Phishing Campaigns Targeting Booking.com Users Raise Security Concerns Recent reports highlight a sophisticated phishing campaign aimed primarily at Windows users, as detailed by cybersecurity experts. The attackers exploit compromised accounts from hotels listed on Booking.com or similar online travel services. By leveraging the sensitive information available in these accounts, they…
Recent developments have emerged concerning a Python-based “self-replicating, polymorphic bot” known as Necro. These upgrades appear designed to enhance its ability to infiltrate vulnerable systems and evade detection. Initially reported earlier this year, the bot now showcases significant modifications, including various command-and-control (C2) communication techniques and the addition of new…
A recent malware campaign has been uncovered, targeting South Korean organizations, specifically attributed to the North Korean hacking group Andariel. This development highlights the ongoing evolution of tactics employed by state-sponsored actors, particularly within the Lazarus Group, which has been consistently adapting its methodologies to enhance operational effectiveness. Kaspersky, a…
Microsoft has announced the release of security updates addressing 118 vulnerabilities in its software suite, two of which have been identified as actively exploited vulnerabilities in the wild. Among these vulnerabilities, three have been classified as Critical, while 113 are rated Important, and two are deemed Moderate. Notably, this Patch…
On October 29, 2025, the notorious Akira ransomware syndicate announced a successful breach of Apache OpenOffice systems, resulting in the theft of an alarming 23 gigabytes of sensitive corporate data. The group is recognized for its aggressive double-extortion tactics, including the threat to publicly release the stolen information if a…
New Vulnerability Risks Driver Signature Enforcement on Windows Systems A recently uncovered attack method exposes vulnerabilities in Microsoft’s Driver Signature Enforcement (DSE) on fully updated Windows systems, enabling potential OS downgrade attacks. This breakthrough allows cybercriminals to load unsigned kernel drivers, paving the way for the deployment of custom rootkits.…
Researchers have identified that two critical vulnerabilities in Windows operating systems are currently being exploited in widespread cyberattacks. One of these vulnerabilities is a zero-day flaw that has remained active since 2017, while the second is a significant bug that Microsoft has struggled to patch effectively. The zero-day vulnerability was…
The Akira ransomware group has announced a breach of Apache OpenOffice, claiming to have stolen 23GB of sensitive data. For context, Apache OpenOffice is a widely recognized free and open-source office suite created by the Apache Software Foundation, offering tools that serve as alternatives to Microsoft Office on platforms like…
Security Flaws Discovered in Ollama AI Framework Recent disclosures by cybersecurity researchers have revealed six vulnerabilities within the Ollama artificial intelligence (AI) framework, a tool enabling users to deploy large language models (LLMs) locally on multiple operating systems, including Windows, Linux, and macOS. These vulnerabilities present significant risks, allowing potential…
