Security

PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces

Ukraine’s Computer Emergency Response Team (CERT-UA) has revealed details of a recent cyber espionage campaign targeting Ukrainian defense forces using a malware strain known as PLUGGYAPE. The attacks were observed between October and December 2025. CERT-UA has attributed the activity with medium confidence to a Russia aligned threat group tracked as Void Blizzard, also known […]

PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces Read More »

New Malware Campaign Spreads Remcos RAT via Multi-Stage Windows Attack

Cybersecurity analysts have uncovered a new malware operation known as SHADOW#REACTOR, which uses a stealthy, multi stage infection chain to deploy the Remcos Remote Administration Tool (RAT). The campaign is designed to establish persistent and covert control over compromised Windows systems while evading traditional detection mechanisms. According to a technical report released by Securonix researchers Akshay

New Malware Campaign Spreads Remcos RAT via Multi-Stage Windows Attack Read More »

New Advanced VoidLink Malware Targets Linux Cloud and Container Environments

Cybersecurity researchers have revealed a previously unknown and highly sophisticated Linux malware framework known as VoidLink, which is purpose built to maintain long term, covert access to cloud based infrastructures. The malware specifically targets Linux systems that form the backbone of modern cloud services and containerized environments. According to a recent analysis published by Check Point

New Advanced VoidLink Malware Targets Linux Cloud and Container Environments Read More »

CISA Alerts on Active Exploitation of Gogs Vulnerability Allowing Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of a serious security vulnerability affecting Gogs, a self-hosted Git service. The flaw has now been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, signaling confirmed real-world attacks. The vulnerability, tracked as CVE-2025-8110 with a CVSS score of 8.7, stems from a

CISA Alerts on Active Exploitation of Gogs Vulnerability Allowing Code Execution Read More »

Instagram Confirms No System Breach and Fixes External Party Password Reset Issue

Instagram has clarified that its internal systems were not compromised following reports of unexpected password reset emails sent to users. The company confirmed that the incident was caused by an external party abusing a now resolved issue, and emphasized that user accounts remain secure. Clarification Following Data Leak Reports The statement comes after widespread discussion

Instagram Confirms No System Breach and Fixes External Party Password Reset Issue Read More »

New MacSync Stealer Uses Signed macOS App to Bypass Gatekeeper and Steal Data

Cybersecurity researchers have uncovered a new and more deceptive variant of the MacSync malware targeting macOS users. Unlike earlier versions that depended on visible user interaction tricks such as ClickFix techniques, this updated strain disguises itself as a legitimately signed and notarised Apple application. By doing so, it successfully bypasses macOS Gatekeeper protections and quietly

New MacSync Stealer Uses Signed macOS App to Bypass Gatekeeper and Steal Data Read More »

xRAT Malware Targets Windows Users Masquerading as Adult Game

A new malware threat called xRAT, also known as QuasarRAT, has been targeting Windows users across Korea, exploiting popular webhard file-sharing services.The Ahnlab Security Intelligence Center (ASEC) recently detected xRAT being distributed as fake adult games. The remote access trojan (RAT) combines advanced evasion techniques with social engineering, making it particularly dangerous for everyday users. Attackers exploit

xRAT Malware Targets Windows Users Masquerading as Adult Game Read More »

CISA Retires 10 Emergency Cybersecurity Directives Issued From 2019 to 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced the retirement of 10 Emergency Directives (EDs) that were originally issued between 2019 and 2024 to address urgent and high impact cybersecurity threats facing federal systems. According to CISA, these directives are now considered closed after successful remediation efforts and the integration of long term

CISA Retires 10 Emergency Cybersecurity Directives Issued From 2019 to 2024 Read More »

Microsoft Warns That Misconfigured Email Routing Can Enable Internal Domain Phishing

Microsoft has issued a warning that threat actors are exploiting misconfigured email routing and weak spoofing protections to carry out phishing attacks that appear to originate from within an organization’s own domain. According to the Microsoft Threat Intelligence team, attackers are abusing these routing weaknesses to deliver phishing emails that impersonate internal communications. These messages

Microsoft Warns That Misconfigured Email Routing Can Enable Internal Domain Phishing Read More »

RondoDox Botnet Abuses Critical React2Shell Vulnerability to Hijack IoT Devices and Web Servers

Cybersecurity researchers have uncovered a prolonged nine-month campaign that targeted Internet of Things (IoT) devices and web applications to recruit them into a botnet named RondoDox. As of December 2025, threat actors have been observed exploiting the newly disclosed React2Shell vulnerability (CVE-2025-55182, CVSS 10.0) to gain unauthorized access to vulnerable systems, according to an analysis

RondoDox Botnet Abuses Critical React2Shell Vulnerability to Hijack IoT Devices and Web Servers Read More »