A massive ad-fraud operation called SlopAds was found operating through 224 Android apps, which together were downloaded 38 million times across 228 countries and territories. The apps inflated ad impressions and clicks using hidden techniques, sending about 2.3 billion bid requests every day at its peak. The apps carried out this fraud in a stealthy […]
The Akira ransomware group has ramped up its attacks on SonicWall devices, exploiting a critical SSL VPN vulnerability and misconfigurations to gain unauthorized access. Security researchers have observed a surge in intrusions linked to SonicWall firewalls since late July 2025, particularly involving the flaw designated CVE-2024-40766, which scored 9.3 in severity. This issue stemmed from […]
Cybersecurity researchers have linked a new wave of attacks on financial institutions to the notorious group known as Scattered Spider, contradicting their earlier statements that they were disbanding. The group has shifted its focus toward the financial services industry, creating look-alike domains aimed at organizations in that sector, and launching a recent targeted intrusion against […]
In a joint operation, Microsoft’s Digital Crimes Unit and Cloudflare have dismantled RaccoonO365, a phishing-as-a-service (PhaaS) network, by seizing 338 domains tied to the toolkit. The network had been used to steal over 5,000 Microsoft 365 credentials across 94 countries since July 2024. The action was enabled by a court order from the Southern District […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two serious security problems—one in WhatsApp and another in a TP-Link Wi-Fi device—to its Known Exploited Vulnerabilities list. When a flaw makes this list, it means hackers have already taken advantage of it in real-world attacks, so quick action is needed to protect against further […]
Cloudflare recently stopped one of the largest cyberattacks ever recorded, which reached a peak of 11.5 terabits per second (Tbps). The attack used a flood of data traffic to overwhelm systems but lasted only about 35 seconds before Cloudflare’s defenses automatically kicked in and shut it down. The company explained that its systems have been […]
A group of hackers linked to Iran recently carried out a worldwide email attack aimed at embassies and diplomatic offices. These cybercriminals sent fake emails designed to look like official diplomatic messages, tricking recipients into opening a harmful document disguised as a Microsoft Word file. The troubling part? When the document was opened, it prompted […]
Google has released a major security update for Android phones that fixes more than 120 different issues. Two of these problems were especially serious because hackers had already found ways to use them in real attacks before the fixes were available. These flaws made it possible for attackers to take control of parts of the […]
Security researchers have discovered that hackers are taking advantage of a flaw in Microsoft Windows, identified as CVE-2025-29824, to secretly install malware on victims’ computers. The malware, called PipeMagic, has been linked to ransomware attacks known as RansomExx, which can lock people out of their files until a ransom is paid. The attackers tricked users […]
A new wave of Android malware is targeting banking customers, starting in Brazil, with a malicious app called PhantomCard. The app is disguised as a card protection tool and is promoted through fake Google Play pages that even include phony positive reviews to make it appear trustworthy. Once installed, the app asks users to place […]