Cybersecurity News

Cloudflare has unveiled AI Labyrinth, a groundbreaking security solution designed to combat unauthorized AI data collection through an innovative deception-based approach. This sophisticated system represents a significant advancement in web resource protection, employing dynamic content generation to create elaborate mazes of authentic-looking but irrelevant information that effectively confounds AI crawlers. The Growing Threat of AI … Read more

In a significant cybersecurity achievement, threat intelligence firm Resecurity has successfully compromised the infrastructure of the notorious BlackLock ransomware group, effectively disrupting their operations and preventing numerous potential attacks. This operation marks a crucial victory in the ongoing battle against ransomware threats. BlackLock’s Global Impact and Operational Scope As of February 2025, BlackLock’s criminal activities … Read more

A significant cybersecurity incident has emerged involving Oracle Cloud’s federated Single Sign-On (SSO) infrastructure, with a threat actor claiming to have compromised login.(region).oraclecloud.com servers and exfiltrated approximately 6 million sensitive records. This development warrants immediate attention from security professionals and organizations utilizing Oracle Cloud services. Breach Claims and Technical Impact Assessment The threat actor, operating … Read more

Cybersecurity researchers at Bitdefender have uncovered a significant tactical evolution in the operations of the notorious RedCurl hacking group. The threat actor, previously known exclusively for corporate espionage, has expanded its arsenal with QWCrypt, a sophisticated ransomware specifically engineered to target Microsoft Hyper-V virtual machines. RedCurl’s Strategic Evolution and Global Impact First identified by Group-IB … Read more

Security researchers at Acros Security have uncovered a significant zero-day vulnerability affecting all modern Windows operating systems, enabling attackers to steal user credentials through the NTLM protocol with minimal user interaction. The critical security flaw can be triggered simply by opening a malicious file in Windows Explorer, making it particularly dangerous for enterprise environments. Technical … Read more

A sophisticated phishing attack has successfully compromised the Mailchimp account of Troy Hunt, a prominent cybersecurity expert and founder of Have I Been Pwned, resulting in unauthorized access to approximately 16,000 subscriber records. This incident highlights the evolving complexity of modern phishing tactics and the persistent challenges in securing digital communications. Anatomy of an Advanced … Read more

Security researchers at Reversing Labs have uncovered a sophisticated supply chain attack targeting the npm ecosystem, specifically affecting Ethereum development libraries. The attack involves two malicious packages that demonstrate advanced persistence capabilities, remaining active even after their removal from the system. Advanced Persistent Threat: Understanding the Attack Mechanism The discovered malicious packages, ethers-provider2 and ethers-providerz, … Read more

Security researchers at Silent Push have uncovered a sophisticated phishing campaign targeting Counter-Strike 2 players through an advanced browser-in-the-browser (BiTB) attack technique. The operation employs meticulously crafted fake Steam login windows that are virtually indistinguishable from legitimate authentication portals. Sophisticated Social Engineering Leverages Gaming Community Trust The threat actors have orchestrated their campaign by impersonating … Read more

Security researchers at ReversingLabs have uncovered a significant security breach in the Visual Studio Code marketplace, where two extensions were found containing hidden ransomware capabilities. The compromised extensions, identified as “ahban.shiba” and “ahban.cychelloworld,” managed to evade detection for several months, highlighting critical vulnerabilities in the marketplace’s security verification process. Technical Analysis of the Malicious Extensions … Read more

Cybersecurity researchers have concluded their investigation into a sophisticated supply chain attack targeting GitHub Actions, revealing that while 23,000 repositories utilized the compromised tj-actions/changed-files component, only 218 repositories experienced actual secret exposure. The investigation uncovered that cryptocurrency exchange Coinbase was the primary target, with subsequent propagation occurring as collateral damage. Attack Vector Analysis: Supply Chain … Read more