A rare operational mistake by a North Korean threat actor has given researchers an unusual look inside a hostile cyber operation. According to threat intelligence firm Hudson Rock, the Lumma Stealer malware, typically used by cybercriminals to exfiltrate victims’ data, this time infected the workstation of a North Korean hacker allegedly involved in the $1.4 … Read more

Security researchers have once again demonstrated that even official marketplaces cannot be treated as inherently trustworthy. Experts at Koi Security identified two malicious Visual Studio Code extensions — Bitcoin Black and Codo AI — that silently installed a powerful infostealer on developers’ workstations, targeting passwords, cookies, crypto wallets, and detailed system information. Malicious Visual Studio … Read more

Asus has confirmed that a third-party supplier was compromised in a cyberattack, following claims by the Everest ransomware group that it stole around 1 TB of data linked to Asus, Qualcomm and ArcSoft. According to the attackers, the trove allegedly includes smartphone camera software source code, artificial intelligence (AI) models and internal tooling. Asus confirms … Read more

A newly identified phishing-as-a-service (PhaaS) platform dubbed Spiderman is enabling cybercriminals to run large-scale, highly convincing phishing campaigns against users of European banks, fintech platforms and cryptocurrency wallets. According to researchers at Varonis, this criminal service is designed to steal not only usernames and passwords, but also two‑factor authentication (2FA) codes, payment-card details and crypto … Read more

The Spanish National Police have detained a 19‑year‑old resident of Catalonia, suspected of breaching the IT systems of nine companies and stealing a massive trove of personal data. Investigators allege that the individual attempted to sell around 64 million records on underground hacker forums, turning sensitive information into a commodity on the criminal data market. … Read more

Researchers at Securonix have documented a sophisticated multi‑stage malware campaign dubbed JS#SMUGGLER, in which attackers compromise legitimate websites and use them as launch pads to deliver the NetSupport RAT remote access trojan. The campaign primarily targets corporate users who visit trusted business sites during normal work activities, significantly increasing the likelihood of successful infection. JS#SMUGGLER … Read more

The malicious GlassWorm malware family, designed to compromise Visual Studio Code (VS Code) development environments, has resurfaced in official extension repositories. After two previous incidents, the operators have launched a third wave, uploading a total of 24 new malicious packages to the Microsoft Visual Studio Marketplace and the OpenVSX registry. GlassWorm malware: evolving threat to … Read more

The critical React2Shell vulnerability (CVE-2025-55182) in the React ecosystem has moved from a theoretical risk to large‑scale, real‑world exploitation. Within hours of public disclosure, active attacks were observed against production systems, with researchers estimating that more than 30 organizations have already been compromised and over 77,000 servers worldwide remain potentially exposed. What Is React2Shell (CVE-2025-55182) … Read more

After the release of the August Windows 11 updates, Microsoft has warned about a new lock screen interface bug affecting some devices. Users report that the icon for selecting password-based sign-in disappears, even though logging in with a password is still technically possible. What is happening with the Windows 11 lock screen password icon? In … Read more

In autumn 2025, global brewing giant Asahi Group Holdings disclosed that a large‑scale cyberattack was far more damaging than initially reported. An internal investigation confirmed that attackers gained unauthorized access to the personal data of almost 2 million individuals and disrupted critical business operations across Japan. Scale of the Asahi Data Breach and Who Was … Read more