Phantom Stealer Campaign Abuses ISO Mounting to Compromise Windows Systems
A new phishing campaign is actively targeting Windows environments using malicious ISO files as the primary delivery vector. The operation deploys Phantom Stealer, a highly capable information stealing malware designed for credential theft, financial fraud and silent persistence. This activity is not random. The campaign is organized, intentional and operationally mature, with a clear focus on finance […]
Apple Patches Two WebKit Zero Days Actively Exploited in Sophisticated Attacks
Apple has released emergency security updates across its entire ecosystem after confirming that two WebKit vulnerabilities were actively exploited in highly targeted attacks. These flaws impacted any Apple device rendering web content, including Safari and every browser on iOS and iPadOS. Anyone running an unpatched device was at risk. The Vulnerabilities Explained Apple addressed two […]
Shai-Hulud Worm Rises Again: A Supply-Chain Threat That Just Got Worse
A menacing piece of self-replicating malware known as the Shai-Hulud worm has re-emerged, and this time its reach is more destructive than ever. First seen earlier this year in NPM packages, the worm now appears in a stronger variant that runs malicious code even before installation finishes, dramatically widening its potential impact. Researchers at Wiz have discovered […]
AI Clusters Hijacked: How ShadowRay 2.0 Transforms Ray Infrastructure Into a Global Crypto Botnet
A critical security campaign called ShadowRay 2.0 is turning exposed AI infrastructure into a crypto-mining nightmare. Attackers are exploiting a long-known, but persistently unpatched, vulnerability in the open-source Ray framework, weaponizing AI clusters especially those with NVIDIAGPUs for self-replicating cryptojacking and broader malicious activity. What Is ShadowRay 2.0 The root issue is CVE-2023–48022, a high-severity bug (CVSS 9.8) […]
Wireshark Crash Risk: Malformed Packets Expose Network Analyzer to Denial-of-Service
Wireshark, the widely used network protocol analyzer, is facing renewed scrutiny after serious vulnerabilities were highlighted in recent versions. Attackers can crash the application by sending specially crafted malformed packets or by tricking users into opening malicious capture files. What’s Going On · A critical buffer-handling bug (tracked as CVE-2025–5601) affects several Wireshark versions (notably 4.4.0 […]
Fake Job Platforms Targeting AI Developers Are Becoming a New Threat
A growing threat is targeting AI developers in the United States, and it is taking the form of fake job platforms operated by North Korean groups. These platforms are designed to look legitimate. They promise work opportunities, freelance projects and attractive remote roles. Behind the scenes, attackers use these interactions to gather sensitive information, gain […]
When OAuth Tokens Turn Toxic: How ShinyHunters Exploited Gainsight to Steal Data from 200+ Companies
In a troubling development for cloud security, threat actors tied to ShinyHunters claim they have accessed sensitive Salesforce data from more than 200 organizations, by exploiting a third-party integration with Gainsight. This incident underscores the rising danger posed by supply-chain attacks on SaaS ecosystems. What Happened According to Google’s Threat Intelligence team, malicious actors gained access to Salesforce […]
Critical Oracle E-Business Suite Zero-Day Exposed in Clop Ransomware Attack on Broadcom
In a worrying turn of events, the notorious Clop ransomware group has reportedly breached Broadcom’s systems by exploiting a critical zero-day vulnerability in Oracle’s E-Business Suite (EBS). This incident underscores how even enterprise-grade ERP platforms can become attack vectors and why organizations must stay vigilant and responsive. What Happened · The vulnerability in question is CVE-2025–61882, which affects […]
When Trusted Sites Turn Malicious: How APT24’s ‘BadAudio’ Is Redefining Cyber Espionage
In a deeply concerning cyber-espionage campaign, a China-linked threat actor known as APT24 has been deploying a previously unknown malware called BadAudio by compromising real, legitimate public websites. The implications for enterprises everywhere are serious and highlight how attackers are constantly innovating their tactics. Here’s a breakdown of what’s happening, why it matters, and how organizations can […]
GenAI Is Empowering Cybercriminals to Create More Believable Scams
Generative AI is not just transforming how we build software and create content it’s also being adopted by cybercriminals to design more convincing social engineering attacks. Today’s scammers are using AI tools to craft phishing messages, fake identity profiles, and even custom voice clones to trick victims out of sensitive information and money. Why GenAI […]