10.0 Cisco Catalyst SD-WAN Controller bug added to CISA’s KEV list
Maximum-severity bug an authentication bypass flaw that’s considered the highest value target in an attacker’s playbook.
Play
Ransomware
Ransomware exploiting Exchange vulnerabilities and Fortinet flaws, targeting municipalities, legal firms, and manufacturing.
Also known as: play ransomware, playcrypt, play malware
AI Intelligence Brief cached
Related YARA Rules View all on YARA Rules page →
90-Day Activity
All Articles (37)
Last 90 Days
All Time
Google removes 28 fraudulent apps from Play Store
Security researchers at ESET uncovered the malicious campaign, dubbed CallPhantom, which primarily targeted users in India, indicated by the preselected +91 ...
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call historie...
Google is turning Android Studio into a policy watchdog
Google has expanded Play Policy Insights in Android Studio to help developers catch policy issues while coding, including warnings for common problems such a...
Fake Call History Apps on Google Play Steal Payments, Hit 7.3M+ Downloads
28 fake “call history” utilities on Google Play, collectively installed more than 7.3 million times, have been exposed as subscription scams that generate fa...
CallPhantom Android scam reached 7.3 million downloads on Google Play
Scams targeting Android users in India and across the Asia-Pacific region have grown around a long-standing curiosity gap: the desire to look up call records...
Fake call logs, real payments: How CallPhantom tricks Android users
ESET researchers uncovered fraudulent apps on Google Play that claim to provide the call history “for any number” and had been downloaded more than seven mil...
The “Juice” Factor: Designing Game Feel
Designing game feel requires responsive controls, hit-stop, sound, animation, and feedback systems that make gameplay satisfying.
The new rules of war have no rules
When the Iran conflict escalated the way it did, most businesses had no playbook for it. The disruption didn’t stay in the region.
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer...
AI Companies to Play Bigger Role in CVE Program, Says CISA
At VulnCon, Lindsey Cerkovnik, head of vulnerability management at CISA, said AI companies should play a bigger role in vulnerability disclosures in the future
Security for the Quantum Era: Implementing Post-Quantum Cryptography in Android
Posted by Eric Lynch, Product Manager, Android and Dom Elliott, Group Product Manager, Google Play Modern digital security is at a turning point. We are on t...
Keeping Google Play & Android app ecosystems safe in 2025
Posted by Vijaya Kaza, VP and GM, App & Ecosystem Trust Upgrading Google Play’s AI-powered, multi-layered user protections we prevented over 1.75 million pol...
Android expands pilot for in-call scam protection for financial apps
Posted by Aden Haussmann, Associate Product Manager and Sumeet Sharma, Play Partnerships Trust & Safety Lead Android uses the best of Google AI and our advan...
MuddyWater: Snakes by the riverbank
MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook
Fickle PDFs: exploiting browser rendering discrepancies
Imagine the CEO of a random company receives an email containing a PDF invoice file. In Safari and MacOS Preview, the total price displayed is £399.
onwebkitplaybacktargetavailabilitychanged?! New exotic events in the XSS cheat sheet
The power of our XSS cheat sheet is we get fantastic contributions from the web security community and this update is no exception.