CISA says Microsoft Office and HPE OneView flaws exploited in the wild
At the time of writing, there are no confirmed public reports about attacks exploiting the above-mentioned vulnerabilities.
Cybersecurity News - Page 33
AI-powered VS Code forks expose developers to extension supply chain risks
Popular AI-powered forks of VS Code have been found to recommend extensions that do not exist in the Open VSX registry.
Malicious Chrome extensions caught stealing ChatGPT and DeepSeek conversations
The malicious add-ons masquerade as legitimate AI sidebar tools.
RCE flaw in legacy D-Link DSL gateway devices actively exploited in the wild
The vulnerability enables unauthenticated RCE by allowing attackers to inject and run shell commands on exposed devices.
Threat actor allegedly sells corporate data linked to cloud file-sharing breaches
Hudson Rock says initial access was likely obtained using credentials harvested by infostealers like RedLine, Lumma, and Vidar.
Russian hackers target European hospitality industry with fake BSoD malware
The campaign, dubbed ‘PHALT#BLYX,’ begins with phishing emails posing as reservation cancellations from popular hotel booking platforms.
Kimwolf Android botnet infects over 2M devices via residential proxies
Kimwolf is believed to be an Android variant of AISURU and may be behind a series of record-setting DDoS attacks late last year.
Russia-linked hackers target Ukraine via Viber malware campaign
The group has maintained “high-intensity intelligence gathering activities” against Ukrainian institutions throughout 2025.
Trust Wallet links $8.5M browser extension hack to industry-wide Sha1-Hulud attack
The attackers gained access after Trust Wallet’s developer GitHub secrets were exposed.
New APT37’s Artemis campaign using trojanized HWP documents
The operation uses social engineering and technical evasion techniques, delivering malware through trojanized HWP documents.
Showing elements 321 - 330