Ethereum transaction
Security researchers have exposed a new laundering technique used by North Korean threat actors: EtherHiding. This scheme conceals blockchain-based infrastructure behind onion domains and delivers infrastructure updates via cleverly encoded Ethereum transactions. By embedding configuration commands within seemingly benign smart contract interactions, attackers avoid detection and complicate takedown efforts. How EtherHiding Works Infrastructure setup: The […]
Over 269,000 F5 Devices Exposed
A recent study found that more than 269,000 F5 devices (load balancers, application delivery controllers, SSL/TLS proxies, etc.) are exposed on the public internet – many with misconfigurations, default settings, or known vulnerabilities. This situation presents a sizable risk: as gateway appliances, exposed F5 systems can become a primary route for attackers to intercept, manipulate, […]
Qilin Ransomware’s New Tactic
In recent months, the Qilin ransomware group has evolved its operations to rely heavily on ghost bulletproof hosting-a resilient infrastructure built to resist takedown efforts and evade attribution. This development marks a shift in RaaS (Ransomware as a Service) strategy, enabling Qilin to sustain extortion campaigns with much greater persistence. What’s different this time? Bulletproof […]
Critical Apache ActiveMQ Flaw
A newly disclosed vulnerability in Apache ActiveMQ exposes a dangerous path for remote code execution. Known as CVE-2025-49949, it stems from insecure deserialization of JMS message content, which allows attackers to supply crafted payloads that breach the JVM sandbox and execute arbitrary code. () Given ActiveMQ’s widespread use in message-driven architectures, microservices, and enterprise integration […]
Developer Tools Turn Hostile
A threat actor known as TigerJack has quietly infiltrated developer marketplaces with at least 11 malicious Visual Studio Code extensions, infecting thousands of developers and siphoning valuable source code. Two extensions alone, C++ Playground and HTTP Format, reached more than 17,000 installs before Microsoft removed them. Variants remain on alternative marketplaces such as OpenVSX, keeping […]
Windows 10 Reaches End of Free Support
On October 14, 2025, Microsoft will officially end free support for Windows 10. This means no more free security updates, feature patches, or technical assistance for devices running Windows 10. While the operating system will continue to run, the lack of ongoing security updates will make it increasingly vulnerable to new exploits, malware, and cyberattacks. […]
OpenAI and Sora to Harvest Credentials
A recent phishing campaign is exploiting users’ trust in popular AI services by impersonating OpenAI and the new Sora portals. Attackers send convincing account alerts that direct recipients to fake login pages. Once credentials are entered, a stealthy JavaScript loader runs inside the browser, captures the credentials, exfiltrates them to a command-and-control server, then redirects […]
RondoDox Botnet Escalates
The Latest Intelligence Researchers are raising alarm over the RondoDox botnet, which has aggressively expanded its arsenal to exploit more than 50 security flaws across 30+ vendors. This “exploit shotgun” approach targets a wide range of internet-facing devices-from routers and DVRs to CCTV systems and web servers. Originally observed in mid-2025 via attacks against TP-Link […]
Stealit Malware
Cybersecurity researchers are sounding the alarm over a sophisticated malware campaign dubbed Stealit, which is actively targeting Windows systems. The threat leverages Node.js’s Single Executable Application (SEA) feature to disguise its payloads-allowing it to run on machines without requiring a full Node.js runtime installation. Stealit is being distributed via fake installers masquerading as popular games […]
Windows 11 “Update and Shut Down”
What Was the Issue? Microsoft has addressed a longstanding flaw in Windows 11 where the “Update and Shut Down” option often failed to power off the PC as promised. Instead of shutting down, the system would apply updates and reboot-leaving the machine running unexpectedly. This behavior emerged soon after the release of Windows 11 and […]