Mozilla has officially confirmed an ongoing sophisticated phishing campaign specifically targeting developers of Firefox browser extensions. Cybercriminals are actively compromising accounts on the AMO (addons.mozilla.org) platform, which hosts over 60,000 extensions and more than 500,000 themes used by tens of millions of Firefox users worldwide. Anatomy of the AMO Phishing Attack The threat actors are … Read more

SonicWall has issued an urgent security advisory urging customers to immediately disable SSL VPN functionality on their 7th generation firewalls following the discovery of active exploitation of a critical zero-day vulnerability. Threat actors are leveraging this previously unknown security flaw to deploy Akira ransomware, creating an immediate and severe risk to organizations worldwide using affected … Read more

Cisco Systems has officially disclosed a significant cybersecurity incident involving unauthorized access to customer personal data through a sophisticated vishing attack. The breach, confirmed on July 24, 2025, demonstrates the evolving threat landscape where cybercriminals increasingly target human vulnerabilities rather than technical systems alone. Understanding the Vishing Attack Vector The attack employed voice phishing (vishing), … Read more

Google has released its August 2025 Android security bulletin addressing six critical vulnerabilities, with particular focus on two zero-day exploits actively leveraged by threat actors in targeted cyberattacks. The security update highlights severe flaws in Qualcomm’s graphics processing components that have been exploited in the wild, prompting urgent patching recommendations from both Google and Qualcomm … Read more

SonicWall has officially dismissed speculation surrounding the use of an unknown zero-day vulnerability in recent Akira ransomware attacks. Following a comprehensive investigation of 40 security incidents, the company confirmed that cybercriminals exploited a previously disclosed and patched vulnerability rather than leveraging new attack vectors. CVE-2024-40766: The Real Culprit Behind SonicWall Compromises Internal analysis conducted by … Read more

Cybersecurity researchers at Socket have uncovered one of the most extensive supply chain attacks targeting the RubyGems ecosystem to date. The sophisticated campaign involved 60 malicious packages disguised as social media automation tools, accumulating over 275,000 downloads since March 2023. This incident highlights the growing threat landscape facing open source package repositories and the evolving … Read more

Wikipedia has officially launched a revolutionary rapid response policy designed to counter the growing threat of AI-generated articles that compromise the platform’s integrity. This groundbreaking initiative represents one of the most significant cybersecurity adaptations by a major digital platform to address the challenges posed by sophisticated artificial intelligence content generation tools. The Scale of AI … Read more

Kaspersky Lab researchers have identified a sophisticated new cyberthreat called LunaSpy, a highly advanced spyware trojan specifically designed to target Russian mobile device users. This malicious software employs deceptive tactics, masquerading as legitimate security applications while spreading through popular messaging platforms to compromise victim devices and steal sensitive personal information. Attack Scale and Distribution Methods … Read more

Cybersecurity researchers at Cleafy have identified a rapidly expanding threat landscape with the emergence of PlayPraetor, a sophisticated Android banking trojan that has successfully compromised more than 11,000 mobile devices globally. The malware demonstrates alarming growth patterns, with security analysts recording over 2,000 new infections weekly, indicating a well-orchestrated and highly effective cybercriminal operation. Geographic … Read more

Meta has unveiled a comprehensive suite of advanced security mechanisms for WhatsApp, specifically designed to protect users against the escalating threat landscape of cybercriminal activities. These new protective measures focus on minimizing fraud risks when users interact with unknown contacts in group conversations, addressing one of the most vulnerable attack vectors in modern messaging platforms. … Read more