-
Between June and December 2025, a state-sponsored threat group known as Lotus Blossom quietly hijacked the official hosting infrastructure used to deliver Notepad++ updates, turning a trusted developer tool into a precision espionage delivery channel. …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released an urgent security update for the Chrome desktop web browser to address a severe high-severity vulnerability that is currently being exploited in the wild. The search giant rolled out the fix on Friday, updating the Stable channel t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The landscape of malware analysis has taken a significant leap forward with the official release of REMnux v8. This popular Linux toolkit, which has served the security community for fifteen years, has been updated to address modern threats and integra…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An ongoing wave of phishing campaigns exploiting fake meeting invites from popular video conferencing platforms, including Zoom, Microsoft Teams, and Google Meet. The attacks use social engineering to lure corporate users into downloading malicious “so…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed critical flaw, CVE-2025-64712 (CVSS 9.8), in Unstructured.io’s “unstructured” ETL library could let attackers perform arbitrary file writes and potentially achieve remote code execution (RCE) on systems that process untrusted document…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A long-running Chrome extension malware campaign has silently hijacked more than 500,000 VKontakte (VK) accounts, forcing users into attacker-controlled groups, resetting their settings every 30 days, and abusing VK’s own infrastructure as command-and-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
As AI tools like ChatGPT, Claude, Gemini, and Grok gain mainstream adoption, cybercriminals are weaponizing their popularity to distribute malicious browser extensions. Security researchers have uncovered a coordinated campaign involving 30 Chrome exte…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in the popular Notepad++ text editor to its Known Exploited Vulnerabilities catalog, warning users of a flaw that could allow attackers to execute malicious …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
XWorm, a multi-functional .NET‑based RAT first observed in 2022, remains actively traded across cybercrime marketplaces and continues to attract both low-skilled and advanced operators thanks to its rich feature set and plugin-based architecture. Once …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The OpenClaw team has officially released version 2026.2.12, a comprehensive update focused heavily on security hardening and architectural stability. This release addresses over 40 security vulnerabilities and stability issues, marking a significant m…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
