⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update,…
When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider
As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In fact, over 80% of…
ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics
Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka…
Another Ryzen 9000 CPU Burnout: What’s Really Going On?
Ddos September 1, 2025 Earlier this year, reports emerged of Asrock motherboards paired with processors such as the 9800X3D suffering…
Weekly Cybersecurity News Recap : WhatsApp, Chrome 0-Day, AI Ransomware and Cyber Attacks
Welcome to your Weekly Cybersecurity News Recap. This week, the digital world faced a fresh wave of threats, underscoring the relentless…
Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 300k+ Plex Media Server…
Meta’s New AI NPCs Will Make Horizon Worlds Come to Life
Ddos August 31, 2025 Meta is once again infusing its metaverse platform, Horizon Worlds, with generative AI experiences, enabling developers…
TamperedChef infostealer delivered through fraudulent PDF Editor
Threat actors have been using multiple websites promoted through Google ads to distribute a convincing PDF editing app that delivers an…
Critical Citrix 0-Day Vulnerability Exploited Since May, Leaving Global Entities Exposed
A critical zero-day vulnerability in Citrix NetScaler products, identified as CVE-2025-6543, has been actively exploited by threat actors…
WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users
A sophisticated attack campaign has leveraged a previously unknown zero-day vulnerability in WhatsApp on Apple devices to target specific…
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked…
Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign
An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an…
Npm Package Hijacked to Steal Data and Crypto via AI-Powered Malware
A threat actor released malicious updates on the npm package repository for components of a tool popular among developers intending to steal…
Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations
Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much broader in scope than…
TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies
Cybersecurity researchers have discovered a cybercrime campaign that’s using malvertising tricks to direct victims to fraudulent sites…
Google warns Salesloft breach impacted some Workspace accounts
Google now reports that the Salesloft Drift breach is larger than initially thought, warning that attackers also used stolen OAuth tokens to…
Google shares workarounds for auth failures on ChromeOS devices
Google is working to resolve authentication issues affecting some ChromeOS devices, which are preventing affected users from signing into…
Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of…
Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide
The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world,…
UK and US Blame Three Chinese Tech Firms for Global Cyberattacks
A coalition of international cybersecurity agencies led by the UK’s National Cyber Security Centre (NCSC) has publicly linked three…
Google Big Sleep AI Tool Finds Critical Chrome Vulnerability
Google has patched a critical graphics library vulnerability in the Chrome browser, discovered by its AI-powered detection tool, Google Big…
Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials
The maintainers of the nx build system have alerted users to a supply chain attack that allowed attackers to publish malicious versions of the…
Someone Created First AI-Powered Ransomware Using OpenAI's gpt-oss:20b Model
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock.…
Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data
A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens…
Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra
Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle between May…
Google to verify all Android devs to protect users from malware
Google is introducing a new defense for Android called ‘Developer Verification’ to block malware installations from…
New Data Theft Campaign Targets Salesforce via Salesloft App
Salesforce customers have again been targeted in a “widespread data theft campaign,” this time via compromised OAuth tokens…
Analysis of Apple’s ImageIO Zero-Day Vulnerability: Attacker Context and Historical iOS Zero-Click Similarities
Apple has issued emergency security updates across its entire ecosystem to address CVE-2025-43300, a critical zero-day…
Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks
Update: Story updated with further information. Hackers breached sales automation platform Salesloft to steal OAuth and refresh tokens from…
New Android Trojan Variant Expands with Ransomware Tactics
A new version of the Hook Android banking Trojan has surfaced, showcasing one of the most extensive feature sets ever recorded for mobile…
New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station
A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue…
ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners
A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA…
HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands
Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay…
Google to verify all Android devs to block malware on Google Play
Google is introducing a new defense for Android called ‘Developer Verification’ to block malware installations from…
Silk Typhoon hackers hijack network captive portals in diplomat attacks
State-sponsored hackers linked to the Silk Typhoon activity cluster targeted diplomats by hijacking web traffic to redirect to a…
Online PDF Editors Safe to Use? Detailed Analysis of Security Risks Associated With It
Online PDF editors have become common tools for quick document manipulation, providing convenient alternatives to desktop software. However,…
Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide
Many people believe that smartphones are somehow less of a target for threat actors. They couldn’t be more wrong.Bitdefender Labs warns…
Google to Verify All Android Developers in 4 Countries to Block Malicious Apps
Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute…
UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats
A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats in Southeast Asia and other entities…
Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads
Cybersecurity researchers have flagged a new phishing campaign that’s using fake voicemails and purchase orders to deliver a malware…
New AI attack hides data-theft prompts in downscaled images
Researchers have developed a novel attack that steals user data by injecting malicious prompts in images processed by AI systems before…
Farmers Insurance data breach impacts 1.1M people after Salesforce attack
U.S. insurance giant Farmers Insurance has disclosed a data breach impacting 1.1 million customers, with BleepingComputer learning that the…