CyberSecureFox Logo CyberSecureFox Editorial Team

The CyberSecureFox Editorial Team covers cybersecurity news, vulnerabilities, malware campaigns, ransomware activity, AI security, cloud security, and vendor security advisories. Articles are prepared using official advisories, CVE/NVD data, CISA alerts, vendor publications, and public research reports. Content is reviewed before publication and updated when new information becomes available.

Microsoft Defender Zero‑Days BlueHammer, RedSun and UnDefend Are Under Active Attack

by
Cybersecurity professional analyzes zero-day exploits on dual monitors.

Three newly disclosed zero‑day vulnerabilities in Microsoft Defender are being actively exploited in the wild, creating a high‑risk scenario for both enterprise and home Windows environments. According to incident data from Huntress, attackers are weaponizing the vulnerabilities dubbed BlueHammer, RedSun and UnDefend to escalate privileges and disrupt built‑in protection mechanisms on compromised hosts. Who Is … Read more

Mirai-Style IoT Botnets Target TBK DVRs and Legacy TP-Link Routers

by
Dark cyberpunk scene featuring a menacing robotic spider and eerie silhouettes.

Internet of Things (IoT) devices are again at the center of large-scale cyber campaigns. Security researchers report that new Mirai-derived botnets are actively exploiting vulnerabilities in TBK digital video recorders (DVRs) and end-of-life TP-Link Wi‑Fi routers to build powerful distributed denial-of-service (DDoS) infrastructures. Mirai-Inspired Nexcorium Botnet Exploits TBK DVR CVE-2024-3721 According to Fortinet FortiGuard Labs, … Read more

Google Play Privacy Overhaul and Gemini AI Crackdown on Fraudulent Ads

by
Security personnel monitor a large screen displaying suspended accounts and blocked ads.

Google is rolling out a significant update to the Google Play privacy policy, reshaping how Android apps access contacts and location data while hardening defenses against account abuse and advertising fraud. Alongside these changes, the company reports that in 2025 it blocked or removed more than 8.3 billion ads worldwide and suspended 24.9 million accounts … Read more

Obsidian Plugins Abused to Deliver PHANTOMPULSE Malware in Targeted Financial Sector Attacks

by
Digital collaboration scene with a city skyline and multiple computer screens.

A newly documented cyber campaign, tracked as REF6598, is abusing the popular cross‑platform note‑taking application Obsidian to gain a foothold in financial and cryptocurrency organizations. According to Elastic Security Labs, the attackers use social engineering on LinkedIn and Telegram to lure victims into syncing a malicious Obsidian vault, which ultimately delivers a previously unknown Windows … Read more

UAC-0247 Campaign Targets Ukrainian Government and Healthcare with Advanced Malware Toolkit

by
Dark cyberpunk scene featuring a hacker and glowing technology amidst chaos.

Ukraine’s national Computer Emergency Response Team, CERT-UA, has disclosed details of a new targeted cyber-espionage campaign tracked as UAC‑0247. The operation is primarily aimed at government entities and municipal healthcare organizations, including clinics and emergency medical services, with a clear objective: to achieve stealthy persistence, conduct internal reconnaissance, and steal sensitive data from infected systems. … Read more

Attackers Exploit n8n Low-Code Webhooks for Phishing, Malware Delivery and Tracking

by
Digital artwork depicting cybersecurity themes with technology, clouds, and figures.

Cloud-based automation platform n8n has become the latest legitimate service to be systematically abused in large-scale phishing campaigns. According to research from Cisco Talos, threat actors are leveraging n8n’s webhook infrastructure to send convincing phishing emails, deliver malware, and silently collect information about recipients’ devices, while riding on the trusted reputation of the app.n8n.cloud domain. … Read more

Pushpaganda: AI-Driven SEO Poisoning Campaign Abuses Google Discover and Push Notifications

by
Woman looks shocked at phone while family uses devices in dimly lit room.

Cybersecurity analysts have identified a large-scale advertising fraud operation that combines SEO poisoning, AI-generated content and aggressive misuse of browser push notifications. The campaign, dubbed Pushpaganda, plants fake news stories in Google Discover feeds, then coerces users into enabling intrusive notifications that funnel them to scareware pages and financial scams. AI-based ad fraud targets Android … Read more

Google Pixel 10 Modem Gets Rust DNS Parser to Boost Baseband Security

by
Group of cybersecurity experts working on laptops amid a dramatic sunset.

Google has quietly taken an important step in hardening the Pixel 10 against modem-level attacks: the company has integrated a Rust-based DNS parser directly into the smartphone’s baseband firmware. This move reflects a long-term strategy to phase out traditional C/C++ in favor of memory-safe languages in the most critical and attack‑prone components of modern mobile … Read more

Kraken Insider Threat and Extortion Attempt Exposes Growing Crypto Security Risk

by
Man in a hoodie focused on a desk with monitors and investigative items around him.

Kraken, one of the world’s largest cryptocurrency exchanges, has disclosed an extortion attempt linked to an insider threat, rather than a traditional external hack. Cybercriminals claim to possess video recordings of Kraken’s internal support systems that allegedly show customer information and are threatening to release them unless a ransom is paid. What Happened in the … Read more

OpenAI Rotates macOS Code-Signing Certificates After Axios npm Supply Chain Attack

by
Rooftop scene featuring OpenAI signage amidst San Francisco's skyline.

OpenAI is revoking and replacing several macOS code-signing certificates after a compromised version of the popular npm library Axios was executed inside its GitHub Actions build pipeline. While there is no evidence of certificate theft or user data compromise, the company is treating the incident as a serious software supply chain risk and rotating all … Read more

CyberSecureFox

© 2026 INFO

About

About

Authors

Contact

Editorial

Editorial Standards

Corrections

Legal

Privacy Policy

Terms of Service