My Courses
-
Counterfeit PDF editing software downloads TamperedChef malware
Cybersecurity researchers have uncovered a sophisticated cybercrime campaign that employs malvertising techniques to redirect victims to fraudulent websites, ultimately delivering a new information stealer known…
-
Visual Studio Code vulnerability allows deleted extension takeover
Cybersecurity researchers have uncovered a significant loophole in the Visual Studio Code Marketplace that enables threat actors to reuse names of previously removed extensions. Software…
-
s1ngularity Nx attack exposes GitHub credentials
The maintainers of the Nx build system have issued a warning regarding a supply chain attack that enabled attackers to publish malicious versions of the…
-
Git vulnerability CVE-2025-48384 allows remote code execution
CVE-2025-48384 is a recently patched vulnerability in the widely used distributed revision control system Git, which is currently being exploited by attackers. The US Cybersecurity…
-
Over 300,000 Plex Media Server installations remain susceptible to exploitation due to CVE-2025-34158
Over 300,000 internet-facing Plex Media Server instances remain vulnerable to the critical CVE-2025-34158, despite a fix being issued earlier this month. Plex Media Server (PMS)…
-
ShadowSilk attacks Asia-Pacific government targets via Telegram bots
A threat activity cluster known as ShadowSilk has been linked to a new wave of attacks targeting government entities in Central Asia and the Asia-Pacific…
-
Energy industry needs to be vigilant about cyberattacks
The energy sector remains a significant target for cybercriminals, with power outages posing threats to economic stability and public safety. The rising demand for electricity,…
-
AI agents vulnerable to prompt injection via image scaling attacks
Researchers have uncovered a significant vulnerability in popular AI systems, demonstrating that these technologies can be manipulated into executing malicious instructions concealed within images. This…
-
ShadowCaptcha distributing ransomware & cryptominers via compromised WordPress sites
A new large-scale cybercrime campaign, codenamed ShadowCaptcha, has been identified, exploiting over 100 compromised WordPress sites. This campaign, first detected in August 2025 by the…
-
HOOK Android Trojan incorporates ransomware overlays & 107 remote commands
Cybersecurity researchers have identified a new variant of an Android banking trojan named HOOK, which incorporates ransomware-style overlay screens to display extortion messages. A key…