Follow on Google News
Dohdoor Backdoor Hits U.S. Schools and Hospitals Through Stealthy DoH‑Based Attacks
A new malware cluster, tracked as UAT‑10027 by Cisco Talos, is using a previously undocumented backdoor called Dohdoor to infiltrate schools and healthcare organizations across the United States. The…
Vshell Emerges as a Cobalt‑Strike‑Style C2 Framework for Global Threat Actors
Vshell, a Go‑based command‑and‑control (C2) framework, has moved from a regional, Chinese‑language tool to a mainstream option for attackers worldwide. It offers many of the…
Aeternum Botnet Turns Polygon Blockchain into Immune Command‑and‑Control
A new botnet loader, Aeternum C2, stores its commands on the Polygon blockchain instead of on a server or domain. Qrator Labs researchers uncovered the…
Trump Bans Anthropic AI in Federal Agencies- Pentagon Brands Claude a Supply‑Chain Risk
The U.S. government has ordered all federal agencies to stop using AI provider Anthropic and its Claude model, declaring the company a supply‑chain risk to…
Odido Data Breach: 1 Million Records Leaked by ShinyHunters After Failed Extortion
Cybercriminals leaked over 1 million customer records from Dutch telco Odido after extortion failed. ShinyHunters claimed the attack. They dumped data in two waves on…
Google API Keys Expose Private Gemini Data and Bills After Silent Privilege Escalation
Legacy Google API keys in public web code now access sensitive Gemini AI endpoints without warning. These keys, meant for Maps or Firebase, gain power…
Agent Tesla Phishing Campaign Uses Process Hollowing and Anti-Analysis to Steal Credentials
A phishing campaign delivers Agent Tesla malware via emails with business lures. It uses process hollowing and anti-analysis tricks to evade detection on Windows systems.…
Zoom Update Scam Hits 1,437 Windows Users with Hidden Surveillance in 12 Days
A fake Zoom update scam infected 1,437 Windows users worldwide in just 12 days. Attackers used a rogue version of Teramind, a real employee monitoring…
1Campaign Cloaking Platform Bypasses Google Ads Security
1Campaign lets attackers run malicious Google Ads that pass review. The cloaking tool shows clean pages to Google’s scanners but redirects real users to phishing…
ResidentBat Android Spyware Gives Belarusian KGB Persistent Device Access
ResidentBat Android malware requires physical device access for installation. Belarusian KGB operators sideload it via ADB, grant permissions manually, and disable Play Protect. Targets include…
November 21, 2025
1 comment 
