Follow on Google News
DesckVB RAT uses obfuscated JavaScript and a fileless .NET loader to evade detection
DesckVB RAT is a remote access trojan that uses layered scripting, fileless loading, and process injection to avoid many traditional defenses. Point Wild’s LAT61 team…
Juniper default password flaw can hand attackers full control of vLWC appliances
Juniper Networks has disclosed a critical flaw in its Support Insights Virtual Lightweight Collector that can let an unauthenticated attacker take full control of the…
Trojanized OpenVSX extension spreads GlassWorm across VS Code, Cursor, and Windsurf
A fake OpenVSX extension that impersonates WakaTime can infect multiple VS Code-based editors on the same machine, not just the one where a developer installs…
CPUID hack turns CPU-Z and HWMonitor downloads into a malware risk
Anyone who downloaded CPU-Z or HWMonitor from CPUID around April 9 to April 10, 2026 should treat that installer as suspicious. CPUID now says attackers…
Multiple TP-Link Archer AX53 flaws could let attackers take over vulnerable routers
TP-Link has disclosed five security vulnerabilities affecting the Archer AX53 v1.0 router, including command injection, buffer overflow, and arbitrary file read flaws. The company says…
MuddyWater turns to Russian malware-as-a-service in new ChainShell campaign
Iran-linked threat group MuddyWater appears to have shifted tactics by using a Russian-speaking malware-as-a-service platform in a fresh campaign tied to Israeli targeting. New research…
Hackers abuse GitHub and GitLab to host malware and credential phishing campaigns
Attackers are increasingly abusing GitHub and GitLab as trusted delivery channels for malware and credential phishing. New research from Cofense says this tactic has grown…
AI router flaws let attackers inject malicious code and steal sensitive data
A new academic study warns that third-party AI API routers can become a dangerous supply-chain weak point for AI agents. These routers sit between agent…
Hackers impersonate secure messaging apps to deploy ProSpy in Middle East espionage campaign
A mobile espionage campaign has targeted people in the Middle East by disguising spyware as trusted messaging apps such as Signal, ToTok, and Botim. Researchers…
HPE Aruba Private 5G platform flaw could let attackers steal login credentials
HPE has disclosed a high-severity vulnerability in Aruba Networking Private 5G Core On-Prem that could let attackers steal user credentials through a crafted login link.…
November 21, 2025
1 comment 
