Trellix investigates source code breach after RansomHouse claim
Trellix has confirmed unauthorized access to a portion of its source code repository, while the RansomHouse extortion group has claimed responsibility for the incident. The…
News
Here you can find the latest news and developments in the VPN world. Read about new breakthroughs, bypassing online censorship, and much more!
DarkMoon brings AI-driven autonomous penetration testing to open source
DarkMoon is a new open-source platform that uses AI agents to run automated penetration testing workflows across web, network, Active Directory, Kubernetes, cloud, and application…
TCLBANKER banking trojan abuses signed Logitech installer to target Brazil
A new Brazilian banking trojan called TCLBANKER is spreading through a trojanized Logitech installer and using WhatsApp and Outlook worm modules to reach more victims.…
HumanitarianBait campaign uses GitHub Releases to host Python infostealer payloads
A cyberespionage campaign named HumanitarianBait is using fake humanitarian aid documents to deliver a Python-based infostealer on Windows systems. The attack hides a malicious shortcut…
Fake moustache trick exposes gaps in UK online age checks
A 12-year-old boy reportedly fooled an online age verification system by drawing a moustache on his face with an eyebrow pencil. The system then verified…
Hackers abuse Hugging Face and ClawHub to spread malware through AI tools
Hackers are abusing trusted AI platforms, including Hugging Face and ClawHub, to distribute malware disguised as models, datasets, and agent skills. The campaign shows how…
ZiChatBot malware abuses Zulip APIs after hiding in PyPI packages
A newly documented malware campaign used fake Python packages on PyPI to deliver ZiChatBot, a cross-platform backdoor that targets Windows and Linux systems. The malware…
Fake OpenClaw installer targets crypto wallets and password managers
A fake OpenClaw installer is being used to deliver a Rust-based infostealer framework that targets crypto wallets, password managers, browser data, and Ledger Live files.…
Škoda online shop security incident may have exposed customer data
Škoda Auto Deutschland has disclosed an IT security incident involving the Škoda Online Shop after attackers exploited a vulnerability in the shop software. The company…
Operation GriefLure uses real documents to deliver modular RAT malware
Operation GriefLure is a targeted spear phishing campaign that uses malicious Windows LNK files to infect victims with a modular remote access trojan. The campaign…
New PamDOORa Linux backdoor targets SSH credentials through PAM
xA new Linux backdoor called PamDOORa is drawing attention because it targets the Pluggable Authentication Module, or PAM, which sits at the center of authentication…
QLNX Linux RAT targets developers to steal credentials and enable supply chain attacks
A newly documented Linux malware family called Quasar Linux, or QLNX, is targeting developers and DevOps environments with credential theft, rootkit features, and long-term remote…
CloudZ RAT abuses Microsoft Phone Link to steal SMS OTPs from Windows PCs
A CloudZ remote access trojan campaign is abusing Microsoft Phone Link to potentially steal SMS messages, one-time passwords, and mobile notifications from Windows computers. Cisco…
Darkhub hacking-for-hire portal advertises account theft, surveillance, and crypto fraud services
A dark web platform called Darkhub is advertising hacking-for-hire services, including account compromise, message interception, mobile monitoring, location tracking, cryptocurrency-related fraud, and financial manipulation. Oasis…
FEMITBOT network abuses Telegram Mini Apps for crypto scams and Android malware
A fraud network called FEMITBOT is abusing Telegram Mini Apps to run cryptocurrency scams, impersonate major brands, and push Android malware. CTM360 says the operation…