Featured
New Chrome Malware Bypasses Cookie Encryption, Exposing User Data
A sophisticated new malware strain can circumvent Google Chrome's cookie encryption mechanisms, allowing cybercriminals to silently harvest sensitive login credentials and session data. The concerning development highlights vulnerabilities in browser security and prompts recommendations for enhanced user protection.
WhatsApp Zero-Day Exploit: NSO Group's Continued Attacks After Legal Battle Begins
Israeli spyware firm NSO Group allegedly exploited a new WhatsApp vulnerability in 2019, even after being sued by Meta for a previous security breach. The revelation from unsealed court documents highlights growing tensions between tech companies and surveillance software vendors while raising concerns about user privacy protection.
Malicious GitHub Commits Target Security Researcher in Identity Fraud Attack
Multiple open-source projects on GitHub were compromised by unauthorized code commits falsely attributed to security researcher Stephen Lacy. The attack exploited commit verification weaknesses to damage the researcher's reputation, prompting GitHub to investigate and the community to implement stricter authentication measures.
Chinese Hackers Infiltrate US Law Enforcement Wiretap Systems in Major Security Breach
Chinese state-sponsored hackers gained unauthorized access to sensitive US law enforcement surveillance infrastructure for months, compromising major telecom providers and exposing millions of Americans' data. The FBI and CISA identified the threat actors as 'Salt Typhoon' and are working with affected companies to strengthen defenses.
T-Mobile Hit by Data Breach in Latest Attack on Telecom Giants
T-Mobile confirms unauthorized access to its systems in a recent cybersecurity incident, marking the latest in a series of attacks targeting major telecommunications providers. The company is working with security experts and law enforcement while advising customers to change passwords and enable two-factor authentication.
Five Eyes Intelligence Agencies Expose 2023's Most Dangerous Cybersecurity Vulnerabilities
FBI, CISA, NSA and international partners reveal alarming rise in zero-day attacks among 2023's most exploited vulnerabilities. The joint report highlights critical flaws in major systems, with Citrix and Cisco vulnerabilities topping the list of threats to global infrastructure.
Bitdefender Releases Free Tool to Counter New ShrinkLocker Ransomware Threat
Cybersecurity firm Bitdefender has discovered ShrinkLocker, a new ransomware exploiting Windows BitLocker encryption to lock users out of their systems. In response, they've released a free decryption tool to help victims recover data without paying ransom, dealing a significant blow to cybercriminals.
Lazarus Group Develops Stealthy macOS Malware Using Extended Attributes
North Korean hackers have created RustyAttr, a sophisticated malware that hides within macOS metadata to evade detection. Built with Tauri framework, this innovative technique allows malicious code to bypass security measures while using deceptive tactics to target cryptocurrency users.
Critical Backdoor Attempt Detected in ExoLabs GitHub Repository
A malicious pull request containing backdoor code was discovered in the popular ExoLabs GitHub repository, highlighting the growing threat of supply chain attacks. The incident serves as a crucial reminder for maintainers to implement strict code review protocols and security measures.