Threat

Former Google Engineers Indicted for Transferring Trade Secrets to Iran

Two former engineers from Google and the husband of one of them have been indicted in the United States for allegedly stealing sensitive trade secrets from major technology firms and transferring the information to unauthorized destinations, including Iran. The defendants, Samaneh Ghandali, 41, her husband Mohammadjavad Khosravi, also known as Mohammad Khosravi, 40, and her sister Soroor […]

Former Google Engineers Indicted for Transferring Trade Secrets to Iran Read More »

PromptSpy Android Malware Exploits Gemini AI to Automate Recent-Apps Persistence

Cybersecurity researchers have uncovered a sophisticated Android malware, named PromptSpy, that leverages Google’s generative AI chatbot Gemini to automate actions and ensure persistence on infected devices. This marks one of the first known cases of malware incorporating generative AI into its operational flow. How PromptSpy Operates PromptSpy is capable of: According to Lukáš Štefanko, Gemini is

PromptSpy Android Malware Exploits Gemini AI to Automate Recent-Apps Persistence Read More »

INTERPOL Operation Red Card 2.0 Leads to 651 Arrests in African Cybercrime Crackdown

An international cybercrime operation targeting online scams has resulted in 651 arrests and the recovery of over $4.3 million, coordinated by law enforcement agencies from 16 African countries. The initiative, named Operation Red Card 2.0, ran from December 8, 2025 to January 30, 2026, focusing on high-yield investment scams, mobile money fraud, and fraudulent mobile

INTERPOL Operation Red Card 2.0 Leads to 651 Arrests in African Cybercrime Crackdown Read More »

Fake IPTV Apps Distribute Massiv Android Malware Targeting Mobile Banking Users

Cybersecurity experts have identified a new Android banking trojan called Massiv, designed to conduct device takeover (DTO) attacks for financial theft. The malware hides inside seemingly legitimate IPTV apps, luring users who are searching for online TV services and giving attackers remote control over infected devices. How Massiv Operates According to ThreatFabric, Massiv first appeared in

Fake IPTV Apps Distribute Massiv Android Malware Targeting Mobile Banking Users Read More »

CRESCENTHARVEST Campaign Targets Iran Protest Supporters with RAT Malware

Cybersecurity researchers have uncovered a new cyber espionage campaign, dubbed CRESCENTHARVEST, that appears to target individuals supporting ongoing protests in Iran. The operation is designed to deploy a remote access trojan, RAT, capable of long term surveillance, credential theft, and sensitive data exfiltration. Security analysts warn that the campaign reflects a broader pattern of nation

CRESCENTHARVEST Campaign Targets Iran Protest Supporters with RAT Malware Read More »

Notepad++ Patches Hijacked Update Mechanism Exploited to Deliver Targeted Malware

The popular text editor Notepad++ has released a critical security update after its software update mechanism was abused in a targeted supply chain attack. The flaw allowed a China linked threat actor to selectively distribute malware to specific users by manipulating the update delivery process. The newly released version 8.9.2 introduces major security reinforcements designed to prevent

Notepad++ Patches Hijacked Update Mechanism Exploited to Deliver Targeted Malware Read More »

CISA Identifies Four Actively Exploited Security Vulnerabilities in Latest KEV Update

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog with four newly flagged security flaws that are currently under active exploitation. The move signals heightened risk to organizations, particularly U.S. federal agencies, as the vulnerabilities affect widely used platforms including Google Chrome, Microsoft Windows, and enterprise collaboration systems. Newly Added

CISA Identifies Four Actively Exploited Security Vulnerabilities in Latest KEV Update Read More »

SmartLoader Attack Leverages Trojanized Oura MCP Server to Deploy StealC Infostealer

Cybersecurity researchers have uncovered a sophisticated campaign using a trojanized Model Context Protocol (MCP) server linked to Oura Health to deliver the StealC information stealer. According to Straiker’s AI Research (STAR) Labs, attackers cloned the legitimate Oura MCP server—which normally connects AI assistants to Oura Ring health data—and created fake forks, contributor accounts, and a deceptive infrastructure to build

SmartLoader Attack Leverages Trojanized Oura MCP Server to Deploy StealC Infostealer Read More »

Poland Arrests Suspect Tied to Phobos Ransomware Operation

Authorities in Poland have arrested a 47-year-old man suspected of involvement with the Phobos ransomware network. During the operation, police confiscated computers and mobile devices allegedly containing stolen login credentials, payment card details, and server access information. The arrest was carried out by officers from the Central Bureau of Cybercrime Control in the Małopolska region, with support from units in Katowice

Poland Arrests Suspect Tied to Phobos Ransomware Operation Read More »

Microsoft Identifies “Summarize with AI” Prompts Manipulating Chatbot Recommendations

Microsoft has identified a new tactic used by legitimate businesses to influence artificial intelligence chatbot responses through so-called “Summarize with AI” buttons embedded on websites. The technique mirrors traditional search engine optimization abuse but targets AI systems instead of search rankings. The research, conducted by the Microsoft Defender Security Research Team, describes the method as AI Recommendation

Microsoft Identifies “Summarize with AI” Prompts Manipulating Chatbot Recommendations Read More »