Cybersecurity Articles
113/68 Monday, March 24, 2025 A new phishing scheme is targeting Instagram business accounts by using fake chatbots and spoofed support emails to trick users into handing over their login credentials. According to the Cofense Phishing Defense Center, the attack begins with a fake notification email claiming that a user’s ad has been suspended due […]
112/68 Friday, March 21, 2025 California Cryobank (CCB), one of the largest sperm banks in the United States, has disclosed a data breach that may have exposed customers’ personal information to unauthorized access. Suspicious activity was first detected on April 21, 2024, and an investigation revealed that attackers accessed or stole certain files between April […]
111/68 Friday, March 21, 2025 Since 2016, a long-running malware campaign known as “DollyWay” has infected more than 20,000 WordPress websites worldwide, redirecting users to malicious sites including dating scams, online gambling platforms, and various other fraudulent destinations. The campaign has evolved over the years, employing advanced evasion techniques and reinfection mechanisms to maintain persistence. […]
110/68 Thursday, March 20, 2025 Microsoft has identified a new malware strain called StilachiRAT, a Remote Access Trojan (RAT) with advanced techniques for hiding itself and stealing sensitive data such as browser passwords, cryptocurrency wallet information, and system details. The malware leverages the WWStartupCtrl64.dll module and utilizes WMI Query Language (WQL) through Web-based Enterprise Management […]
109/68 Thursday, March 20, 2025 A recent report from Flashpoint reveals that Infostealer malware has become a primary tool for cybercriminals in 2024. This type of malware has infected over 23 million devices and stolen more than 2.1 billion user account records, accounting for two-thirds of all stolen data in the past year. Infostealers have […]
108/68 Wednesday, March 19, 2025 Hackers have been exploiting CVE-2025-1316, a high-severity OS command injection vulnerability (CVSS 9.3) in Edimax IC-7100 cameras, to spread the Mirai Botnet since May 2024. This vulnerability enables remote code execution (RCE) through specially crafted requests. According to Akamai, a Proof-of-Concept (PoC) exploit was publicly available as early as June […]
107/68 Wednesday, March 19, 2025 Cybersecurity firm Veriti has reported CVE-2024-27564, a Server-Side Request Forgery (SSRF) vulnerability affecting an open-source ChatGPT version developed by a Chinese developer—a separate platform from OpenAI’s widely used ChatGPT. While categorized as a medium-severity issue, it has been actively exploited in real-world attacks, with 10,479 attempts recorded within a single […]
106/68 Tuesday, March 18, 2025 On March 11, 2025, Yap State, one of the four states of the Federated States of Micronesia (FSM), was targeted by a ransomware attack, forcing the Department of Health to shut down all networks and computer systems to contain the damage. FSM, an island nation in the western Pacific Ocean, […]
105/68 Tuesday, March 18, 2025 GitHub developers are being targeted in a large-scale phishing campaign that uses fake security alerts to trick users into approving a malicious OAuth app. Attackers send deceptive notifications warning of an “unusual access attempt” from Reykjavik, Iceland, citing a suspicious IP address 53.253.117.8 to create urgency. The notification includes a […]
104/68 Monday, March 17, 2025 Cybersecurity researchers have uncovered a malicious campaign using fake packages in the Python Package Index (PyPI) to steal sensitive data, including cloud access tokens. According to ReversingLabs, 20 malicious packages were identified in two separate sets, collectively downloaded over 14,100 times before being removed from PyPI. The most downloaded malicious […]
