Fake Document Reader on Google Play Delivered Anatsa Android Banking Malware
A fake document reader app on the Google Play Store was used to deliver the Anatsa Android banking trojan, exposing more than 100,000 Android users…
News
Here you can find the latest news and developments in the VPN world. Read about new breakthroughs, bypassing online censorship, and much more!
Microsoft Teams Phishing Campaign Uses RMM Abuse for Unauthorized Access
A Microsoft Teams-themed phishing campaign is tricking employees into installing a legitimate remote access tool that attackers configure for unauthorized control. The campaign, detailed in…
Mistic Backdoor Abuses Microsoft Endpoint Security Naming to Hide in Corporate Networks
A new backdoor called Mistic is being used in financially motivated intrusions against corporate networks, with evidence pointing to a possible link to the Woodgnat…
Anthropic Accuses Alibaba of Largest Known Claude Distillation Attack
Anthropic has accused Alibaba of running a large unauthorized campaign to extract capabilities from Claude, calling it the largest known distillation attack against its platform.…
Chrome 149 Security Update Fixes Critical Flaws That Could Enable Code Execution Attacks
Google has released a Chrome 149 security update for Windows, macOS, and Linux, fixing 18 browser vulnerabilities that include four Critical-rated flaws. The latest Chrome…
Hackers Use Fake Cisco AnyConnect and Google Update Installers to Drop SharkLoader Malware
A new malware campaign called StrikeShark is using fake Cisco AnyConnect and Google Update installers to deliver SharkLoader, a previously undocumented loader that deploys Cobalt…
OpenClaw Skill Marketplace Threats Expose AI Agents to Malware and Financial Fraud
Security researchers have found new malicious skills in the OpenClaw AI agent ecosystem, showing how third-party agent extensions can become a serious software supply chain…
Malicious Chrome Extension Used Native Messaging to Run PowerShell Commands on Windows
A newly analyzed Chrome malware campaign used a rogue browser extension and a Native Messaging Host to turn infected Windows systems into remote-command backdoors. The…
In-Browser Data Inspection Helps Analysts Track Phishing Attack Flows Inside Browser Sessions
ANY.RUN has introduced in-browser data inspection for URL analysis, giving security analysts a browser-level view of how phishing pages behave after a suspicious link is…
Dropping Elephant Uses GoogleErrorReport Scheduled Task to Keep New RAT Active
Dropping Elephant is using a malicious Windows shortcut, DLL side-loading, and a scheduled task named GoogleErrorReport to keep a new memory-resident remote access trojan active…
CISA Warns of Exploited Ubiquiti UniFi OS Flaws That Can Lead to Root Compromise
CISA has added three critical Ubiquiti UniFi OS vulnerabilities to its Known Exploited Vulnerabilities catalog, warning federal agencies to act by June 26, 2026. The…
Cisco Unified CM Flaw Lets Remote Attackers Launch SSRF Attacks and Write Files
Cisco has patched a critical vulnerability in Cisco Unified Communications Manager and Unified Communications Manager Session Management Edition that can let a remote, unauthenticated attacker…
FortiBleed Campaign Targets 430,000 FortiGate Firewalls and Exposes Millions of Credentials
A large credential-harvesting campaign known as FortiBleed has targeted more than 430,000 FortiGate firewalls globally, according to SOCRadar’s Dismantling FortiBleed report. The campaign did not…
GTA 6 Scam Websites Use AI Images and Fake Download Buttons to Steal Crypto From Gamers
Scammers are using fake GTA 6 early-access websites to trick gamers into sending cryptocurrency for a game download that does not exist. The pages promise…
Claude Fable 5 Wrote a Bootable Windows-Like Kernel in Rust in 38 Minutes
Claude Fable 5 generated the core of a bootable NT-shaped kernel in Rust in 38 minutes of active model work, according to a Tolmo report…