APT Poses as Tech Recruiter
A New Breed of Social Engineering Threat A recent investigation has exposed a sophisticated cyber-espionage campaign led by the North Korean-linked group Famous Chollima (APT 37). The group is targeting job seekers-especially software developers and crypto professionals-by impersonating recruiters from well-known companies and delivering malicious payloads disguised as technical assessments. Victims receive seemingly legitimate interview invitations […]
15,000+ Fake TikTok
A Sophisticated Hybrid Scam Uncovered Cybersecurity researchers recently uncovered a large-scale phishing and malware campaign targeting TikTok Shop users, known as FraudOnTok (previously ClickTok). The operation involves over 15,000 fake domains impersonating TikTok Shop to spread malware and steal cryptocurrency. These malicious websites are promoted using AI-generated influencer videos, fraudulent ads on Meta platforms, and […]
Perimeter at Risk: Akira
A Rising Threat at the Network Edge On August 4, 2025, cybersecurity researchers confirmed that the Akira ransomware group has launched a coordinated campaign targeting SonicWall SSL VPN appliances. By exploiting either unpatched vulnerabilities or misconfigured security settings, attackers have successfully bypassed authentication controls and deployed ransomware across sectors like healthcare, education, law, logistics, and […]
BitLocker COM Exploit
A Silent Leap Across the Network A new lateral movement technique has emerged-one that doesn’t rely on malware, scripts, or traditional exploitation. Instead, it leverages a legitimate, trusted interface: BitLocker’s Component Object Model (COM), triggered through Windows Management Instrumentation (WMI). This method allows attackers to execute commands remotely under the context of the logged-in user, […]
CurXecute: AI Dev Tool Risk
On August 4, 2025, researchers disclosed a critical flaw in Cursor IDE, a popular AI-driven development environment. The vulnerability-CurXecute (CVE-2025-54135)-enables Remote Code Execution (RCE) without any user interaction. It’s a stark reminder of how fast the attack surface is expanding due to AI integration in software development. What Happened? Cursor’s Model Context Protocol (MCP) was […]
Plague Targets Linux SSH
A newly discovered Linux malware strain, dubbed Plague, poses an unprecedented risk to enterprise environments. It embeds as a deceptive Pluggable Authentication Module (PAM) within Linux systems, enabling silent and persistent SSH access without triggering antivirus detection. The Threat: Deep System Compromise Security researchers from Nextron Systems identified Plague as a malicious PAM module that […]
SafePay Hits 260 Victims
A dramatic surge in ransomware activity has emerged in 2025. The SafePay group-first observed in late 2024-has quietly established itself as one of the most aggressive ransomware operations currently active. With more than 260 known victims across the US, Europe, APAC, and Latin America, SafePay is now leveraging double-extortion tactics-encrypting data and threatening to leak […]
Pi-hole Plugin Breach Risk
A recent security breach involving Pi-hole, a popular network-level ad blocker, has reignited concerns about the risks posed by third-party WordPress plugins. The incident, traced back to a vulnerability in the GiveWP plugin, exposed sensitive donor information, highlighting the growing threat landscape facing open-source and nonprofit platforms. The Breach: What Happened? Pi-hole’s donation platform-hosted via […]
Global Espionage via ISP Hack
Cyber espionage has entered a new era’one where attackers are no longer satisfied with targeting software or end users alone. Instead, they are compromising the very infrastructure that connects the world: internet service providers. A recent wave of attacks targeting embassies in Europe and the Middle East highlights a disturbing trend. Russian-based threat actors have […]
Crypto Con Game Exposed
In one of the most sophisticated cybercrime campaigns of the year, state-sponsored actors from North Korea are suspected to be behind a wave of cryptocurrency thefts targeting cloud environments, blockchain networks, and unsuspecting professionals. This campaign seamlessly combines social engineering, cloud account compromise, and custom malware deployment-a dangerous triad now becoming a playbook for modern […]