ShadyPanda Takes its Time to Weaponize Legitimate Extensions
ShadyPanda has been playing the long game. Over the last seven years, the group has been uploading malicious extensions on...
been
Silver Fox Uses Fake Microsoft Teams Installer to Spread ValleyRAT Malware in China
The threat actor known as Silver Fox has been spotted orchestrating a false flag operation to mimic a Russian threat...
GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections
Cybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting...
Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution
Dec 03, 2025Ravie LakshmananVulnerability / Cloud Security A maximum-severity security flaw has been disclosed in React Server Components (RSC) that,...
Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code
Dec 03, 2025Ravie LakshmananMachine Learning / Vulnerability Three critical security flaws have been disclosed in an open-source utility called Picklescan...
ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware
A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3...
New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control
A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model to offer a "full spectrum" of...
Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets
Dec 01, 2025Ravie LakshmananMalware / Threat Intelligence The threat actor known as Tomiris has been attributed to attacks targeting foreign...
OpenAI data may have been exposed after a cyberattack on analytics firm Mixpanel
OpenAI data may have been exposed after a cyberattack on analytics firm Mixpanel Pierluigi Paganini November 27, 2025 OpenAI warns...
ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories
Nov 27, 2025Ravie LakshmananCybersecurity / Hacking News Hackers have been busy again this week. From fake voice calls and AI-powered...
For the first time, a RomCom payload has been observed being distributed via SocGholish
For the first time, a RomCom payload has been observed being distributed via SocGholish Pierluigi Paganini November 26, 2025 RomCom...
Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim ‘Korean Leaks’ Data Heist
South Korea's financial sector has been targeted by what has been described as a sophisticated supply chain attack that led...
ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens
Nov 25, 2025Ravie LakshmananMalware / Vulnerability The threat actor known as ToddyCat has been observed adopting new methods to obtain...
Modernizing trust: How UADY transformed campus security with Sophos
At the Autonomous University of Yucatán (UADY), technology has long been central to supporting academic excellence. As the university expanded...
APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains
A China-nexus threat actor known as APT24 has been observed using a previously undocumented malware dubbed BADAUDIO to establish persistent...
