Malware Alert
Critical MongoDB Vulnerability Exposes Servers to Attack
MongoDB administrators are scrambling to assess exposure after security researchers spotlighted a newly disclosed server flaw that can leak uninitialized heap memory to an unauthenticated…
New Evasive Panda Attacks Use DNS in Stealthy Cyberattacks
A China-linked threat group tracked as Evasive Panda, also known in industry reporting as StormBamboo, Daggerfly, and Bronze Highland, has been tied to a targeted…
New MacSync Stealer Evades macOS Gatekeeper Protections
A newly identified strain of macOS malware known as MacSync stealer has demonstrated the ability to bypass Apple’s Gatekeeper security protections, raising fresh concerns about…
New Android Malware Can Now Harvest Data From Your Messages & Bank Accounts
Security researchers are warning of a major shift in Android malware activity going in 2026. The previously separate attack campaigns are heading towards utilizing merging…
Cyber Threat Group Blind Eagle Launches Sophisticated Malware Attacks
Advanced persistent threat (APT) group Blind Eagle has launched a new wave of cyberattacks using sophisticated, multi-stage malware to compromise victims and evade detection, cybersecurity…
Rogue NuGet Package Discovered in .NET Ecosystem Worth Avoiding
Cybersecurity researchers have uncovered a sophisticated supply chain attack in the NuGet ecosystem involving a malicious package named Tracer.Fody.NLog that impersonates the legitimate Tracer.Fody .NET…
Fake Leonardo DiCaprio Movie Torrent Spreads Stealthy Malware Globally
Security researchers are warning that cybercriminals are exploiting the upcoming Christmas 2025 holiday season by embedding fileless malware in pirated movie torrents, posing a significant…
New DroidLock Android Malware Locks Phones and Demands Ransom
Security researchers have identified a new Android malware strain called DroidLock that can lock victims out of their smartphones and demand a ransom payment to…
Critical React2Shell Exploit Sparks Global Hacks and Major Server Breaches
A critical security vulnerability in React Server Components, known as React2Shell and tracked as CVE 2025 55182, is actively enabling attackers worldwide to deploy cryptocurrency…
A Critical Code Flaw: What You Should Know About the React2Shell Crisis
A critical security vulnerability known as React2Shell is now being weaponized by attackers, putting thousands of websites and applications built on React, Next.js and related…
iPhone 16 Crowned Best-Selling Smartphone Globally in Q3 2025
Apple’s iPhone 16 has claimed the title of the world’s best-selling smartphone in the third quarter of 2025, securing four percent of all global handset…
China Alarms Agencies & IT Firms of A New BRICKSTORM Attack
Cybersecurity authorities issued a warning that a sophisticated malware strain called BRICKSTORM powers an ongoing campaign to infiltrate government agencies, technology firms, and critical infrastructure…
New Report Reveals DIRTYBULK USB Malware Fuelling Global Crypto-Mining Campaigns
Cybersecurity firm SOC Prime has issued a fresh alert about a USB-driven malware campaign based around DIRTYBULK, warning that the threat is powering illicit cryptocurrency-mining…
