Shai-Hulud Worm Rises Again: A Supply-Chain Threat That Just Got Worse
A menacing piece of self-replicating malware known as the Shai-Hulud worm has re-emerged, and this time its reach is more destructive than ever. First seen earlier this year in NPM packages, the worm now appears in a stronger variant that runs malicious code even before installation finishes, dramatically widening its potential impact. Researchers at Wiz have discovered […]
AI Clusters Hijacked: How ShadowRay 2.0 Transforms Ray Infrastructure Into a Global Crypto Botnet
A critical security campaign called ShadowRay 2.0 is turning exposed AI infrastructure into a crypto-mining nightmare. Attackers are exploiting a long-known, but persistently unpatched, vulnerability in the open-source Ray framework, weaponizing AI clusters especially those with NVIDIAGPUs for self-replicating cryptojacking and broader malicious activity. What Is ShadowRay 2.0 The root issue is CVE-2023–48022, a high-severity bug (CVSS 9.8) […]
Wireshark Crash Risk: Malformed Packets Expose Network Analyzer to Denial-of-Service
Wireshark, the widely used network protocol analyzer, is facing renewed scrutiny after serious vulnerabilities were highlighted in recent versions. Attackers can crash the application by sending specially crafted malformed packets or by tricking users into opening malicious capture files. What’s Going On · A critical buffer-handling bug (tracked as CVE-2025–5601) affects several Wireshark versions (notably 4.4.0 […]
Fake Job Platforms Targeting AI Developers Are Becoming a New Threat
A growing threat is targeting AI developers in the United States, and it is taking the form of fake job platforms operated by North Korean groups. These platforms are designed to look legitimate. They promise work opportunities, freelance projects and attractive remote roles. Behind the scenes, attackers use these interactions to gather sensitive information, gain […]
When OAuth Tokens Turn Toxic: How ShinyHunters Exploited Gainsight to Steal Data from 200+ Companies
In a troubling development for cloud security, threat actors tied to ShinyHunters claim they have accessed sensitive Salesforce data from more than 200 organizations, by exploiting a third-party integration with Gainsight. This incident underscores the rising danger posed by supply-chain attacks on SaaS ecosystems. What Happened According to Google’s Threat Intelligence team, malicious actors gained access to Salesforce […]
Critical Oracle E-Business Suite Zero-Day Exposed in Clop Ransomware Attack on Broadcom
In a worrying turn of events, the notorious Clop ransomware group has reportedly breached Broadcom’s systems by exploiting a critical zero-day vulnerability in Oracle’s E-Business Suite (EBS). This incident underscores how even enterprise-grade ERP platforms can become attack vectors and why organizations must stay vigilant and responsive. What Happened · The vulnerability in question is CVE-2025–61882, which affects […]
When Trusted Sites Turn Malicious: How APT24’s ‘BadAudio’ Is Redefining Cyber Espionage
In a deeply concerning cyber-espionage campaign, a China-linked threat actor known as APT24 has been deploying a previously unknown malware called BadAudio by compromising real, legitimate public websites. The implications for enterprises everywhere are serious and highlight how attackers are constantly innovating their tactics. Here’s a breakdown of what’s happening, why it matters, and how organizations can […]
GenAI Is Empowering Cybercriminals to Create More Believable Scams
Generative AI is not just transforming how we build software and create content it’s also being adopted by cybercriminals to design more convincing social engineering attacks. Today’s scammers are using AI tools to craft phishing messages, fake identity profiles, and even custom voice clones to trick victims out of sensitive information and money. Why GenAI […]
CISA Raises Alarm Over Active Google Chrome 0-Day Exploit
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical, actively exploited zero-day vulnerability in Google Chrome. The flaw has been used in real-world attacks, putting users at risk of remote code execution and potential system compromise. What Makes This Chrome Vulnerability Dangerous The vulnerability allows attackers to execute code […]
New 2FA Phishing Kit Uses BitB Technique to Hijack Microsoft Accounts
A sophisticated phishing kit is now targeting Microsoft users, using a method called BitB (Browser-in-the-Browser) to bypass two-factor authentication and steal credentials. This new approach makes the fake login appear as a real pop-up, fooling users who believe they are securely signing into a Microsoft service. What Is the BitB Technique? The BitB technique creates […]