Category: Cyber Security
-
A critical n8n RCE vulnerability has triggered an emergency directive from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) after evidence emerged that attackers are actively exploiting the flaw. The vulnerability affects the open-source workflow automation platform n8n, which many organizations use to connect applications, automate tasks, and manage integrations between cloud services. Because these…
-
A major Stryker cyberattack has disrupted systems at one of the world’s largest medical technology companies after attackers deployed destructive wiper malware. The incident forced parts of the company’s infrastructure offline while security teams worked to investigate and contain the breach. The attack has been linked to a group associated with Iranian cyber operations. The…
-
Security researchers have uncovered a new wave of the PhantomRaven NPM attack, a campaign that distributes malicious packages through the npm registry to steal developer data. The operation targets programmers who unknowingly install infected dependencies during normal development work. Investigators discovered 88 malicious packages published through dozens of fake npm accounts. The packages appear legitimate…
-
Recruitment teams regularly receive job applications from unknown candidates. Cybercriminals are now exploiting this routine hiring process to deliver malicious software. The fake resume malware campaign targets human resources departments by disguising infected files as legitimate job applications. Security researchers warn that attackers send convincing resumes that appear relevant to open positions. These applications often…
-
Browser extensions have become essential tools for millions of internet users. They help automate tasks, improve productivity, and customize the browsing experience. However, the Chrome extension ownership transfer threat shows how these trusted tools can quickly become security risks when control changes hands. Security researchers warn that cybercriminals are purchasing legitimate Chrome extensions that already…
-
An Amazon code outage recently disrupted parts of the company’s online store and prompted an internal engineering review. The incident occurred after faulty code entered the production environment and affected several features on the e-commerce platform. Amazon engineers later connected the issue to code generated with the help of artificial intelligence tools. The problem sparked…
-
A large Meta malvertising scam network has launched hundreds of fraudulent advertising campaigns designed to lure victims into investment fraud. Security researchers discovered the operation after analyzing suspicious ads circulating on Facebook and Instagram. The attackers use paid advertisements to promote fake investment opportunities and impersonate well-known brands or public figures. These campaigns aim to…
-
A critical NGINX UI vulnerability has raised serious concerns among system administrators and security professionals. The flaw allows attackers to access complete server backups without authentication, exposing sensitive data such as credentials, encryption keys, and configuration files. NGINX UI provides a web-based dashboard that simplifies server management. While the interface improves usability, the vulnerability shows…
-
Authorities in Ohio are warning residents about a new fraud campaign targeting drivers. The scheme involves messages claiming the recipient owes money for unpaid parking or toll violations. Officials say these notices are fraudulent and designed to pressure victims into making quick payments. The toll fine scam uses messages that appear official and urgent. Criminals…
-
Cybercrime continues to expand across the global digital economy. Governments face increasing pressure to respond to large fraud operations and organized scam networks. The United States recently introduced a new national plan aimed at addressing this growing threat. President Donald Trump released a long-awaited cybersecurity framework alongside an executive order focused on cyber-enabled fraud. The…