Cybersecurity Articles

554/68 Monday, December 29, 2025 Cybersecurity researchers have identified a malicious NPM package named “Lotusbail”, which has been downloaded more than 56,000 times. The package masquerades as a WhatsApp Web API library built on top of Baileys. While it functions normally for sending and receiving messages, it secretly embeds capabilities to intercept sensitive user data, […]

553/68 Monday, December 29, 2025 A serious security vulnerability has been identified in MongoDB, tracked as CVE-2025-14847, with a CVSS score of 8.7. The flaw could allow unauthenticated remote attackers to read uninitialized heap memory from a MongoDB server. The issue stems from inconsistent handling of the length parameter in MongoDB’s Zlib-based network compression protocol, […]

552/68 Monday, December 29, 2025 Researchers from Kaspersky have disclosed the discovery of a highly sophisticated cyber-espionage campaign conducted by an advanced persistent threat (APT) group known as “Evasive Panda” (also referred to as Bronze Highland or StormBamboo), which has been linked to China. The operation took place between November 2022 and 2024, targeting victims […]

551/68 Friday, December 26, 2025 Fortinet has issued a security warning after detecting active exploitation of CVE-2020-12812 affecting FortiOS SSL VPN, a vulnerability that allows attackers to bypass two-factor authentication (2FA) by simply altering the letter casing of the username during login. For example, logging in as “Admin” instead of “admin” may allow access without […]

550/68 Friday, December 26, 2025 The Federal Bureau of Investigation (FBI) has seized the domain web3adspanels[.]org, along with its associated databases, after determining that it was being used as infrastructure to collect and manage stolen banking usernames and passwords from victims in the United States. The domain functioned as a backend web panel for cybercriminals, […]

549/68 Friday, December 26, 2025 A cyberattack campaign has been detected using typosquatting, in which attackers deliberately register look-alike domains with misspellings to deceive users of Microsoft Activation Scripts (MAS)—an open-source PowerShell script commonly used to activate Windows and Office. In this campaign, attackers registered the domain get.activate[.]win (missing the letter “d”) to impersonate the […]

548/68 Thursday, December 25, 2025 A new macOS malware strain known as MacSync Stealer has been discovered masquerading as the installer for a chat application called zk-call, designed to appear legitimate. The installer is digitally code-signed and notarized by Apple, using a fraudulent Developer Team ID, allowing the operating system to treat it as trusted […]

547/68 Thursday, December 25, 2025 Cybersecurity researchers have disclosed a critical vulnerability in the n8n workflow automation platform, tracked as CVE-2025-68613, with a CVSS score of 9.9 (Critical). Under certain conditions, this vulnerability could allow an attacker to execute arbitrary code on affected systems. n8n is a widely used workflow automation platform, with approximately 57,000 […]

546/68 Thursday, December 25, 2025 Recent reports have uncovered a new wave of WebRAT malware that has shifted its targets from gamers-previously infected via cheats for games such as Roblox or Counter-Strike-to software developers and security administrators. Attackers have created fake GitHub repositories claiming to host proof-of-concept (PoC) exploit code for newly disclosed vulnerabilities, such […]

545/68 Tuesday, December 24, 2025 A new strain of Android malware known as “Wonderland” (also referred to as WretchedCat) has been observed spreading in Uzbekistan. The TrickyWonders group has shifted its tactics from directly tricking victims into installing malware to using dropper applications disguised as legitimate apps, such as fake Google Play apps or file […]