Analysts at the cybersecurity company Zscaler calculated that between June 2024 and May 2025, 239 malicious apps were discovered on Google Play, which were downloaded more than 42 million times in total.
CONTINUE READING 🡒 Author: HackMag
Critical Cisco UCCX vulnerability allows root command execution
Cisco has patched a critical vulnerability in Unified Contact Center Express (UCCX) that allowed attackers to obtain root privileges and full control of the system.
CONTINUE READING 🡒 
AI-Written Ransomware Infiltrated the VS Code Extension Marketplace
Secure Annex researchers found a malicious extension in the Visual Studio Code Marketplace for VS Code that has basic ransomware functionality. Apparently, the malware was written via “vibe coding,” and the malicious functionality is stated right in…
CONTINUE READING 🡒 
Cavalry Werewolf Group Attacks Russian Government Agencies
In July 2025, Doctor Web specialists investigated an incident at a Russian government institution where unsolicited messages were being sent from a corporate email account. The analysis showed that the organization had fallen victim to a targeted…
CONTINUE READING 🡒 
American cybersecurity experts accused of using BlackCat ransomware
Three former employees of DigitalMint and Sygnia, companies involved in incident response and negotiations with extortionist hacker groups, have been charged with breaching the networks of five U.S. companies. According to the U.S. Department of Justice, they…
CONTINUE READING 🡒 
Google warns about the emergence of new AI-powered malware families
Researchers from the Google Threat Intelligence Group (GTIG) warn that hackers are now widely using AI not only to prepare attacks, but directly in the code of their malware. Such malware can dynamically modify its code at…
CONTINUE READING 🡒 
Microsoft Edge is getting better at detecting scareware
Microsoft developers have added to the Edge browser a new protection mechanism powered by machine learning. It will detect scareware pages (such as fake tech support) and pass the information to Defender SmartScreen for expedited blocking. The…
CONTINUE READING 🡒 
Akira ransomware operators claim they stole 23 GB of data…
The Akira ransomware group claimed to have stolen 23 GB of data from Apache OpenOffice, including employees’ personal information and financial documents. However, representatives of the Apache Software Foundation say the hackers are lying, as the organization…
CONTINUE READING 🡒 
WordPress Post SMTP plugin used to compromise administrator accounts
Attackers are targeting WordPress-powered sites by exploiting a critical vulnerability in the Post SMTP plugin, which has over 400,000 installations. The hackers are taking over administrator accounts and gaining full control of vulnerable sites.
CONTINUE READING 🡒 
Hackers Breach Transportation Companies to Steal Cargo
Proofpoint analysts have discovered a large-scale campaign in which hackers breach transportation companies and logistics operators to intercept real shipments and steal physical goods. The attacks result in multimillion-dollar losses and serious disruptions to supply chains.
CONTINUE READING 🡒 
Task Manager won’t close after a Windows update
After installing the October optional update KB5067036 on Windows 11, an issue occurs: Task Manager stops closing properly. The bug leads to an accumulation of background taskmgr.exe processes, which can seriously degrade system performance.
CONTINUE READING 🡒 
SesameOp backdoor uses the OpenAI Assistants API in attacks
Microsoft researchers have discovered a new backdoor, SesameOp, which uses the OpenAI Assistants API as a covert channel to communicate with its command-and-control servers.
CONTINUE READING 🡒 
Amazon to block pirated apps on Fire TV Stick devices
Amazon plans to block unauthorized apps on Fire TV Stick devices in an effort to combat piracy. The new measures are intended to put an end to the era of using modified Fire TV Sticks for free…
CONTINUE READING 🡒 
Memento Labs chief (formerly Hacking Team) confirmed that security researchers…
The head of the Italian company Memento Labs (formerly Hacking Team), Paolo Lezzi, confirmed to the media that the Dante spyware, recently discovered by Kaspersky Lab researchers in real-world attacks, does indeed belong to his company. Lezzi…
CONTINUE READING 🡒 
Windows 0-day exploited to hack European diplomats
The China-linked hacking group UNC6384 (aka Mustang Panda) is conducting a large-scale cyber-espionage campaign targeting European diplomatic and government entities. According to Arctic Wolf and StrikeReady, the hackers are exploiting an unpatched Windows vulnerability related to LNK…
CONTINUE READING 🡒 
Security plugin for WordPress exposed users’ personal data
A vulnerability was discovered in the Anti-Malware Security and Brute-Force Firewall plugin for WordPress that allows minimally privileged users to read arbitrary files on the server. The plugin is installed on more than 100,000 sites, but so…
CONTINUE READING 🡒 
Hackers Attack Telecommunications Company Ribbon Communications
U.S. telecommunications company Ribbon Communications reported a compromise of its IT network, potentially involving hackers acting on behalf of a foreign state. The incident began in December 2024 but was only discovered nine months later, in September…
CONTINUE READING 🡒 
Leak reveals which Pixel phones are vulnerable to Cellebrite tools
The outlet 404 Media drew attention to a leak posted on the GrapheneOS forums. An anonymous insider using the handle rogueFed published screenshots from a closed Cellebrite briefing for law enforcement. The images show which Google Pixel…
CONTINUE READING 🡒 
Zimperium: Over 760 malicious NFC apps for Android active in…
Experts at Zimperium warn of a rise in NFC malware for Android in Eastern Europe. Over the past few months, researchers have discovered more than 760 such apps using NFC attacks to steal users’ payment data.
CONTINUE READING 🡒 
New version of the Android Trojan DeliveryRAT can be used…
Researchers at F6 have analyzed an updated version of DeliveryRAT. The trojan disguises itself as popular food delivery apps, marketplaces, banking services, and parcel-tracking apps. The new version adds a number of features, including carrying out DDoS…
CONTINUE READING 🡒