London Councils Hit by Cyberattack
Recent reports have revealed that several councils in West London, including Kensington and Chelsea, Westminster, and Hammersmith & Fulham, experienced significant disruptions to their IT systems and phone lines due to a cyberattack. The root cause appears to be linked to a shared service provider that supplies IT infrastructure to all three councils. This incident […]
ShadowV2 Botnet
A newly uncovered malware variant, ShadowV2, is rapidly expanding across vulnerable IoT environments, targeting unpatched devices to assemble a powerful botnet capable of high-volume DDoS attacks. According to recent research, the operation focuses on exploiting long-standing weaknesses in consumer and enterprise routers, IP cameras, NVRs, and other IoT systems. ShadowV2 is a modern evolution of […]
Malicious Chrome Extension Targeting Solana Users: Critical Security Alert
A malicious Chrome extension disguised as “Crypto Copilot” has been identified stealing funds from Solana users by injecting unauthorized SOL transfer instructions into legitimate wallet transactions. Although it appeared legitimate on the Chrome Web Store, the extension performed hidden operations that allowed attackers to drain tokens directly from user wallets. The extension functioned like a […]
WormGPT 4 and KawaiiGPT
Security researchers have uncovered a disturbing new trend: cybercriminals are marketing lifetime or free access to AI tools designed specifically to facilitate hacking, phishing, and ransomware campaigns. The tools in question – WormGPT 4 and KawaiiGPT – grant even non-skilled actors a high-powered “shortcut” into malicious operations. What Are WormGPT 4 and KawaiiGPT WormGPT 4 […]
YAMAGoya: Open-Source Tool
Modern threats have evolved far beyond static malware files. Today’s adversaries rely on fileless malware, obfuscation, and memory-resident techniques that easily bypass traditional antivirus tools. To counter these stealthy behaviors, JPCERT/CC has released YAMAGoya, an open-source endpoint monitoring tool that combines Sigma and YARA rules for real-time detection. YAMAGoya integrates Windows Event Tracing (ETW) with […]
ShadowMQ and Other Critical RCE Flaws
Researchers have identified a worrying class of remote code execution (RCE) vulnerabilities across multiple AI inference engines. These flaws affect major AI serving platforms-from Meta’s Llama to NVIDIA Triton and open-source inference systems—raising serious risks around model theft, persistent compromise, and infrastructure hijacking. What’s the Core Issue? The root cause is a pattern dubbed ShadowMQ, […]
RondoDox Botnet Exploits Unpatched
Security researchers have confirmed that the RondoDox botnet, a global threat actor known for IoT-based exploitaiton and DDoS infrastructure, is now actively leveraging unpatched vulnerabilities in XWiki installations to expand its reach and control. How the Exploit Works RondoDox operators scan for internet-accessible XWiki instances that are running outdated or vulnerable software versions. Exploiting these […]
Operation Endgame
An unprecedented international strike under Operation Endgame has delivered one of the most significant blows yet to cyber-crime infrastructure. Coordinated by Europol, Eurojust and partner agencies, the operation disrupted the backend of major malware platforms such as Rhadamanthys (an infostealer), VenomRAT (a remote-access trojan) and Elysium (a large-scale botnet). Key Facts The latest phase resulted […]
English-Speaking Cybercriminal Ecosystem
A comprehensive analysis reveals how the underground English-language cybercriminal network, known colloquially as The COM, has transformed from scattered forums trading social-media handles into a fully-fledged industrialised illicit economy. Evolution of The COM The origins of The COM trace back to forums like Dark0de, RaidForums and OGUsers, where early-adopters traded usernames, SIM-swap tools and account […]
Critical Amazon WorkSpaces for Linux Vulnerability
A new vulnerability identified in Amazon WorkSpaces Client for Linux (versions 2023.0 through 2024.8) has raised serious concerns across enterprises relying on cloud-based virtual desktop environments. Tracked as CVE-2025-12779, this flaw could allow unauthorized local users to extract authentication tokens, effectively granting them access to other users’ virtual desktops – a direct compromise of sensitive […]