The cyber threat cluster identified as SloppyLemming has been linked to a new wave of targeted attacks against government institutions and critical infrastructure organizations in Pakistan and Bangladesh, according to fresh research from Arctic Wolf. The activity reportedly occurred between January 2025 and January 2026 and involved two separate malware delivery chains. These attack paths […]
Cybersecurity researchers have revealed technical details about a recently patched Google Chrome vulnerability that could have enabled malicious browser extensions to escalate privileges and access sensitive system resources. The flaw, identified as CVE-2026-0628 with a CVSS score of 8.8, stemmed from insufficient policy enforcement in Chrome’s WebView tag. Google addressed the issue in early January
New Chrome Flaw Allows Malicious Extensions to Gain Elevated Access Through Gemini Panel Read More »
Google has unveiled a new initiative within its Chrome browser aimed at strengthening HTTPS security against the long term threat of quantum computing. The move represents a significant step toward building a quantum-resistant internet without sacrificing speed or scalability. In a statement from the Chrome Secure Web and Networking Team, Google clarified that it does
Google Introduces Merkle Tree Certificates to Support Quantum Resistant HTTPS in Chrome Read More »
A high severity Microsoft vulnerability patched during February 2026 Patch Tuesday may have been actively exploited by the Russia linked threat group APT28, according to new research from Akamai. The flaw, tracked as CVE-2026-21513 with a CVSS score of 8.8, affects the MSHTML Framework and enables attackers to bypass key Windows security protections. Microsoft described
APT28 Linked to CVE-2026-21513 MSHTML Zero Day Exploited Ahead of Feb 2026 Patch Tuesday Read More »
Cybersecurity researchers have uncovered a fresh wave of the ongoing Contagious Interview campaign, revealing that North Korean threat actors uploaded 26 malicious packages to the npm registry. These packages were disguised as legitimate developer utilities but secretly delivered credential stealing malware and a cross platform remote access trojan, RAT. The activity, tracked by Socket and
A new security analysis has revealed that thousands of publicly exposed Google Cloud API keys could be misused to access sensitive Gemini AI endpoints once the Generative Language API is activated within a project. Researchers at Truffle Security identified nearly 3,000 Google API keys, recognizable by the prefix AIza, embedded in client side JavaScript code across websites.
Thousands of Google Cloud API Keys Exposed After Gemini Access Enabled Read More »
The U.S. Department of Justice announced the seizure of approximately 61 million dollars in Tether connected to large scale cryptocurrency fraud operations commonly referred to as pig butchering scams. Authorities stated that the confiscated digital assets were traced to wallet addresses used to launder proceeds stolen from victims of fraudulent crypto investment schemes. Federal investigators
U.S. DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams Read More »
More than 900 internet facing FreePBX systems from Sangoma Technologies remain compromised with web shells following exploitation of a serious command injection vulnerability, according to findings released by Shadowserver Foundation. The large scale compromise began in December 2025 and continues to impact organizations worldwide. Of the affected instances, 401 are located in the United States, 51 in Brazil,
Over 900 Sangoma FreePBX Instances Compromised in Active Web Shell Attacks Read More »
Cybersecurity researchers have uncovered a harmful Go programming module that impersonates a trusted cryptography library while secretly stealing passwords and deploying a Linux backdoor known as Rekoobe. The rogue package, published under the path github[.]com/xinfeisoft/crypto, mimics the legitimate Go cryptography repository golang.org/x/crypto. However, instead of providing safe cryptographic utilities, it embeds hidden functionality designed to intercept sensitive
Malicious Go Crypto Module Steals Passwords and Installs Rekoobe Backdoor Read More »
The North Korean threat group known as ScarCruft has been linked to a sophisticated cyber espionage campaign that leverages cloud storage services and removable media to infiltrate even isolated environments. Security researchers at Zscaler ThreatLabz have named the operation Ruby Jumper. The campaign, uncovered in December 2025, introduces several new malware families designed to conduct surveillance, move laterally across
ScarCruft Uses Zoho WorkDrive and USB Malware to Infiltrate Air Gapped Networks Read More »