Cybersecurity Articles

405/68 Thursday, October 16, 2025 FortiGuard Labs, a cybersecurity research company, has disclosed a new wave of attacks spreading an information-stealing malware known as “Stealit.” Threat actors are disguising Stealit inside fake game and VPN installers, which they then upload to popular file-sharing platforms such as Mediafire and Discord to lure unsuspecting users into downloading […]

404/68 Wednesday, October 15, 2025 Unity Technologies, the developer of the Unity game engine-a widely used tool for building 3D games and applications-has confirmed that the website for SpeedTree, its graphics software and plugin marketplace, was compromised with malicious code on its payment page, resulting in the theft of customer data. The incident was detected […]

403/68 Wednesday, October 15, 2025 Researchers from the threat monitoring platform GreyNoise have detected a massive campaign leveraging over 100,000 botnet IP addresses worldwide to attack Remote Desktop Protocol (RDP) services in the United States. The campaign, which began on October 8, 2025, originates from multiple countries, including Brazil, Argentina, Iran, China, Mexico, Russia, South […]

402/68 Wednesday, October 15, 2025 On October 14, 2025, Microsoft officially ended support (End of Support – EOS) for the Windows 10 operating system. This means that the company will no longer provide software updates, technical support, or free security patches. As a result, hundreds of millions of computers worldwide that still rely on Windows […]

401/68 Tuesday, October 14, 2025 Cybersecurity authorities have issued a warning about a new scam in the United States after detecting a Smishing campaign (phishing via SMS) targeting New Yorkers. Threat actors are sending fraudulent text messages impersonating the New York State Department of Taxation and Finance, claiming to be part of an “Inflation Refund […]

400/68 Tuesday, October 14, 2025 Oracle has issued a security advisory regarding a newly discovered vulnerability affecting Oracle E-Business Suite (EBS) that could allow attackers to access sensitive information without authentication. Tracked as CVE-2025-61884, the flaw carries a CVSS score of 7.5 (High Severity) and impacts versions 12.2.3 through 12.2.14. According to the National Vulnerability […]

399/68 Tuesday, October 14, 2025 Threat actors tracked as Storm-2603-also known as CL-CRI-1040 and Gold Salem-have been observed weaponizing Velociraptor, an open-source digital forensics and incident response (DFIR) tool widely used by security professionals, turning it into a weapon for ransomware attacks. According to Cisco Talos, the group exploited a SharePoint vulnerability dubbed “ToolShell” to […]

398/68 Friday, October 10, 2025 OpenAI announced that it has suspended accounts linked to three hacker groups that misused ChatGPT to aid in the development of malware and cyberattack tools. One of the groups, a Russian-speaking threat actor, reportedly used the AI model to help build and refine a Remote Access Trojan (RAT) and data-stealing […]

397/68 Friday, October 10, 2025 DraftKings, the U.S.-based online sports betting company, has issued a security advisory after detecting a credential stuffing attack on September 2, 2025. The company observed attempts to access some customer accounts using usernames and passwords previously exposed in unrelated data breaches. However, DraftKings confirmed there is no evidence that its […]

396/68 Friday, October 10, 2025 Three notorious cybercriminal groups in the ransomware ecosystem-LockBit, Qilin, and DragonForce-have announced the formation of a “cartel-style alliance” to share information, techniques, and resources, while also inviting other cybercrime groups to join the collaboration. The announcement comes shortly after LockBit unveiled its new “LockBit 5.0” service, marking a move that […]