The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and allowed threat actors to publish malicious extensions in a supply chain attack. Wiz researchers discovered two weeks ago, when they reported an exposure of over 550 secrets across Microsoft VSCode and Open VSX marketplaces. Some of those…
India has emerged as the most affected country by a prolific malware strain while ranking eighth globally in overall cyber threat exposure, according to Microsoft‘s Digital Defense Report 2025 released recently. And the top target for Lumma Stealer malware, with over 44,000 infected Windows devices between March and May 2025, according to Microsoft’s Digital Defense Report….
Google Threat Intelligence and Mandiant analyzed the Oracle E-Business Suite extortion campaign, revealing the use of malware. Attackers exploited July-patched EBS flaws and likely a zero-day (CVE-2025-61882), sending extortion emails to company executives. In early October, Google Mandiant and Google Threat Intelligence Group (GTIG) researchers tracked a suspected Cl0p ransomware group’s activity, where threat actors were attempting…
A sophisticated cyberattack campaign came to light in July 2025, that weaponizes Microsoft Teams calls to deploy the latest iteration of Matanbuchus ransomware. The attack begins with adversaries impersonating IT helpdesk personnel through external Teams calls, leveraging tactics related to social engineering to convince employees to execute malicious scripts. In ongoing support sessions, attackers activate…
The U.S. Department of Justice on Thursday unsealed charges against a Russian national accused of leading the development and deployment of malicious software that infected thousands of computers over more than a decade. Rustam Rafailevich Gallyamov, 48, of Moscow, led a group of cybercriminals who developed and deployed Qakbot, a name for software that could…
The cyber space witnessed what looked like an intense battle between hacktivists supporting India according to a cyber threat intelligence report prepared by Kochi-based cybersecurity company Technisanct. According to a cyber threat intelligence report prepared by Kochi-based cybersecurity company Technisanct, India had to deal with a sustained cyber offensive targeting various institutions. These are mostly…
Kaspersky’s Global Research and Analysis Team (GReAT) has identified a new cyber campaign led by the Lazarus Group targeting supply chains in South Korea through combined watering hole attacks and exploitation of vulnerabilities in third-party software. The campaign, dubbed “Operation SyncHole,” was observed targeting at least six organisations across the software, IT, financial, semiconductor, and…
Google it has identified new malware called “LOSTKEYS” tied to the Russian-based hacking group Cold River, which is capable of stealing files and sending system information to attackers. The malware “marks a new development in the toolset” of Cold River, Wesley Shields, a researcher with Google Threat Intelligence Group, said in a blog, opens new tab….
More than 31,000 passwords belonging to Australian customers of the Big Four banks are being shared amongst cyber criminals online, often for free, the ABC can reveal. Despite the anti-fraud protections in place at those banks, cybersecurity experts warn victims could “definitely” lose money as a result. An investigation by cyber intelligence researchers has shown…
A newly discovered Android malware dubbed Crocodilus tricks users into providing the seed phrase for the cryptocurrency wallet using a warning to back up the key to avoid losing access. Although Crocodilus is a new banking malware, it features fully developed capabilities to take control of the device, harvest data, and remote control. Researchers at fraud prevention company…
