Daily information technology
Mozilla has released an emergency security update for Firefox, addressing a critical vulnerability reminiscent of one previously exploited in attacks targeting Russian organizations via the Chrome browser. The issue, designated CVE-2025-2857, affects only the...
A developer operating under the pseudonym M507 has unveiled a new open-source initiative—RamiGPT, an AI-powered tool designed to automate privilege analysis and vulnerability discovery tasks. At its core, the project integrates OpenAI’s capabilities with...
Malicious actors have adopted a new tactic in their attacks on the npm ecosystem—two nefarious packages clandestinely modify legitimate libraries already installed on the system, embedding a reverse shell to maintain persistent access to...
The hacker collective known as RedCurl—previously distinguished by its corporate espionage operations—has now been observed for the first time deploying ransomware in a targeted attack. This strategic pivot significantly amplifies the threat the group...
The soaring popularity of DeepSeek, amplified by ongoing debates around privacy, has not only drawn the attention of users but also piqued the interest of cybercriminals. Fraudulent advertisements, cunningly disguised as official Google search...
OpenAI is strengthening the security of its products and infrastructure by expanding its Bug Bounty program and launching new cybersecurity initiatives. Against the backdrop of a surge in advanced AI agents and growing efforts...
Amid the escalating wave of cyber threats, researchers have identified a novel strain of malware designed to disrupt industrial control systems. The malicious program, dubbed IOCONTROL, has been observed in targeted attacks against fuel...
In September, cybersecurity experts at NSFOCUS identified the emergence of a new botnet dubbed GorillaBot. Built upon the aging codebase of Mirai, it managed to orchestrate over 300,000 attacks across 100 countries within just...
Cybercriminals have devised a novel technique to conceal malicious code within Android applications, rendering it nearly impervious to detection by traditional antivirus tools. The McAfee Mobile Research team has identified campaigns that exploit .NET...
Trend Micro has uncovered a new campaign orchestrated by the threat group Water Gamayun, in which adversaries exploited a vulnerability within the Microsoft Management Console (MMC) to execute malicious code via specially crafted .msc...
Troy Hunt, the renowned cybersecurity blogger and creator of the popular service “Have I Been Pwned” (HIBP), has disclosed a data breach involving his subscriber list, resulting from a phishing attack that compromised his...
One of South Africa’s largest agro-industrial corporations, Astral Foods, has confirmed that it fell victim to a cyberattack on March 16, resulting in widespread disruptions across its production and logistics operations. The incident impacted...
Credential stuffing remains one of the most prevalent and effective methods of unauthorized access. By leveraging databases of compromised usernames and passwords, cybercriminals gain entry to other platforms where users have recycled the same...
Signal President Meredith Whittaker came to the defense of the messaging platform following a recent incident involving Trump administration officials who inadvertently added a journalist to an encrypted group chat discussing potential U.S. military...
The computer disruptions that afflicted Kuala Lumpur International Airport over the past weekend were the result of a cyberattack, according to a joint announcement from Malaysia’s National Cyber Security Agency (NACSA) and Malaysia Airports...
