A sophisticated evolution of the GodFather banking malware has emerged, introducing a groundbreaking attack methodology that exploits on-device virtualization to compromise legitimate mobile applications. This advanced threat represents a significant departure from traditional overlay attacks, creating complete isolated virtual environments…
Tag: Cyber Security News
Tesla Wall Connector Charger Hacked Through Charging Port in 18-Minute Attack
Tesla’s popular Wall Connector home charging system was exploited during the January 2025 Pwn2Own Automotive competition, demonstrating how attackers could gain control of the device through the charging cable itself. The groundbreaking attack targeted the Tesla Wall Connector Gen 3,…
New Sophisticated Attack Exploits Google App Passwords to Bypass Multi-Factor Authentication
A sophisticated Russian state-sponsored cyber operation has successfully exploited Google’s App-Specific Password (ASP) feature to bypass multi-factor authentication protections, targeting prominent critics of Russia in a campaign that demonstrates the evolving threat landscape facing high-profile individuals. The attack, attributed to…
Qilin Ransomware Emerges as World’s Top Threat, Demands $50 Million Ransom
Qilin ransomware has rapidly ascended to become the world’s most prevalent ransomware threat, accumulating over $50 million in ransom payments throughout 2024 alone. Originally developed as ‘Agent’ in 2022 and later recorded in the Rust programming language, this sophisticated malware…
Silver Fox APT Using Weaponized Medical Software to Deploy Remote Access Tools & Disable AV
A sophisticated China-based advanced persistent threat group known as Silver Fox has emerged as a significant cybersecurity concern, leveraging trojanized medical software to infiltrate healthcare organizations and public sector entities. Active since 2024, this state-sponsored group has demonstrated advanced capabilities…
North Korean Hackers Using Weaponized Calendly and Google Meet Link to Deliver Malware
A sophisticated North Korean Advanced Persistent Threat (APT) group has been identified deploying malware through weaponized meeting scheduling platforms, targeting cryptocurrency organizations with an elaborate social engineering campaign that combines deepfake technology, legitimate meeting tools, and advanced macOS malware. The…
100,000+ WordPress Sites Exposed to Privilege Escalation Attacks via MCP AI Engine
A critical security vulnerability has emerged in the WordPress ecosystem, exposing over 100,000 websites to privilege escalation attacks through the AI Engine plugin’s Model Context Protocol (MCP) implementation. The vulnerability, designated CVE-2025-5071 with a high CVSS rating of 8.8, affects…
jQuery Migrate Library Silently Compromised to Steal Logins Using Parrot Traffic Direction System
A sophisticated supply chain attack has emerged that weaponizes the trusted jQuery Migrate library to deliver stealthy malware capable of harvesting user credentials and session data. Security researchers discovered this campaign after investigating unusual online behavior from a senior executive…
Gamers Under Attack! Fake Minecraft Mods Allow Attackers to Control Your System
The gaming community faces a sophisticated new threat as cybercriminals exploit the massive popularity of Minecraft to distribute advanced malware through fake modifications. With over 200 million monthly active players and more than 1 million users actively involved in modding,…
60+ GitHub Repositories Exploited to Store Windows-Based Payloads to Steal Sensitive Data
A sophisticated supply chain attack campaign has emerged targeting software developers through the exploitation of over 60 GitHub repositories containing trojanized Python files designed to steal sensitive Windows-based data. The threat actor, known as Banana Squad, has demonstrated remarkable stealth…