Threat

CISA Warns of Zimbra and SharePoint Exploits as Cisco Zero Day Targeted in Ransomware Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding the active exploitation of critical vulnerabilities affecting Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint. The agency has urged organizations, especially government entities, to immediately apply security patches to mitigate risks. Actively Exploited Vulnerabilities The two vulnerabilities highlighted by CISA include: CISA […]

CISA Warns of Zimbra and SharePoint Exploits as Cisco Zero Day Targeted in Ransomware Attacks Read More »

LeakNet Ransomware Uses ClickFix on Hacked Sites to Deploy Deno In Memory Loader

Cybersecurity researchers have identified a new attack technique used by the ransomware group LeakNet that combines social engineering with a memory based malware loader. The group is now leveraging the ClickFix tactic through compromised websites to gain initial access to victim systems. According to analysis published by ReliaQuest, the campaign represents a strategic change in

LeakNet Ransomware Uses ClickFix on Hacked Sites to Deploy Deno In Memory Loader Read More »

CISA Warns of Actively Exploited Wing FTP Vulnerability Exposing Server Paths

The U.S. Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency, has added a newly identified vulnerability in Wing FTP Server to its Known Exploited Vulnerabilities (KEV) catalog after confirming that the flaw is being actively abused by attackers. The issue, tracked as CVE-2025-47813 with a CVSS score of 4.3, allows attackers to obtain

CISA Warns of Actively Exploited Wing FTP Vulnerability Exposing Server Paths Read More »

Interpol in cyber criminal

INTERPOL Dismantles 45,000 Malicious IPs and Arrests 94 Suspects in Global Cybercrime Operation

INTERPOL has announced the dismantling of 45,000 malicious IP addresses and servers used in phishing, malware, and ransomware operations. The international law enforcement effort aimed to disrupt criminal networks, neutralize emerging threats, and protect victims from online scams. The operation involved 72 countries and territories, resulting in the arrest of 94 individuals, with another 110 under investigation. Authorities seized 212

INTERPOL Dismantles 45,000 Malicious IPs and Arrests 94 Suspects in Global Cybercrime Operation Read More »

Storm-2561 Distributes Trojanized VPN Clients Through SEO Poisoning to Steal Credentials

Security researchers have uncovered a new cyber campaign in which threat actors distribute trojanized VPN clients using search engine manipulation techniques to steal login credentials from unsuspecting users. According to findings published by Microsoft, the operation uses search engine optimization (SEO) poisoning to redirect users searching for legitimate enterprise software to malicious websites that deliver

Storm-2561 Distributes Trojanized VPN Clients Through SEO Poisoning to Steal Credentials Read More »

Authorities Take Down SocksEscort Proxy Botnet Using 369,000 IPs Across 163 Countries

A coordinated international law enforcement operation has dismantled a large scale criminal proxy network known as SocksEscort botnet, which hijacked thousands of residential routers around the world and used them for cybercrime activities. According to the U.S. Department of Justice (DoJ), the proxy service infected internet routers used by homes and small businesses with malicious software.

Authorities Take Down SocksEscort Proxy Botnet Using 369,000 IPs Across 163 Countries Read More »

CISA Warns of Actively Exploited n8n RCE Vulnerability as 24,700 Instances Remain Exposed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the n8n workflow automation platform to its Known Exploited Vulnerabilities (KEV) catalog, confirming that the flaw is currently being exploited in real world attacks. The vulnerability, tracked as CVE-2025-68613 with a CVSS score of 9.9, allows attackers to execute remote code

CISA Warns of Actively Exploited n8n RCE Vulnerability as 24,700 Instances Remain Exposed Read More »

Researchers Bypass Perplexity Comet AI Browser Safeguards to Launch Phishing Scam in Minutes

Cybersecurity researchers have demonstrated how an artificial intelligence powered web browser can be manipulated into executing a phishing scam in just a few minutes. The attack targeted the Comet AI browser developed by Perplexity, highlighting emerging risks in agentic AI browsing technologies. Agentic browsers use artificial intelligence to automatically interact with websites, complete tasks, and make

Researchers Bypass Perplexity Comet AI Browser Safeguards to Launch Phishing Scam in Minutes Read More »

Meta Shuts Down 150K Accounts Tied to Southeast Asia Scam Centers in Global Crackdown

Meta has disabled more than 150,000 accounts connected to scam centers in Southeast Asia, part of a coordinated global effort involving authorities from Thailand, the U.S., the U.K., Canada, Korea, Japan, Singapore, the Philippines, Australia, New Zealand, and Indonesia. The crackdown also led to 21 arrests by the Royal Thai Police. This action follows a

Meta Shuts Down 150K Accounts Tied to Southeast Asia Scam Centers in Global Crackdown Read More »

Amazon_web_services

UNC6426 Uses nx npm Supply Chain Attack to Obtain AWS Admin Access Within 72 Hours

Cybersecurity investigators have revealed that a threat actor identified as UNC6426 successfully breached a company’s cloud infrastructure within 72 hours by abusing credentials stolen during a software supply chain compromise involving the Nx npm package. According to findings published in the Google Cloud Threat Horizons Report H1 2026, the attacker initially obtained a developer’s GitHub token. This credential enabled

UNC6426 Uses nx npm Supply Chain Attack to Obtain AWS Admin Access Within 72 Hours Read More »