Threat

Long-Running Web Skimming Campaign Steals Credit Card Data From Online Checkout Pages

Cybersecurity researchers have uncovered a large scale web skimming operation that has remained active since January 2022, silently harvesting payment card data from compromised online checkout pages. The campaign targets organizations connected to major global payment networks, including American Express, Diners Club, Discover, JCB, Mastercard, and UnionPay. According to a newly published report by Silent […]

Long-Running Web Skimming Campaign Steals Credit Card Data From Online Checkout Pages Read More »

New Malware Campaign Spreads Remcos RAT via Multi-Stage Windows Attack

Cybersecurity analysts have uncovered a new malware operation known as SHADOW#REACTOR, which uses a stealthy, multi stage infection chain to deploy the Remcos Remote Administration Tool (RAT). The campaign is designed to establish persistent and covert control over compromised Windows systems while evading traditional detection mechanisms. According to a technical report released by Securonix researchers Akshay

New Malware Campaign Spreads Remcos RAT via Multi-Stage Windows Attack Read More »

Malicious Chrome Extension Steals MEXC API Keys While Posing as a Trading Tool

Cybersecurity analysts have uncovered a dangerous Google Chrome extension designed to steal API credentials from users of MEXC, a centralized cryptocurrency exchange operating in more than 170 countries. The extension disguises itself as a legitimate automated trading utility, tricking users into granting access that ultimately compromises their accounts. The extension, identified as MEXC API Automator with the

Malicious Chrome Extension Steals MEXC API Keys While Posing as a Trading Tool Read More »

CISA Alerts on Active Exploitation of Gogs Vulnerability Allowing Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of a serious security vulnerability affecting Gogs, a self-hosted Git service. The flaw has now been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, signaling confirmed real-world attacks. The vulnerability, tracked as CVE-2025-8110 with a CVSS score of 8.7, stems from a

CISA Alerts on Active Exploitation of Gogs Vulnerability Allowing Code Execution Read More »

n8n Supply Chain Attack Exploits Community Nodes to Hijack OAuth Tokens

Security researchers have uncovered a supply chain attack targeting the n8n workflow automation ecosystem, where malicious actors abused community published npm packages to steal OAuth credentials from developers. According to findings published by Endor Labs last week, attackers uploaded eight deceptive npm packages that appeared to function as legitimate n8n integration nodes. These packages were

n8n Supply Chain Attack Exploits Community Nodes to Hijack OAuth Tokens Read More »

GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials

A renewed wave of GoBruteforcer activity has been observed targeting databases linked to cryptocurrency and blockchain projects. The campaign aims to hijack vulnerable servers and enroll them into a botnet capable of brute forcing user credentials for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux based systems. Campaign Drivers and Initial Findings According

GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials Read More »

Instagram Confirms No System Breach and Fixes External Party Password Reset Issue

Instagram has clarified that its internal systems were not compromised following reports of unexpected password reset emails sent to users. The company confirmed that the incident was caused by an external party abusing a now resolved issue, and emphasized that user accounts remain secure. Clarification Following Data Leak Reports The statement comes after widespread discussion

Instagram Confirms No System Breach and Fixes External Party Password Reset Issue Read More »

Data Breach at Texas Gas Station Operator Exposes Information of Over 377,000 Customers

A major cybersecurity incident has impacted Gulshan Management Services, Inc., a gas station operator headquartered in Sugar Land, Texas, resulting in the exposure of personal information belonging to more than 377,000 customers. The breach has raised serious concerns about the protection of customer data within retail and fuel service operations across multiple US states. Breach

Data Breach at Texas Gas Station Operator Exposes Information of Over 377,000 Customers Read More »

Instagram Data Leak Exposes Sensitive Information of 17.5M Accounts

A major data exposure incident has reportedly impacted around 17.5 million Instagram user accounts, with sensitive personal information now circulating on dark web marketplaces. The issue was highlighted earlier this week by cybersecurity firm Malwarebytes, triggering serious concerns about user privacy, account security, and the potential for large scale abuse. What Information Was Exposed According

Instagram Data Leak Exposes Sensitive Information of 17.5M Accounts Read More »

MuddyWater Launches RustyWater RAT Through Spear-Phishing Targeting Middle East Sectors

Cybersecurity researchers have uncovered a new spear phishing campaign linked to the Iranian threat actor MuddyWater, also known by multiple aliases, targeting critical sectors across the Middle East. The operation delivers a Rust based remote access trojan called RustyWater, signaling a continued shift toward more advanced and stealthy malware frameworks. Campaign Overview According to a

MuddyWater Launches RustyWater RAT Through Spear-Phishing Targeting Middle East Sectors Read More »