Follow on Google News
XWorm v5.6 Targets LATAM via Fake Bank Receipts
XWorm v5.6 malware spreads through fake Bradesco bank receipts targeting Brazilian and LATAM businesses. The campaign delivers a multi-stage RAT that steals credentials, hijacks browser…
Hackers Use Emoji Smuggling to Hide Malware
Hackers now hide malicious code inside emojis to bypass security scanners. The technique called emoji smuggling exploits Unicode characters that traditional tools miss. Attackers encode…
Critical better-auth API Key Bypass Enables Account Takeover
The better-auth API keys plugin contains a critical authentication bypass vulnerability tracked as CVE-2025-61928 that allows unauthenticated attackers to create privileged API keys for any user account.…
Cline CLI npm Package Hijacked for 8 Hours
Hackers compromised Cline CLI’s npm publish token on February 17, 2026, from 3:26 AM PT to 11:30 AM PT. They released malicious version 2.3.0 that…
Advanced Crypto Mining Malware Targets Air-Gapped Systems
Sophisticated Monero mining malware spreads through external drives and infects air-gapped networks. Trellix researchers uncovered the multi-stage campaign in late 2025 that uses kernel exploits…
Microsoft Defender Script Library with Copilot Analysis
Microsoft Defender for Endpoint now offers Library Management for live response scripts and tools. Security teams upload, organize, and analyze investigation assets proactively from the…
Microsoft Teams Mobile Browser Prompt Rollout
Microsoft Teams mobile apps on Android and iOS will prompt users to choose a browser for non-Office and PDF links starting late February 2026. The…
LockBit 5.0 Ransomware Hits Windows, Linux, ESXi
LockBit 5.0 ransomware targets Windows, Linux, and VMware ESXi systems with cross-platform encryption and advanced evasion. Released September 2025 under RaaS model, it uses double…
AI Recommendation Poisoning Attacks Target Assistant Memory
Hackers weaponize “Summarize with AI” buttons to inject persistent memory prompts into AI assistants like Copilot, ChatGPT, Claude, and Perplexity. These attacks use URL parameters…
Joomla Tassos Framework Flaws Enable SQLi and File Attacks
Joomla sites using Novarain/Tassos Framework face critical vulnerabilities allowing unauthenticated file read, deletion, and SQL injection. These lead to admin takeover and RCE via chained…
November 21, 2025
1 comment 
