Microsoft has issued a warning about a threat actor identified as Storm-2657, which is hijacking employee accounts to reroute salary payments into accounts controlled by attackers. The group has reportedly focused on U.S. organizations, particularly in sectors like higher education, exploiting HR software–as–a–service (SaaS) platforms such as Workday. Although Microsoft notes that any SaaS system […]
OpenAI recently announced that it has disrupted three distinct hacker clusters that were using ChatGPT to assist in malicious operations. One cluster, tied to Russian-speaking groups, leveraged multiple accounts to prototype and refine a remote access trojan (RAT) and a credential stealer. Though the models refused direct requests for harmful code, the attackers worked around […]
Microsoft has rolled out patches for 183 security vulnerabilities across its products this October, including three flaws already being exploited in the wild. Among them, two zero-days affect Windows systems and allow attackers to elevate privileges. One vulnerability involves the ltmdm64.sys driver (part of the Agere modem stack), which ships with every Windows installation—even if […]
Microsoft has taken steps to strengthen security around its Internet Explorer (IE) compatibility mode in Edge after learning that hackers had been using the legacy feature as a backdoor into systems. In August 2025, reports revealed that unknown threat actors exploited IE mode by combining social engineering with zero-day vulnerabilities in the old Chakra JavaScript […]
A new kind of cyber threat has emerged: malware that uses GPT-4 — the same type of AI behind advanced chat assistants — to generate malicious programs like ransomware. It’s like giving a weapon the ability to forge its own bullets. Researchers have discovered a prototype called MalTerminal that does just that. MalTerminal is a […]
A dangerous new Android malware called Datzbro has been discovered, and it’s specifically tricking seniors through fake Facebook groups and AI-generated posts. The attackers are pretending to organize friendly travel or community events, but their real goal is to convince people to install malicious apps that give hackers full control of their phones. The scam […]
Google’s new AI assistant, Gemini, had some serious security holes — and researchers say hackers could’ve used them to sneak in, steal data, or manipulate the system in sneaky ways. The good news is: these flaws have been patched. Here’s what went wrong, how it could’ve been abused, and what it means for you. What […]
A serious new security flaw has been uncovered in VMware software, and reports show that hackers linked to China have been quietly using it since October of last year. This issue affects several VMware products used by businesses around the world, including tools for managing virtual machines and cloud platforms. What’s the Problem? The flaw […]
A massive ad-fraud operation called SlopAds was found operating through 224 Android apps, which together were downloaded 38 million times across 228 countries and territories. The apps inflated ad impressions and clicks using hidden techniques, sending about 2.3 billion bid requests every day at its peak. The apps carried out this fraud in a stealthy […]
The Akira ransomware group has ramped up its attacks on SonicWall devices, exploiting a critical SSL VPN vulnerability and misconfigurations to gain unauthorized access. Security researchers have observed a surge in intrusions linked to SonicWall firewalls since late July 2025, particularly involving the flaw designated CVE-2024-40766, which scored 9.3 in severity. This issue stemmed from […]