UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across pr...
20 articles
DockSec: Open-source AI-powered Docker security scanner
DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by...
Google Colab CLI opens runtimes to Claude Code and Codex
Google released the Google Colab Command-Line Interface, a tool that connects local terminals to remote Colab runtimes. The CLI provides an execution platfor...
Malspam Campaign Abuses DoubleClick to Deploy Stealthy .NET Loader
A sophisticated new malspam campaign is actively exploiting Google’s DoubleClick ad-tracking infrastructure to bypass enterprise email security gateways. Dis...
UNC3753 Targets US Law Firms with Vishing, RMM Tools, and Physical Break-Ins
Threat cluster UNC3753, widely tracked as Silent Ransom Group or Luna Moth, is actively targeting professional, legal, and financial services in the United S...
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
Two things landed within days of each other this week. A security startup reported 21 previously unknown vulnerabilities in FFmpeg, the media library inside ...
Magecart campaign exploits Stripe API for credit card theft
The sophisticated attack utilizes Google Tag Manager (GTM) and Stripe domains, which are implicitly trusted by e-commerce sites, allowing the malicious code ...
Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cybersecurity compan...
New Magecart Attack Abuses Stripe as Malware C2
A novel Magecart campaign that weaponizes legitimate cloud services to evade detection: attackers are storing a JavaScript skimmer inside Stripe customer met...
Chrome 149 Patches 429 Vulnerabilities
Over 100 bugs are critical or high-severity, mainly use-after-free and insufficient validation of untrusted input flaws. The post Chrome 149 Patches 429 Vuln...
Malicious Browser Add-Ons Target Major AI Chatbot Users
Malicious browser add-ons are actively harvesting conversations and personal data from users of major AI platforms including ChatGPT, Claude, Copilot, Gemini...
Fake Context Alignment: The Attack That Made Gemini Obey Strangers Through Your Notifications
SafeBreach tricked Gemini into obeying attackers via WhatsApp notifications, using hidden foreign-language text to bypass Google’s defenses and control smart...
Android Gemini prompt injection flaw patched by Google
SafeBreach researchers discovered that prompt injection attacks could be executed on Android phones if a user instructed Gemini to read their pending notific...
New malspam campaign uses Google DoubleClick to deliver DesckVB RAT
The campaign begins with a phishing email containing an HTML attachment.
Infosecurity Europe: Mythos Outperforms GPT5.5 on Google Chrome Vulnerability Exploits, Says New Benchmark
A Bugcrowd researcher has unveiled ExploitBench, an independent benchmark of AI models for vulnerability exploitation
Gemini Voice Assistant Hijacked via Messaging Notifications
Attackers could have triggered dangerous actions, including controlling smart home devices via Google Home and starting Zoom video calls. The post Gemini Voi...
OAuth marketplace apps keep access after publishers vanish
Installing an app from the Google Workspace Marketplace or GitHub Marketplace can grant a third party access to company email, files, calendars, code reposit...
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell....
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Tra...
CISA Alerts Users to Actively Exploited Android Framework Security Vulnerability
CISA has issued an urgent alert warning of an actively exploited Android Framework vulnerability, tracked as CVE-2025-48595, and has added it to its Known Ex...