-
A new threat has emerged in the Solana trading community. Security researchers have discovered a malicious Chrome extension named Crypto Copilot that appears to offer convenient trading features but secretly siphons cryptocurrency from users during transactions. Published on the Chrome Web Store on June 18, 2024, the extension has managed to remain available while quietly […] The post Malicious Chrome Extension Silently Steal and Injects Hidden SOL Fees Into Solana Swaps appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in the Angular framework that could allow attackers to steal sensitive user security tokens. The vulnerability, tracked as CVE-2025-66035, affects the Angular HttpClient and involves the accidental leakage of Cross-Site Request Forgery (XSRF) tokens. Angular applications use a built-in protection mechanism to prevent Cross-Site Request Forgery (CSRF) attacks. Angular HTTP Client […] The post Angular HTTP Client Vulnerability Exposes XSRF Token to an Attacker-Controlled Domain appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab’s security team has discovered a severe, ongoing attack spreading dangerous malware through npm, the world’s most extensive code library. The malware uses an alarming “dead man’s switch,” a self-destruct trigger tha…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A cybercriminal operating under the alias ByteToBreach has emerged as a notable threat actor in the underground market, actively selling and leaking sensitive data from airlines, banks, universities, and government entities worldwide. Active since at least June 2025, this threat actor runs a cross-platform operation that combines technical skill with aggressive self-promotion across DarkForums, Dread, […] The post ByteToBreach Cybercriminal Selling Sensitive Global Data from Airlines, Banks, and Governments appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors continue to exploit a dangerous vulnerability in user behavior by deploying fake software updates to deliver the SocGholish malware. This malware delivery framework has evolved significantly since its discovery in 2017, transforming from a simple web-based nuisance into a powerful tool that enables major ransomware operations targeting organizations worldwide. Recent campaigns demonstrate how […] The post Threat Actors Leverage Fake Update Lures to Deliver SocGholish Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ReliaQuest’s Threat Research team has uncovered a significant new campaign from the notorious threat collective “Scattered Lapsus$ Hunters,” this time targeting users and organizations that leverage the widely adopted customer support…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The company has publicly revealed a security incident involving Mixpanel, a third-party analytics provider previously used to monitor activity on platform.openai.com, the frontend for its API product. The company emphasized transparency in its announcement, assuring users that the breach did not compromise OpenAI’s own systems, chat content, API keys, passwords, credentials, or payment information. On November […] The post OpenAI Discloses Mixpanel Data Breach – Name, Email Address and Operating System Details Exposed appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ReversingLabs researchers have sounded the alarm over a vulnerability lurking in legacy Python packages one that exposes users of the Python Package Index (PyPI) to supply chain attacks through domain compromise. Although the vulnerable code is rarely …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have discovered a critical vulnerability in Microsoft Teams that allows attackers to bypass all Defender for Office 365 protections by inviting users into malicious tenant environments. The flaw exploits a fundamental architectural…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals are launching increasingly sophisticated attacks against the telecommunications and media industry, focusing their efforts on deploying malicious payloads that compromise critical infrastructure. Recent security analysis reveals a concerning trend where threat actors are systematically targeting network operators, media platforms, and broadcasting services to gain unauthorized access and establish persistent command-and-control mechanisms. The attack campaigns […] The post Hackers Actively Attacking Telecommunications & Media Industry to Deploy Malicious Payloads appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
