-
Socket’s Threat Research Team has uncovered a sprawling phishing campaign—dubbed “Beamglea”—leveraging 175 malicious npm packages that have amassed over 26,000 downloads. These packages serve solely as hosting infrastructure, redirecting victims to cre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in GitHub Copilot Chat, rated 9.6 on the CVSS scale, could have allowed attackers to exfiltrate source code and secrets from private repositories silently. The exploit combined a novel prompt injection technique with a clever bypass of GitHub’s Content Security Policy (CSP), granting the attacker significant control over a victim’s Copilot instance, […] The post Critical GitHub Copilot Vulnerability Let Attackers Exfiltrate Source Code From Private Repos appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
LLM-enabled malware poses new challenges for detection and threat hunting as malicious logic can be generated at runtime rather than embedded in code. Our research discovered hitherto unknown samples, and what may be the earliest example known to date …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical weakness in GitHub Copilot Chat discovered in June 2025 exposed private source code and secrets to attackers. Rated CVSS 9.6, the vulnerability combined a novel Content Security Policy bypass with remote prompt injection. By embedding hidden…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated Android spyware campaign dubbed ClayRat has emerged as one of the most concerning mobile threats of 2025, masquerading as popular applications including WhatsApp, Google Photos, TikTok, and YouTube to infiltrate devices and steal sensitive user data. The malware demonstrates remarkable adaptability and persistence, with threat actors continuously evolving their tactics to bypass security […] The post New Android Malware ClayRat Mimic as WhatsApp, Google Photos to Attack Users appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
RondoDox Botnet Targets Over 50 Vulnerabilities to Compromise Routers, CCTV Systems, and Web Servers
The RondoDox campaign’s “exploit shotgun” method leverages over 50 vulnerabilities across more than 30 vendors to infiltrate network devices, highlighting the urgent need for rapid patching and continuous monitoring. The first detected RondoDox intrusi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have identified what is believed to be the earliest known instance of malware that leverages a Large Language Model (LLM) to generate malicious code at runtime. Dubbed ‘MalTerminal’ by SentinelLABS, the malware uses OpenAI’s GPT-4 to dynamically create ransomware code and reverse shells, presenting a new and formidable challenge for detection and threat […] The post LLM-enabled MalTerminal Malware Leverages GPT-4 to Generate Ransomware Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ClayRat, a rapidly evolving Android spyware campaign, has surged in activity over the past three months, with zLabs researchers observing more than 600 unique samples and 50 distinct droppers. Primarily targeting Russian users, the malware masquerades …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Emerging from a recent wave of targeted campaigns, SnakeKeylogger has surfaced as a potent infostealer that capitalizes on PowerShell and social engineering. The malware’s operators craft convincing spear-phishing e-mails under aliases such as “CPA-Payment Files,” impersonating reputable financial and research firms. Recipients encounter ISO or ZIP attachments containing a seemingly innocuous BAT script. Once executed, […] The post SnakeKeylogger via Weaponized E-mails Leverage PowerShell to Exfiltrate Sensitive Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Gladinet CentreStack and Triofox have come under active attack as threat actors exploit an unauthenticated local file inclusion flaw (CVE-2025-11371). The flaw lets attackers read sensitive files without logging in. Once they grab the machine key, they…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶