Daily Cyber News

Russian APT28 Exploits SOHO Routers in Global DNS Hijacking and Cyber Espionage Campaign

A sophisticated cyber espionage campaign linked to Russia’s notorious threat group APT28, also tracked as Forest Blizzard, has been uncovered targeting vulnerable home and small office routers worldwide. The operation focuses on manipulating DNS configurations to intercept sensitive data without user awareness. The campaign, named FrostArmada by Black Lotus Labs, has been active since at least May […]

Russian APT28 Exploits SOHO Routers in Global DNS Hijacking and Cyber Espionage Campaign Read More »

Medusa Ransomware

China-Linked Storm-1175 Exploits Zero-Day Flaws to Rapidly Deploy Medusa Ransomware Attacks

A cyber threat group associated with China, identified as Storm-1175, has been observed conducting rapid and highly coordinated cyberattacks by exploiting both undisclosed (zero-day) and known (N-day) vulnerabilities. The group is primarily focused on deploying Medusa ransomware across compromised systems. Security researchers from Microsoft Threat Intelligence report that the attackers are capable of executing high-speed intrusions, often breaching systems within

China-Linked Storm-1175 Exploits Zero-Day Flaws to Rapidly Deploy Medusa Ransomware Attacks Read More »

Iran-Linked Password Spraying Campaign Targets Over 300 Israeli Microsoft 365 Organizations

A large-scale cyber operation believed to be connected to Iran has been identified targeting Microsoft 365 environments, primarily focusing on organizations in Israel and the United Arab Emirates. The campaign comes amid rising geopolitical tensions in the Middle East and highlights the increasing use of cloud-focused cyberattacks. According to findings released by Check Point Software Technologies,

Iran-Linked Password Spraying Campaign Targets Over 300 Israeli Microsoft 365 Organizations Read More »

Microsoft Warns of WhatsApp-Delivered VBS Malware Exploiting UAC Bypass on Windows

Microsoft has issued a warning about a newly discovered cyber campaign that uses WhatsApp to distribute malicious Visual Basic Script (VBS) files. The attack chain is designed to compromise Windows systems, establish persistence, and gain elevated privileges through stealth techniques. Attack Begins with Social Engineering The campaign, first observed in late February 2026, relies heavily on social engineering

Microsoft Warns of WhatsApp-Delivered VBS Malware Exploiting UAC Bypass on Windows Read More »

Vertex AI Vulnerability Exposes Sensitive Google Cloud Data and Private Artifacts

A newly identified security weakness in Google Vertex AI has raised serious concerns about potential data exposure and cloud infrastructure compromise. Security researchers have revealed that artificial intelligence agents operating within the platform could be manipulated to access sensitive information without authorization. Misconfigured Permissions Create a Hidden Risk The issue stems from how permission controls are implemented

Vertex AI Vulnerability Exposes Sensitive Google Cloud Data and Private Artifacts Read More »

Silver Fox Expands Asia-Focused Cyber Campaign Using AtlasCross RAT and Fake Domains

A sophisticated cybercrime group known as Silver Fox, also tracked as SwimSnake, Valley Thief, UTG-Q-1000, and Void Arachne, has escalated its operations in Asia using a previously undocumented remote access trojan (RAT) named AtlasCross RAT. The campaign specifically targets Chinese-speaking users by leveraging typosquatted domains impersonating trusted software brands. Attack Vectors and Targeted Applications The group is

Silver Fox Expands Asia-Focused Cyber Campaign Using AtlasCross RAT and Fake Domains Read More »

Axios Supply Chain Attack Delivers Cross-Platform RAT Through Compromised npm Account

A major supply chain security incident has impacted Axios, one of the most widely used HTTP clients in the JavaScript ecosystem. Attackers successfully introduced malicious code into the npm package by compromising a maintainer account, enabling the distribution of a cross-platform remote access trojan (RAT). Compromised npm Account Used to Publish Malicious Versions Security researchers revealed

Axios Supply Chain Attack Delivers Cross-Platform RAT Through Compromised npm Account Read More »

OpenAI Fixes ChatGPT Data Exfiltration Flaw and Codex Vulnerability Exposing GitHub Tokens

A critical security issue affecting AI systems has been resolved after researchers discovered vulnerabilities in ChatGPT and Codex that could have exposed sensitive user data and developer credentials. ChatGPT Flaw Enabled Covert Data Exfiltration Researchers from Check Point uncovered a previously unknown weakness in ChatGPT that allowed hidden data exfiltration without user awareness. The flaw made it possible for

OpenAI Fixes ChatGPT Data Exfiltration Flaw and Codex Vulnerability Exposing GitHub Tokens Read More »

DeepLoad Malware

DeepLoad Malware Leverages ClickFix and WMI Persistence to Steal Browser Credentials

Cybersecurity researchers have identified a newly emerging malware campaign distributing a previously undocumented loader called DeepLoad, leveraging ClickFix social engineering techniques to infect systems and steal sensitive data. ClickFix Lure Initiates the Attack Chain The infection begins with a deceptive ClickFix prompt that convinces users to execute a PowerShell command manually. Victims are instructed to

DeepLoad Malware Leverages ClickFix and WMI Persistence to Steal Browser Credentials Read More »

Russian CTRL Toolkit Uses Malicious LNK Files to Hijack RDP Through FRP Tunnels

Cybersecurity researchers have uncovered a sophisticated Russian-origin remote access toolkit called CTRL, which is distributed through malicious Windows shortcut (LNK) files disguised as private key folders. The toolkit enables credential theft, keylogging, and RDP session hijacking, while using Fast Reverse Proxy (FRP) tunnels to maintain stealthy command and control (C2). Multi-Stage Deployment According to Censys Censys, the

Russian CTRL Toolkit Uses Malicious LNK Files to Hijack RDP Through FRP Tunnels Read More »