A serious security flaw has been discovered in the popular Service Finder WordPress theme, which attackers are actively exploiting to gain unauthorized access to websites. This vulnerability allows threat actors to log in as any user, including administrators, and take complete control of affected sites. Details of the Vulnerability The flaw, tracked as CVE-2025-5947 with a […]
Russian hackers have taken their cyber offensive to a new level by integrating artificial intelligence (AI) into cyber attacks against Ukraine, according to a report published by the State Service for Special Communications and Information Protection of Ukraine (SSSCIP). The report revealed that during the first half of 2025 (H1 2025), hackers began using AI
AI Emerges as Russia’s Latest Cyber Weapon in Its War on Ukraine Read More »
A serious security flaw has been discovered in the figma-developer-mcp (Model Context Protocol) server, which could allow attackers to execute arbitrary code remotely. Although the issue has now been patched, experts are warning users to update immediately to prevent exploitation. Details of the Vulnerability The vulnerability, tracked as CVE-2025-53967 with a CVSS score of 7.5,
Critical Figma MCP Flaw Allows Remote Code Execution, Users Urged to Patch Immediately Read More »
Three leading ransomware groups—DragonForce, LockBit, and Qilin—have officially joined forces, signaling a notable shift in the global cyber threat landscape. This strategic partnership aims to enhance the effectiveness of ransomware operations, according to a report by ReliaQuest shared with The Hacker News. “Following LockBit’s recent return, this alliance is expected to enable the sharing of
LockBit, Qilin, and DragonForce Collaborate to Strengthen Ransomware Operations Read More »
Cybersecurity teams have uncovered a coordinated campaign that compromises WordPress websites to inject malicious JavaScript, with the goal of redirecting visitors to fraudulent, malware laden pages. These drive by injections impersonate legitimate checks, tricking users into following steps that ultimately deliver malware or credential theft. What researchers found, and how the injection works Researchers at
Hackers Compromise WordPress Sites to Fuel Next-Generation ClickFix Phishing Campaigns Read More »
Threat actors believed to be linked to China have repurposed a legitimate open-source monitoring framework, Nezha, to conduct a coordinated cyberattack, researchers found. The campaign, observed in August 2025 by Huntress, used a log poisoning technique to plant a PHP web shell on vulnerable web servers, then leveraged that access to deploy Nezha and ultimately
Chinese Hackers Use Open-Source Nezha Tool in Latest Cyberattack Campaign Read More »
OpenAI has announced that it successfully disrupted three major cyber operations that attempted to exploit ChatGPT for malicious activities, including malware creation and phishing campaigns. Russian Threat Actor Used ChatGPT for Malware Development One of the disrupted groups was a Russian-language actor who misused ChatGPT to design and enhance a Remote Access Trojan (RAT) and
Google’s DeepMind has introduced a groundbreaking AI agent named CodeMender, designed to automatically identify, fix, and rewrite vulnerable code to prevent future exploits. This development strengthens Google’s ongoing efforts in AI-driven vulnerability detection, complementing tools such as Big Sleep and OSS-Fuzz. How CodeMender Works CodeMender operates both reactively and proactively, meaning it not only fixes
Google’s New AI Not Only Detects Vulnerabilities but Also Automatically Patches Code Read More »
Researchers at Aryaka Threat Research Labs, Aditya K Sood and Varadharajan K, report that attackers impersonate recruiters, sending seemingly legitimate job descriptions and corporate documents that conceal malicious payloads. These lures are designed to look authentic, encouraging recipients to open files that initiate a multi-stage infection. How the attack works The campaign commonly uses ZIP
BatShadow Group Deploys Go-Based ‘Vampire Bot’ Malware Targeting Job Seekers Read More »
Cybersecurity experts have closely monitored the development of XWorm malware, evolving it into a highly adaptable tool capable of executing a broad range of malicious operations on infected systems. Trellix researchers Niranjan Hegde and Sijo Jacob explained, “XWorm’s architecture is modular, consisting of a core client and multiple specialized components known as plugins. Each plugin
XWorm 6.0 Resurfaces with Over 35 Plugins, Upgraded Data Theft Features Read More »