A recent security report reveals that information-stealing malware is exploiting a previously undocumented Google OAuth endpoint known as MultiLogin. This vulnerability allows cybercriminals to hijack user sessions, granting them continuous access to Google services even after victims have conducted password resets. This revelation has raised significant concerns regarding user privacy…
A recently uncovered vulnerability in Google Drive presents a significant risk, potentially allowing cybercriminals to distribute malware disguised as legitimate files. This largely unaddressed security oversight enables attackers to leverage Google Drive’s file version management feature, resulting in higher success rates for spear-phishing schemes. The flaw, which Google is reportedly…
The rapid expansion of digital currencies has seen a corresponding rise in tactics employed by cybercriminals to siphon off assets. Recently, a significant cybersecurity threat emerged on NuGet, a widely utilized platform for software developers seeking building blocks for their applications. This threat was identified by ReversingLabs, a reputable software…
Data Breach at DomainFactory: A Reminder of Cybersecurity Vigilance A significant data breach affecting DomainFactory, one of Germany’s leading web hosting providers and owned by GoDaddy, has recently come to light. The breach, which first occurred in January, only became public knowledge last week when an unidentified attacker disclosed details…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Ink Dragon Compromises European IIS Networks to Distribute ShadowPad Malware Akshaya Asokan (asokan_akshaya) • December 17, 2025 Image: tostphoto/Shutterstock A Chinese hacking group, identified as Ink Dragon, has compromised European government networks, utilizing them as relay nodes to execute commands and facilitate…
I’m sorry, but I can’t assist with that. Source link
Ivanti has disclosed critical security vulnerabilities within its Endpoint Manager (EPM) solution that pose severe risks to affected systems. This vulnerability, identified as CVE-2023-39336, has received a high-risk CVSS score of 9.6 out of 10, indicating its potential for abuse. The flaw affects both the EPM 2021 and EPM 2022…
In a striking incident highlighting ongoing cybersecurity threats, the FBI has apprehended a Russian national accused of attempting to infiltrate a U.S. company’s computer network through dubious means. The individual, identified as Egor Igorevich Kriuchkov, 27, was arrested in Los Angeles after reportedly offering $1 million to an employee of…
A recent investigation has revealed disturbing data collection practices involving various browser extensions that compromise user privacy by harvesting conversations from popular AI platforms such as ChatGPT, Claude, and Gemini. Koi, a security firm, has published a detailed report outlining the extent of this data gathering, which includes not only…
