Wireshark Foundation has announced the availability of Wireshark 4.4.8, the latest maintenance release of the world’s most widely used network-protocol analyzer. Although the update does not introduce brand-new protocols, it delivers a focused package of stability improvements, expanded dissector capabilities,…
Tag: Cyber Security News
GLOBAL GROUP’s Golang Ransomware Attacks Windows, Linux, and macOS Environments
A sophisticated new ransomware threat has emerged from the cybercriminal underground, targeting organizations across multiple operating systems with advanced cross-platform capabilities. In June 2025, a ransomware actor operating under the alias “Dollar Dollar Dollar” introduced GLOBAL GROUP on the Ramp4u…
Microsoft Releases Mitigations and Threat Hunting Queries for SharePoint Zero-Day
Thousands of organizations worldwide face active cyberattacks targeting Microsoft SharePoint servers through two critical vulnerabilities, prompting urgent government warnings and emergency patches. Microsoft confirmed over the weekend that threat actors are actively exploiting two zero-day vulnerabilities in on-premises SharePoint servers,…
Dior, a Louis Vuitton Brand, Alerts Customers Following Cyber Attack
Christian Dior Couture, the luxury fashion house owned by Louis Vuitton, has begun notifying customers of a major cybersecurity incident that exposed sensitive personal information of clients. The breach, discovered in May 2025, involved unauthorized access to customer databases containing…
Greedy Sponge Hackers Attacking Financial Institutions With Modified Version of AllaKore RAT
A financially motivated threat group dubbed Greedy Sponge has been systematically targeting Mexican financial institutions and organizations since 2021 with a heavily modified version of the AllaKore remote access trojan (RAT). The campaign represents a sophisticated evolution of cybercriminal tactics,…
DeerStealer Malware Delivered Via Weaponized .LNK Using LOLBin Tools
A sophisticated new phishing campaign has emerged, delivering the DeerStealer malware through weaponized .LNK shortcut files that exploit legitimate Windows binaries in a technique known as “Living off the Land” (LOLBin). The malware masquerades as a legitimate PDF document named…
Developers Beware of npm Phishing Email That Steal Your Login Credentials
A sophisticated phishing campaign has emerged targeting Node.js developers through a meticulously crafted attack that impersonates the official npm package registry. The malicious operation utilizes the typosquatted domain npnjs.com, substituting the letter “m” with “n” to create a nearly identical…
Threat Actors Hijack Popular npm Packages to Steal The Project Maintainers’ npm Tokens
A sophisticated supply chain attack has compromised several widely-used npm packages, including eslint-config-prettier and eslint-plugin-prettier, after threat actors successfully stole maintainer authentication tokens through a targeted phishing campaign. The attack leveraged a typosquatted domain, npnjs.com, designed to mimic the legitimate…
Threat Actors Leverage Zoho WorkDrive Folder to Deliver Obfuscated PureRAT Malware
Cybercriminals have escalated their attack sophistication by utilizing legitimate cloud storage services to distribute advanced malware, as demonstrated in a recent campaign targeting a certified public accounting firm in the United States. The attack, discovered in May 2025, showcases how…
NailaoLocker Ransomware Attacking Windows Systems Using Chinese SM2 Cryptographic Standard
FortiGuard Labs has discovered a sophisticated new ransomware strain called NailaoLocker that represents a significant departure from conventional encryption malware. This Windows-targeting threat introduces the first documented use of China’s SM2 cryptographic standard in ransomware operations, marking a notable shift…