Category: Cyber Security
-
Roblox account hackers were arrested in Ukraine after running a large-scale account theft operation. As a result, the case highlights how valuable gaming accounts have become. Organized Account Theft Operation Authorities detained three individuals connected to the scheme. The group targeted accounts with valuable in-game items and virtual currency. To do this, they scanned hundreds…
-
Infostealer malware is quietly expanding its reach, targeting browsers and password managers to collect sensitive data. As a result, many infections go unnoticed until real damage occurs. A Silent Threat With Massive Reach This type of malware focuses on stealth. Instead of causing disruption, it runs silently while collecting data over time. As a result,…
-
A VECT ransomware flaw is turning attacks into permanent data loss. Instead of locking files for ransom, the malware corrupts them beyond recovery. Encryption Process Fails on Large Files The issue appears during the encryption process. The ransomware fails to handle larger files correctly. When processing these files, the malware does not preserve the required…
-
A SAP npm packages compromise exposed sensitive developer data through a supply chain attack. Attackers inserted malicious code into official packages and triggered credential theft during installation. Official Packages Turned Into Attack Vectors The attack targeted trusted SAP npm packages distributed through the npm registry. These tools are widely used in development workflows, which increased…
-
A WordPress plugin backdoor remained hidden inside a widely used redirect plugin for years. The issue exposed more than 70,000 websites to potential compromise without any visible warning signs. Backdoor Found in Popular Redirect Plugin The vulnerability affects the Quick Page/Post Redirect plugin. This tool helps WordPress users manage URL redirects across their sites. Security…
-
A flaw in VECT ransomware is turning attacks into irreversible data loss. Researchers found that version 2.0 fails to properly encrypt large files, leaving victims unable to recover them. The issue changes the nature of the attack. Instead of holding data hostage, the malware can destroy it. Encryption flaw affects large files The VECT ransomware…
-
A critical GitHub vulnerability has raised serious concerns across the developer community. Researchers discovered a flaw that could allow attackers to interfere with repositories using a crafted request. The issue affects both cloud-hosted environments and self-managed deployments, increasing its overall impact. Crafted git push could trigger code execution The GitHub vulnerability involves improper handling of…
-
A ClickUp vulnerability has exposed customer email addresses through a basic but critical security flaw. A researcher discovered that a hardcoded API key in a public JavaScript file allowed access to sensitive data without authentication. The issue highlights how simple misconfigurations can create serious risks in widely used SaaS platforms. Hardcoded API key enabled data…
-
A new Denuvo crack claim is raising serious questions about the future of game protection. Crackers now argue that the widely used DRM system no longer provides the same level of defense against piracy. The claim suggests that recent breakthroughs allow attackers to bypass protections faster than before. This shift could impact how publishers approach…
-
GlassWorm OpenVSX sleeper extensions are driving a new supply chain attack that targets developer tools. Researchers uncovered 73 extensions uploaded in a dormant state, designed to turn malicious only after installation. This approach allows attackers to build trust first and deliver malware later through updates. Sleeper extensions bypass initial detection The GlassWorm OpenVSX sleeper extensions…