Tag JavaScript

Chinese APT24 Unveils Custom Malware and Innovative Stealth Tactics

Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Government Three-Year Espionage Campaign Targets Taiwanese Firms Akshaya Asokan (asokan_akshaya) • November 21, 2025 (Image: Shutterstock) Security researchers have uncovered a multi-year espionage operation attributed to a hacking group with suspected ties to the Chinese government. This sustained campaign, lasting three years,…

Read MoreChinese APT24 Unveils Custom Malware and Innovative Stealth Tactics

TrueFire Guitar Tutoring Website Hit by Magecart-Style Credit Card Breach

Online guitar education platform TrueFire has reportedly experienced a significant data breach involving a “Magecart” style attack. This incident raises concerns over the potential exposure of sensitive customer information, including personal and payment card details. TrueFire, a leading online resource for guitar enthusiasts with over one million registered users, grants…

Read MoreTrueFire Guitar Tutoring Website Hit by Magecart-Style Credit Card Breach

Hackers Exploit Google Analytics to Bypass Web Security and Steal Credit Card Information

Hackers Exploit Google Analytics to Steal Credit Card Information from E-commerce Sites Cybersecurity experts have unveiled a serious threat affecting e-commerce platforms, where hackers are leveraging Google Analytics to siphon credit card information from unsuspecting users. This alarming trend was reported by industry leaders, including PerimeterX, Kaspersky, and Sansec, highlighting…

Read MoreHackers Exploit Google Analytics to Bypass Web Security and Steal Credit Card Information

OkCupid Dating App Vulnerabilities Could Have Allowed Hackers to Access Your Private Messages

Security Flaws Discovered in OkCupid Expose User Data Risks Recent cybersecurity investigations have revealed significant vulnerabilities in the well-known online dating platform OkCupid. These weaknesses have the potential to allow malicious actors to surveil users’ private data or take unauthorized actions within compromised accounts. In a report shared with The…

Read MoreOkCupid Dating App Vulnerabilities Could Have Allowed Hackers to Access Your Private Messages

Russia’s APT28 Utilizes Windows Print Spooler Vulnerability to Deploy ‘GooseEgg’ Malware

A recent cyber threat has emerged, linked to the nation-state group known as APT28, which has exploited a vulnerability in the Microsoft Windows Print Spooler service to distribute a custom malware variant named GooseEgg. This security flaw, tracked as CVE-2022-38028, received a high CVSS score of 7.8 and has been…

Read MoreRussia’s APT28 Utilizes Windows Print Spooler Vulnerability to Deploy ‘GooseEgg’ Malware

Hackers Leverage Roundcube Webmail XSS Flaw to Capture Login Credentials

An emerging cybersecurity threat has surfaced, centered around the exploitation of a recently patched vulnerability in the open-source Roundcube webmail software. This vulnerability has been targeted as part of a phishing campaign aimed at stealing user credentials from various organizations. The cybersecurity firm Positive Technologies reported the discovery of a…

Read MoreHackers Leverage Roundcube Webmail XSS Flaw to Capture Login Credentials

AWS Cloud Development Kit Vulnerability Poses Risk of Potential Account Takeover for Users

Security Vulnerability Discovered in AWS Cloud Development Kit Cybersecurity researchers have unveiled a significant vulnerability within the Amazon Web Services (AWS) Cloud Development Kit (CDK), which may allow for account takeovers under certain conditions. The findings, disclosed by Aqua researchers Ofek Itach and Yakir Kadkoda, indicate that an attacker could…

Read MoreAWS Cloud Development Kit Vulnerability Poses Risk of Potential Account Takeover for Users

Hackers Utilize Morse Code in Phishing Attacks to Bypass Detection

Microsoft has reported a sophisticated year-long phishing campaign characterized by a remarkable ability to evade detection. The attackers exhibited a pattern of altering their obfuscation and encryption strategies approximately every 37 days, employing various techniques, including Morse code, to obscure their activities while extracting user credentials. The phishing attempts typically…

Read MoreHackers Utilize Morse Code in Phishing Attacks to Bypass Detection

Opera Browser Addresses Major Security Flaw That Could Have Compromised Your Data

Security Flaw in Opera Browser Exposed Users to Potential Attacks A recently patched vulnerability in the Opera web browser posed a serious threat by allowing malicious extensions to gain unauthorized access to private APIs. This flaw, dubbed CrossBarking by Guardio Labs, could have enabled attackers to perform a variety of…

Read MoreOpera Browser Addresses Major Security Flaw That Could Have Compromised Your Data