Threat

Critical React Native CLI Vulnerability Exposed Millions of Developers to Remote Attacks

A critical security vulnerability, tracked as CVE-2025-11953, has been discovered and patched in the widely used @react-native-community/cli npm package. This flaw could have allowed remote, unauthenticated attackers to execute arbitrary operating system commands on a developer’s machine, posing a severe risk to the software development ecosystem. Vulnerability Overview and Severity The vulnerability received the highest severity rating with […]

Critical React Native CLI Vulnerability Exposed Millions of Developers to Remote Attacks Read More »

Europol and Eurojust Dismantle 600 Million Euro Crypto Fraud Network in Global Operation

In a major international law enforcement operation, nine individuals have been arrested for their alleged roles in a sophisticated cryptocurrency money laundering network that defrauded victims of an estimated €600 million (approximately $688 million). The coordinated takedown highlights the global fight against increasingly professionalized crypto-enabled financial crimes. A Coordinated Cross-Border Takedown The operation, which took place between

Europol and Eurojust Dismantle 600 Million Euro Crypto Fraud Network in Global Operation Read More »

Operation SkyCloak Uses Tor-Enabled OpenSSH Backdoor to Target Defense Organizations

A sophisticated cyber espionage campaign, dubbed Operation SkyCloak, is using weaponized phishing emails to deploy a highly stealthy backdoor on target systems. The malware establishes persistent remote access by combining a customized OpenSSH server with a Tor hidden service, creating a covert channel that is extremely difficult to trace. The Lure: Phishing with Military Documents The

Operation SkyCloak Uses Tor-Enabled OpenSSH Backdoor to Target Defense Organizations Read More »

Microsoft Teams Vulnerabilities Allow Attackers to Impersonate Colleagues and Edit Messages Undetected

Security researchers have uncovered a set of critical vulnerabilities within Microsoft Teams that could have allowed attackers to manipulate conversations, impersonate trusted colleagues, and exploit notifications to launch sophisticated social engineering attacks. These flaws fundamentally undermined the trust users place in the platform’s communication integrity. The Core Vulnerabilities: A Breakdown of the Threats Discovered by

Microsoft Teams Vulnerabilities Allow Attackers to Impersonate Colleagues and Edit Messages Undetected Read More »

Microsoft Detects ‘SesameOp’ Backdoor Using OpenAI API as Stealth Command Channel

Microsoft has exposed a novel and sophisticated backdoor, codenamed SesameOp, that abuses the legitimate OpenAI Assistants API as its primary command-and-control (C2) channel. This technique represents a significant evolution in cyber espionage, allowing attackers to hide their communications within trusted, everyday AI traffic. A New Stealth Tactic: Hiding in Plain Sight Discovered by the Microsoft Detection

Microsoft Detects ‘SesameOp’ Backdoor Using OpenAI API as Stealth Command Channel Read More »

U.S. Prosecutors Charge Cybersecurity Insiders for Involvement in BlackCat Ransomware Attacks

In a case that blurs the line between defender and attacker, U.S. federal prosecutors have charged three individuals, including two cybersecurity professionals, for their alleged involvement in a series of BlackCat (ALPHV) ransomware attacks targeting American companies. The accused allegedly exploited their industry positions to carry out and negotiate extortion schemes. The Accused: From Threat

U.S. Prosecutors Charge Cybersecurity Insiders for Involvement in BlackCat Ransomware Attacks Read More »

SleepyDuck VSX Extension Uses Ethereum to Sustain Its Command Server

A malicious extension discovered in the Open VSX registry poses a significant threat to developers by embedding a remote access trojan named SleepyDuck. What makes this threat particularly resilient is its innovative use of the Ethereum blockchain to maintain contact with its command server, ensuring it can survive traditional takedown efforts. The Malicious Extension and Its

SleepyDuck VSX Extension Uses Ethereum to Sustain Its Command Server Read More »

New Business Email Protection Method Blocks Phishing Attack Behind NPM Breach

A highly sophisticated phishing campaign successfully targeted high-profile developers on the NPM registry in September 2025, leading to one of the most significant supply chain attacks in its history. The attackers combined convincing social engineering with technical precision to steal credentials and inject malicious code into widely used packages, ultimately aiming to hijack cryptocurrency transactions.

New Business Email Protection Method Blocks Phishing Attack Behind NPM Breach Read More »

Hackers Deliver SSH-Tor Backdoor Through Weaponized Military Documents in ZIP Files

In a highly targeted cyber espionage campaign uncovered in October 2025, threat actors have been deploying a sophisticated SSH-Tor backdoor by disguising it within weaponized military documents. The attack, aimed at defense personnel, demonstrates a significant evolution in combining social engineering with advanced technical stealth to maintain persistent access to compromised systems. The Lure: A

Hackers Deliver SSH-Tor Backdoor Through Weaponized Military Documents in ZIP Files Read More »

Researchers Discover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Information

Cybersecurity researchers have exposed two sophisticated Android trojans, BankBot-YNRK and DeliveryRAT, which are actively stealing sensitive financial information from users worldwide. These malware families employ advanced evasion techniques and abuse core phone functionalities to commit fraud and data theft on a significant scale. BankBot-YNRK: A Highly Evasive Banking Trojan Analyzed by CYFIRMA, BankBot-YNRK is a dangerous malware

Researchers Discover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Information Read More »