Microsoft has reported that attackers could have exploited a recently patched vulnerability bypassing Transparency, Consent, and Control (TCC) to steal confidential information from macOS users, including cached Apple Intelligence data.
CONTINUE READING 🡒 Category: News
Due to a Bug in Post SMTP Plugin, 200,000 WordPress…
More than 200,000 WordPress sites are using a vulnerable version of the Post SMTP plugin, which allows attackers to gain control over the administrator account.
CONTINUE READING 🡒 
No Patch for RCE Vulnerability in LG Surveillance Cameras
LG surveillance cameras are vulnerable to remote attacks due to a recently discovered vulnerability. However, it has become known that they will not receive patches.
CONTINUE READING 🡒 
Operator of Pirate Streaming Service Jetflix Sentenced to 7 Years…
The founder of the pirate streaming service Jetflicks, Kristopher Dallmann, has been sentenced to seven years in prison. Dallmann did not plead guilty to several charges, including conspiracy, copyright infringement, and money laundering.
CONTINUE READING 🡒 
Ransomware Code Generated by FunkSec AI
Experts from Kaspersky Lab have studied the activity of the FunkSec group, which emerged in late 2024. The main features of the group turned out to be: the use of AI-based tools (including in the development of…
CONTINUE READING 🡒 
Amazon Denies Possible Data Breach of Ring Camera Users
Users of Ring are observing multiple notifications about account logins from unauthorized devices, dated May 28, 2025. Ring developers claim that this is due to an error during a backend update.
CONTINUE READING 🡒 
Linux Malware Koske Hides in Images of Cute Pandas
Analysts from AquaSec discovered new malware for Linux. The malware, named Koske, is believed to have been developed using AI. To execute directly into memory, the malware uses JPEG images of pandas.
CONTINUE READING 🡒 
Hacker Injects Malware into Early Access Game on Steam
A hacker known by the alias EncryptHub (also known as LARVA-208 and Water Gamayun) compromised the early access game Chemia on Steam to distribute an infostealer among users.
CONTINUE READING 🡒 
Banking Trojan Coyote Steals Data by Simulating Interface Operations
The new variant of the banking Trojan Coyote exploits accessibility features in Windows, specifically the Microsoft UI Automation framework. In this way, the malware detects banking and cryptocurrency exchange websites visited by the user and steals their…
CONTINUE READING 🡒 
Critical Bug Fixed in VINTEO Video Conferencing System
A critical RCE vulnerability has been fixed in the Russian video conferencing system VINTEO. The issue was caused by a feature in the implementation of a component that had insufficient filtering of user data.
CONTINUE READING 🡒 
Administrator of XSS Forum Arrested and the Site Shut Down…
The alleged administrator of the Russian-speaking hack forum XSS[.]is was arrested by Ukrainian authorities at the request of the Paris Prosecutor’s Office. Shortly thereafter, the site was shut down by law enforcement agencies.
CONTINUE READING 🡒 
Hacker Injected Data Destruction Commands into Amazon’s AI Assistant
A hacker compromised the AI assistant Q by injecting commands that instructed the deletion of data on users’ computers. Amazon included this update in the public release.
CONTINUE READING 🡒 
Brave Browser Will Block Windows Recall Functionality
The developers at Brave Software announced that their browser will now block the Windows Recall functionality by default. This ensures that Windows cannot take screenshots of Brave windows, maintaining the privacy of users.
CONTINUE READING 🡒 
Zero-Day Vulnerabilities in SharePoint Under Attack Since Early July
According to cybersecurity specialists, several Chinese hacker groups have been exploiting a chain of zero-day vulnerabilities in Microsoft SharePoint in their attacks. In particular, it has become known that the attackers have compromised the network of the…
CONTINUE READING 🡒 
Trojan.Scavenger Disguises Itself as Game Cheats and Mods
Experts at Dr.Web reported on the Trojan.Scavenger malware family, which attackers use to steal data from cryptocurrency wallets and password managers on Windows users. Legitimate applications are used to launch the malware, and vulnerabilities related to DLL…
CONTINUE READING 🡒 
Ransomware Group World Leaks Hacks Dell Test Environment but Steals…
The hacker group World Leaks hacked one of Dell’s demonstration platforms and attempted to extort a ransom from the company. Dell reports that the criminals only stole “synthetic” (fake) data.
CONTINUE READING 🡒 
Pavel Durov Warns of Gift and Username Scams on Telegram
Earlier this week, Pavel Durov announced on his Telegram channel that scammers are extorting messenger users by demanding rare gifts, virtual numbers, and usernames.
CONTINUE READING 🡒 
F6 Helped Block NyashTeam Hacker Group’s Infrastructure
Analysts at F6 discovered a network of domains used by the group NyashTeam, which distributes malware and provides hosting services to criminals. The group’s clients have attacked users in at least 50 countries worldwide, including Russia. More…
CONTINUE READING 🡒 
Critical Vulnerability in Nvidia Container Toolkit Poses a Threat to…
Experts from the company Wiz have discovered a critical vulnerability in the Nvidia Container Toolkit. According to the researchers, the issue could pose a significant threat to managed cloud AI services.
CONTINUE READING 🡒 
Backdoor GhostContainer Targets Microsoft Exchange Servers
Experts from Kaspersky Lab have discovered a new backdoor, GhostContainer, which operates on open-source tools. Researchers believe that the emergence of this malware may be part of a sophisticated targeted campaign aimed at large organizations in Asia,…
CONTINUE READING 🡒