LATEST ARTICLES
TransUnion Data Breach Exposes 4.4 Million U.S. Consumers
TransUnion confirmed a major data breach affecting 4.4 million U.S. consumers, after attackers exploited a Salesforce environment to exfiltrate sensitive records. The breach exposed Social Security numbers (SSNs), personal identifiers, and other data tied to consumer credit files. Google’s Threat Analysis Group (TAG) linked the attack to UNC6395, the same threat group recently observed abusing…
Malicious NPM Packages Stole Chrome User Data on Windows
Security analysts from JFrog have identified eight malicious NPM packages designed to steal sensitive information from Google Chrome users on Windows systems. The discovery highlights a growing risk in the software supply chain, where attackers weaponize widely used developer tools to target unsuspecting users. How the Attack Worked JFrog researchers revealed that the rogue NPM…
Fake Facebook Ads Push Brokewell Spyware to Android Users
Security researchers have uncovered a Facebook malvertising campaign spreading Brokewell spyware to Android devices. The campaign uses fake TradingView ads to lure victims into downloading a trojanized app, which then steals cryptocurrency wallet details, personal data, and other sensitive information. How the Malware Works According to researchers, attackers cloned TradingView branding to distribute a malicious…
macOS Supply Chain Attack “s1ngularity” Steals Thousands of Developer Credentials
Security researchers uncovered a supply chain attack targeting macOS developers that compromised thousands of credentials. The campaign, dubbed “s1ngularity,” exploited versions 20.9.0 to 21.8.0 of Nx, a popular open-source build framework, according to analysis from GitGuardian. The breach highlights the growing overlap between macOS attacks and the broader ecosystem of AI and software development tools,…
AgentFlayer Exploit Targets ChatGPT Connectors to Steal Third-Party App Data
Security researchers just dropped a bombshell about ChatGPT’s newest feature – the AgentFlayer exploit can silently steal your sensitive data from Google Drive, SharePoint, and other connected services without you even knowing it happened. This zero-click attack uses “poisoned” documents loaded with hidden prompt injections that trick ChatGPT into exfiltrating files and personal information from…
Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims
The Chaos RaaS operation has emerged from the ashes of the BlackSuit ransomware takedown, with former gang members launching a fresh wave of attacks targeting American businesses. Law enforcement’s seizure of BlackSuit’s dark web infrastructure didn’t eliminate the threat – it just forced these cybercriminals to rebrand and adapt their ransomware tactics. The timing couldn’t…
Scattered Spider Attack Targets VMware ESXi with Ransomware
Google’s threat intelligence team dropped alarming details this week about a massive Scattered Spider attack campaign targeting VMware ESXi hypervisors across American corporate networks. The notorious cybercriminal group has been systematically launching ransomware attacks against retail chains, airlines, and insurance companies, using nothing more than smooth-talking phone calls to IT help desks. What makes this…
Soco404 Crypto Miner Targets AWS and Azure in New Cloud Attacks
On July 27, 2025, researchers uncovered Soco404, a stealthy crypto mining malware abusing AWS and Azure misconfigurations to hijack cloud resources. By embedding malicious scripts in fake 404 error pages, the Soco404 crypto miner quietly mines Monero using stolen computing power. This campaign adds to the growing wave of crypto mining malware, highlighting a key…
Gunra Ransomware Mimics Conti in Global Windows Attacks
Gunra ransomware has drawn the attention of cybersecurity researchers for its alarming resemblance to Conti, a now-defunct ransomware-as-a-service (RaaS) operation dismantled in 2022. Experts believe Gunra’s developers may be repurposing Conti’s leaked codebase, long circulated across cybercrime forums. Its behavior—automated encryption, shadow copy deletion, and nearly identical ransom notes—mirrors Conti’s aggressive style. Once deployed, Gunra…
Malware in Fake GitHub Repos Harvests Crypto Wallet Credentials
An investigation on July 26, 2025 uncovered a widespread campaign involving fake GitHub repositories distributing malware strains such as RedLine and DeerStealer, designed to harvest cryptocurrency wallet credentials. The open source malware operation infiltrated developers and investors seeking blockchain tools—and leveraged open source software security gaps to propagate the malware. This incident raises significant questions…
Allianz Life Insurance Data Breach Exposes 1.4M in Sophisticated Vendor Attack
Fake Banking Apps Surge as Phishing Apps Target Financial Credentials
The AI researchers identified a surge on July 26, 2025 in malicious applications impersonating prominent financial institutions, launching a wave of phishing apps aimed at stealing customer login information. Victims across multiple countries reported unauthorized transactions within hours of installing the fake software, calling attention to a spike in banking fraud facilitated by stealthy cyber…
