote access capabilities to target users at scale. Recent investigations show that users in Uzbekistan are being actively targeted through fake applications that silently deploy advanced malware once installed. According to an
Android Malware Campaigns Combine Droppers, SMS Theft, and RAT Capabilities at Scale Read More »
Threat intelligence researchers have identified renewed cyber activity linked to an Iranian advanced persistent threat group known as Infy, also referred to as Prince of Persia, nearly five years after the group was last observed conducting attacks in Sweden, the Netherlands, and Turkey. Security experts now believe the scope and persistence of Infy’s operations were
Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence Read More »
The U.S. Department of Justice (DoJ) has formally charged 54 individuals in connection with a large scale ATM jackpotting operation that caused tens of millions of dollars in losses across the United States. According to federal prosecutors, the accused were involved in a coordinated campaign that used a sophisticated malware strain known as Ploutus to
U.S. DOJ Charges 54 Suspects in ATM Jackpotting Scheme Using Ploutus Malware Read More »
A suspected Russia-aligned threat group has been identified for a phishing campaign targeting Microsoft 365 users by exploiting device code authentication flows to steal credentials and conduct account takeovers. The campaign, active since September 2025, is tracked by Proofpoint under the designation UNK_AcademicFlare. Attackers have primarily targeted email accounts associated with government and military organizations,
Russia Linked Hackers Abuse Microsoft 365 Device Code Phishing for Account Takeovers Read More »
Cybersecurity researchers have uncovered an active malware campaign that abuses cracked software websites and popular video platforms to distribute advanced loader malware, primarily CountLoader and GachiLoader. The activity highlights how threat actors continue to exploit user trust in free software and online tutorials to silently compromise systems. Researchers from Cyderes revealed that cracked software distribution
Cracked Software and YouTube Videos Used to Spread CountLoader and GachiLoader Malware Read More »
WatchGuard has issued an urgent security advisory after confirming active exploitation of a critical vulnerability in its Fireware OS. The flaw affects VPN functionality and has already been observed being abused in real world attacks, prompting immediate patching recommendations for all affected customers. The vulnerability, tracked as CVE-2025-14733, carries a CVSS score of 9.3 and is
WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability Read More »
Authorities in Nigeria have confirmed the arrest of three high profile internet fraud suspects connected to large scale phishing operations, including the primary developer behind the RaccoonO365 phishing as a service platform. The arrests were announced by the Nigeria Police Force National Cybercrime Centre following a joint investigation with Microsoft and the Federal Bureau of
Nigeria Arrests RaccoonO365 Phishing Developer Tied to Microsoft 365 Attacks Read More »
Cisco has issued an urgent warning about an actively exploited zero day vulnerability affecting Cisco AsyncOS software. The flaw is being leveraged by a China aligned advanced persistent threat actor tracked as UAT 9686 in attacks against Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances. Cisco said it became aware of the