Category: Cyber Security
-
Security researchers have discovered that XWorm malware has resurfaced with major upgrades, including a new ransomware module and more than 35 active plugins. The latest version transforms XWorm from a remote access trojan into a full-scale cybercrime toolkit capable of stealing, encrypting, and spying on data. A Malware Toolkit Reborn XWorm first appeared in early…
-
A Gisele Bündchen deepfake scam on Instagram has exposed how advanced AI technology is being weaponized for fraud. Brazilian authorities uncovered a network of scammers using fake celebrity videos to promote non-existent deals and steal millions from unsuspecting users. How the Scam Worked The group used deepfake technology to create convincing video ads featuring Brazilian…
-
Signal has issued a strong warning to Germany over the EU’s proposed chat control legislation. The company argues that mandatory client-side scanning would destroy end-to-end encryption and create unprecedented privacy risks. Signal calls on Germany to stand firm and reject policies that could compromise user security. What Client-Side Scanning Means Client-side scanning is a technology…
-
A Discord vendor hack has exposed user IDs, support chat logs, and limited billing information. The company confirmed that a third-party customer support partner was compromised, allowing attackers to access sensitive data. Discord stated that no passwords or complete account information were affected. What Information Was Exposed The breach impacted users who interacted with Discord’s…
-
A critical Oracle EBS zero-day flaw exploited in Clop data theft attacks has now been patched. The vulnerability allowed hackers to execute code remotely and steal sensitive data from major organizations. Oracle confirmed that the Clop ransomware group exploited the flaw before a fix was available. The Oracle EBS Zero-Day Explained The vulnerability, tracked as…
-
A new Zimbra zero-day exploit has been used in targeted attacks worldwide. Hackers deployed malicious iCalendar files to inject JavaScript, steal credentials, and access victims’ emails. The flaw allowed remote code execution inside active webmail sessions, giving attackers full control over compromised accounts. How the Zimbra Zero-Day Exploit Worked Researchers identified the vulnerability as CVE-2025-27915,…
-
Cybersecurity researchers have detected a sharp rise in Palo Alto Networks scans aimed at identifying vulnerable login portals. The spike suggests that attackers may be preparing for larger exploitation campaigns targeting GlobalProtect VPN and PAN-OS devices. Massive Increase in Scanning Activity According to data from GreyNoise, the number of IPs scanning Palo Alto Networks portals…
-
Signal quantum encryption has arrived. The privacy-focused messaging app introduced a new layer of protection called Sparse Post-Quantum Ratchet (SPQR) to defend against future quantum computing threats. This upgrade aims to keep Signal messages secure even when quantum computers can break today’s encryption methods. How the New SPQR System Works SPQR strengthens Signal’s existing Double…
-
A recent Renault cyber attack exposed customer data through a breach at a third-party provider. While Renault’s core systems remain secure, personal details such as names, contact information, and vehicle identifiers were compromised. The company has launched an investigation to determine the full extent of the incident. What Happened Renault confirmed that the breach originated…
-
A group of Salesforce hackers is demanding ransom while threatening to leak data from more than 700 companies. The attackers claim they accessed sensitive information through Salesforce-linked tools, putting global businesses at risk. What Happened The syndicate, calling itself Scattered LAPSUS$ Hunters, posted a ransom demand on the dark web. They warned Salesforce to negotiate…