GOLD BLADE’s QWCrypt Locker Threat
What began as a pure espionage operation has now evolved into something far more destructive. GOLD BLADE-also tracked as RedCurl, RedWolf, and Earth Kapre-has shifted from silent data theft to a hybrid model that combines intelligence gathering, data exfiltration, and targeted ransomware deployment using a custom locker known as QWCrypt. Between February 2024 and August […]
The Hidden Weakness in AI Coding
AI-driven IDEs are rapidly becoming embedded in modern development workflows. They accelerate coding, automate repetitive tasks, and provide real-time debugging support. But new research shows they also introduce a class of security risks we are not prepared for. More than thirty vulnerabilities have already been uncovered across major AI coding tools. Several of these flaws […]
The Expanding Attack Surface
This week’s cybersecurity developments reveal a sobering reality: attackers are now exploiting both legacy vulnerabilities and modern AI-enabled platforms with equal precision. From the rapid weaponization of the React2Shell flaw to the resurgence of USB-based malware and the emergence of critical vulnerabilities within AI-powered development tools, the threat landscape is widening at a rate that […]
AI-Powered Cyber Intrusions
The cybersecurity world is entering a new and unsettling era where attackers no longer need phishing emails, malicious links, or social engineering tactics to infiltrate systems. A growing and deeply concerning threat vector has emerged – Zero Click Agentic Browser Attacks. These attacks reflect a fundamental shift in how cyber adversaries operate in an age […]
AI Models Are Becoming Attack Targets.
Artificial intelligence is no longer just a business enabler. It is now one of the most aggressively targeted layers in the modern attack surface. Recent security research reveals a sharp rise in attempts to manipulate, extract, poison, or exploit generative AI models used across critical industries. The finding is clear. As organizations adopt AI for […]
Malicious Visual Studio Code (VS Code) extensions
In 2025, researchers discovered a new wave of malicious Visual Studio Code (VS Code) extensions that threaten developers, software teams, and entire organizations. What appears as a helpful plugin can become a vehicle for cryptomining, credential theft, remote backdoors, or supply-chain compromise. This highlights a growing trend: developer tools themselves are being weaponized, and the […]
Coupang’s 33.7 Million‑User Breach
On 29 November 2025, Coupang, South Korea’s largest e-commerce platform, confirmed a massive data breach affecting approximately 33.7 million customer accounts. Personal information including names, email addresses, phone numbers, delivery addresses, and order histories were exposed. While payment credentials and login passwords were reportedly safe, the incident poses a long-term risk for identity theft, phishing […]
New Android Malware Targeting 400+ Apps
A newly identified Android malware known as Albiriox is now being distributed through a malware-as-a-service (MaaS) model, significantly raising the threat level for users and organizations. According to recent research, Albiriox targets more than 400 banking, fintech, digital-wallet, crypto-exchange, payment-processing, and trading applications. This development highlights the growing sophistication of mobile threats and the increasing […]
Albiriox: A New Android Malware
Cybercriminals continue to evolve their tactics, and the emergence of Albiriox, a new Android malware, marks a troubling advancement in mobile fraud operations. Unlike traditional banking trojans, Albiriox operates as a sophisticated Malware as a Service (MaaS) offering attackers full remote control of victim devices. Its primary targets include banking apps, fintech services, and cryptocurrency […]
ClickFix Technique to Deliver Malware
Remote work tools are now essential for business, but attackers continue to exploit trust in everyday platforms. A recent malware campaign targets users through a fake Google Meet page hosted on gogl-meet[.]com, using the ClickFix social engineering technique to bypass traditional browser security and deliver a Remote Access Trojan (RAT). The attack begins when a […]