France’s national postal operator La Poste has suffered a major IT disruption that temporarily took down several of its key digital services. Online banking portals, mobile applications and digital identity tools were all affected, impacting millions of users across the country. Industry sources cited by French media point to a large-scale distributed denial-of-service (DDoS) attack … Read more

macOS is no longer a niche target for cybercriminals. The latest example is an updated variant of the MacSync stealer, now delivered inside a fully signed and Apple-notarized Swift application. By abusing Apple’s trust mechanisms, the malware convincingly masquerades as legitimate software and significantly increases the likelihood of successful compromise. Signed Swift installer as a … Read more

The compromise of IT systems at Red Hat has led to the exposure of personal data belonging to thousands of Nissan Motor Co., Ltd. customers, underscoring how a single cyber incident at a technology provider can cascade across global brands and industries. How the Red Hat cyber attack impacted Nissan customers Nissan reports that it … Read more

Windows users are facing a new malware campaign in which attackers abuse a fake Microsoft Activation Scripts (MAS) domain to deliver the Cosmali Loader malware. A single-character typo in a PowerShell activation command is enough to trigger the download and execution of malicious scripts, leading to the installation of cryptominers and remote access trojans (RATs) … Read more

The Android banking trojan Mamont has rapidly become one of the main instruments of mobile cybercrime against Russian users. According to analytics from F6, this malware accounts for 47% of all compromised Android devices in Russia, and fraud linked to Mamont exceeded 150 million rubles in November 2025 alone. Against the backdrop of declining activity … Read more

Two Google Chrome extensions distributed under the common name Phantom Shuttle have been identified as malicious tools that silently intercept browser traffic and exfiltrate sensitive data instead of providing the promised proxy service. According to researchers at Socket, the campaign has been active since at least 2017, indicating a long‑running and relatively successful operation. Targeting … Read more

A malicious npm package named lotusbail has been discovered impersonating a legitimate WhatsApp Web API client library. For several months it was quietly integrated into projects by unsuspecting developers, while its hidden functionality enabled attackers to intercept WhatsApp conversations, exfiltrate contacts and establish persistent access to victims’ WhatsApp accounts. Malicious npm package lotusbail disguised as … Read more

Russian users of WhatsApp, the world’s largest messaging platform owned by Meta (designated an extremist organization and banned in Russia), are experiencing serious disruptions and the threat of a full shutdown of the service in the country. The situation has become another milestone in the long‑running confrontation between Roskomnadzor and foreign platforms that rely on … Read more

Hewlett Packard Enterprise (HPE) has released security updates to address a critical remote code execution (RCE) vulnerability in its infrastructure management platform HPE OneView. Tracked as CVE-2025-37164 and rated CVSS 10.0 (the maximum possible severity), the flaw allows unauthenticated attackers to execute arbitrary code on affected systems, putting entire data center environments at risk. HPE … Read more

Nigerian law enforcement has announced the arrest of three individuals allegedly linked to the Raccoon0365 phishing-as-a-service (PhaaS) platform, a commercial operation used to conduct large‑scale phishing campaigns against Microsoft 365 corporate accounts. The operation was enabled by technical evidence supplied by Microsoft, shared with the FBI, and subsequently passed to the Nigeria Police Force National … Read more