The United States Department of State has launched an unprecedented cybersecurity initiative, offering up to $10 million in rewards through its Rewards for Justice program for information leading to the identification of cybercriminals associated with the notorious RedLine information stealer. This significant bounty specifically targets the malware’s alleged creator, Russian national Maxim Rudometov, and represents … Read more

A coordinated international law enforcement operation has successfully dismantled BidenCash, one of the largest carding marketplaces operating on the dark web. The platform, which specialized in trafficking stolen credit card data and personal information, has been permanently shut down following a comprehensive seizure operation conducted by U.S. and European authorities. Multi-Agency Takedown Operation Details The … Read more

Cryptocurrency exchange giant Coinbase has revealed details of a sophisticated insider threat attack that compromised sensitive data belonging to nearly 70,000 users. The incident, orchestrated through corrupted employees at outsourcing partner TaskUs in India, highlights critical vulnerabilities in third-party vendor management and the growing sophistication of targeted cybercrime operations. Scope of the Coinbase Security Incident … Read more

Google has released an emergency security update for Chrome browser to address three critical vulnerabilities, with one already being actively exploited by cybercriminals in the wild. This out-of-band security patch addresses serious flaws that pose immediate risks to millions of users worldwide, highlighting the ongoing challenges in browser security. Understanding CVE-2025-5419: High-Severity Memory Corruption Flaw … Read more

In a landmark development for the cybersecurity industry, Microsoft and CrowdStrike have announced a strategic partnership aimed at revolutionizing how threat actors are identified and tracked across different security platforms. This collaboration introduces a unified mapping system designed to correlate various names assigned to the same Advanced Persistent Threat (APT) groups by different security vendors. … Read more

Cybersecurity researchers at Symantec have uncovered serious security vulnerabilities in widely-used Google Chrome extensions that expose sensitive user data to potential cyberattacks. The investigation revealed two primary security flaws: unencrypted HTTP data transmission and hardcoded secret keys embedded directly within extension code, affecting millions of users worldwide. Primary Vulnerability Categories Identified The research team identified … Read more

Google has announced a significant policy change that will impact website security across the internet. Starting August 2025, Chrome will no longer trust root certificates issued by Chunghwa Telecom and Netlock, two major certificate authorities that have failed to meet security standards despite repeated warnings. This decision affects millions of websites and highlights the tech … Read more

Qualcomm has released urgent security updates addressing three critical zero-day vulnerabilities in their Adreno Graphics Processing Units (GPUs). These vulnerabilities are currently being actively exploited in targeted attacks, according to findings from the Google Android Security team. The discovery highlights significant security concerns for devices utilizing Qualcomm’s widespread GPU technology. Technical Analysis of the Zero-Day … Read more

Mozilla has unveiled a groundbreaking security framework designed to combat the escalating threat of cryptocurrency fraud through malicious browser extensions. This proactive defense mechanism aims to identify and block fraudulent crypto wallet extensions before they reach Firefox’s official add-on marketplace, protecting users from financial losses and data theft. Automated Risk Assessment Technology The newly implemented … Read more

Cybersecurity researchers at Sophos have uncovered a sophisticated malware distribution campaign that weaponizes GitHub’s trusted platform to target security professionals, gamers, and researchers. The operation involves 141 malicious repositories, with 133 containing hidden backdoors disguised as legitimate security tools, game cheats, and exploits. Discovery Through Sakura RAT Analysis The investigation began when a Sophos client … Read more