Threat

China-Linked Tick APT Exploits Lanscope Zero-Day to Compromise Corporate Networks

A sophisticated cyber espionage group known as Tick has been identified as the actor behind the exploitation of a critical, recently disclosed zero-day vulnerability in Motex Lanscope Endpoint Manager. This campaign, targeting specific sectors for intelligence gathering, demonstrates the continued threat posed by advanced persistent threats (APTs) to corporate network security. The Zero-Day Vulnerability: CVE-2025-61932 […]

China-Linked Tick APT Exploits Lanscope Zero-Day to Compromise Corporate Networks Read More »

AI-Targeted Cloaking Attack Tricks Crawlers Into Citing False Information as Verified Facts

A novel cybersecurity threat is targeting the very foundation of agentic AI browsers, a development that could allow malicious actors to poison the information these systems retrieve and present as undeniable truth. This sophisticated “cloaking” technique exploits the trust AI models place in their web crawlers, creating a ripe opportunity for widespread misinformation and manipulation.

AI-Targeted Cloaking Attack Tricks Crawlers Into Citing False Information as Verified Facts Read More »

10 Malicious npm Packages Steal Developer Credentials Across Windows, macOS, and Linux

In a stark reminder of the vulnerabilities within open-source ecosystems, cybersecurity analysts have unearthed ten deceptive npm packages engineered to pilfer sensitive developer credentials. These packages, capable of operating on Windows, macOS, and Linux, employ sophisticated stealth techniques to avoid detection while harvesting a treasure trove of personal and corporate data. The Deceptive Packages and

10 Malicious npm Packages Steal Developer Credentials Across Windows, macOS, and Linux Read More »

Russian Hackers Target Ukrainian Organizations Using Stealthy, Living Off the Land Tactics

Russian threat actors have reportedly conducted a series of stealthy cyberattacks on organizations in Ukraine, aiming to steal confidential data and maintain persistent access to compromised networks.According to a recent joint report by Symantec and Carbon Black Threat Hunter Team, the attacks targeted a large business services company for two months and a local government

Russian Hackers Target Ukrainian Organizations Using Stealthy, Living Off the Land Tactics Read More »

TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves

A team of academic researchers from Georgia Tech, Purdue University, and Synkhronix has developed TEE.Fail, a practical side-channel method that can extract secrets from processor-based trusted execution environments, including Intel SGX, Intel TDX, AMD SEV-SNP, and Ciphertext Hiding. The technique uses inexpensive, off-the-shelf electronics to inspect DDR5 memory traffic, exposing weaknesses in current CPU TEE

TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves Read More »

New Android Trojan ‘Herodotus’ Evades Anti-Fraud Systems by Mimicking Human Typing Behavior

Security researchers have uncovered a new Android banking trojan, named Herodotus, which is being used in active campaigns targeting users in Italy and Brazil. The malware aims for device takeover, or DTO, and stands out because it deliberately mimics human typing patterns to evade timing-based, behaviour-only anti-fraud systems. What Herodotus is, and where it came

New Android Trojan ‘Herodotus’ Evades Anti-Fraud Systems by Mimicking Human Typing Behavior Read More »

Chrome Zero-Day Exploited to Deploy LeetAgent Spyware by Italian Memento Labs

A newly uncovered cyber espionage operation has revealed that a now-patched Google Chrome zero-day vulnerability was exploited to deploy a sophisticated spyware known as LeetAgent. According to research from Kaspersky, the operation has been linked to the Italian IT and security firm Memento Labs, known for developing surveillance tools. Operation ForumTroll and the Chrome Vulnerability

Chrome Zero-Day Exploited to Deploy LeetAgent Spyware by Italian Memento Labs Read More »

Researchers Reveal GhostCall and GhostHire, New Malware Chains Linked to BlueNoroff APT

Security researchers have exposed two coordinated malware campaigns, GhostCall and GhostHire, linked to the North Korea-associated Lazarus sub-group BlueNoroff, also tracked under names like APT38, CryptoCore, Genie Spider, Nickel Gladstone, Sapphire Sleet, and Stardust Chollima. The campaigns focus on the Web3 and blockchain ecosystem, and together they form part of a larger, long-running operation Kaspersky

Researchers Reveal GhostCall and GhostHire, New Malware Chains Linked to BlueNoroff APT Read More »

SideWinder APT Uses ClickOnce Based Attack Chain to Target South Asian Diplomats

A new cyber espionage campaign has been uncovered, showing the continuous evolution of the SideWinder advanced persistent threat (APT) group. The operation, which took place in September 2025, targeted a European embassy in New Delhi and multiple organizations across Sri Lanka, Pakistan, and Bangladesh. Researchers from Trellix, Ernesto Fernández Provecho and Pham Duy Phuc, have

SideWinder APT Uses ClickOnce Based Attack Chain to Target South Asian Diplomats Read More »

ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands

Cybersecurity experts have uncovered a serious vulnerability in OpenAI’s ChatGPT Atlas browser, which could let attackers inject malicious commands into the AI assistant’s memory and execute unauthorized code. According to Or Eshed, Co-Founder and CEO of LayerX Security, “This exploit enables cybercriminals to implant harmful code, elevate privileges, or deploy malware on targeted systems,” as

ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands Read More »