Cybersecurity News
Stay up-to-date with the latest cybersecurity news and developments in the cybersecurity landscape. Be the first to know about the latest threats, current innovations, and major trends in the cyber universe. Check our Cyber News section for the freshest information.
GlassWorm Plants Malicious VS Code Extensions in OpenVSX, Leveraging Unicode Tricks and Blockchain C2
Threat actors tracked as GlassWorm have again compromised the Visual Studio Code ecosystem by publishing three new malicious extensions to ...
Windows 11 KB5067036 Leaves Task Manager Running in Background, Causing CPU and RAM Drain
Microsoft’s optional update KB5067036, released on October 28, 2025 for Windows 11 versions 24H2 and 25H2, introduces a regression that ...
AI-Powered Metamorphic Malware Emerges: Google GTIG Flags PromptFlux and Rising LLM Abuse
Google’s Threat Intelligence Group (GTIG) is tracking a notable shift in adversary tradecraft: threat actors are embedding large language models ...
LandFall: New Spyware Uses WhatsApp DNG Zero‑Click to Exploit Samsung Galaxy Zero‑Day (CVE‑2025‑21042)
Palo Alto Networks has identified a previously unknown surveillance platform, LandFall, that abused a zero‑day flaw in select Samsung Galaxy ...
Post SMTP CVE-2025-11833 is under active attack: update WordPress sites to 3.6.1+
Attackers are actively targeting WordPress sites via a critical vulnerability, CVE-2025-11833, in the widely used Post SMTP plugin (over 400,000 ...
Proofpoint: RMM-enabled phishing campaigns hijack logistics systems to reroute cargo
Threat researchers at Proofpoint are tracking a wave of targeted phishing operations against transportation and logistics providers that convert cyber ...
Malicious VS Code Extension “susvsex” Combines Data Exfiltration and AES‑256‑CBC Encryption, Exposing Supply Chain Risk
Researchers at Secure Annex have identified a malicious Visual Studio Code Marketplace extension posing as a benign developer tool yet ...
Android NFC Malware Targets Contactless Payments: HCE Abuse and APDU Tunneling Drive Fraud
Researchers at Zimperium report a sharp rise in Android malware aimed at contactless payments across Eastern Europe. More than 760 ...
PhantomRaven: npm malware campaign exploits Remote Dynamic Dependencies to evade detection
Security researchers at Koi Security report a protracted npm supply chain operation dubbed PhantomRaven that has uploaded 126 malicious packages ...
CSRF + Persistent Memory Flaw Exposes ChatGPT Atlas to Stealthy Prompt Injection
Security researchers at LayerX have identified a vulnerability in OpenAI’s new ChatGPT Atlas browser that combines Cross-Site Request Forgery (CSRF) ...
