Between June and December 2025, the software update infrastructure supporting Notepad++ was covertly compromised and abused as a delivery mechanism for state-aligned cyber-espionage malware. The operation did not involve sourceRead More →
Essentially, application programming interfaces (APIs) exist to allow two different software programs to communicate and exchange data with each other. This functionality is key to the modern application ecosystem, leadingRead More →
The Intellexa Leaks have transformed Predator from a partially understood “mercenary spyware product” into a clearly mapped, industrial-grade offensive surveillance platform. The leaked training videos, internal OPSEC documentation, marketing decks,Read More →
It is always a good practice to plan ahead any migration so as to avoid unnecessary struggle and challenges that might occur at the last minute. With Exchange Server 2016Read More →
PROMPTFLUX is an experimental VBScript dropper that issues runtime POSTs to the Gemini API (specifying gemini-1.5-flash-latest) using an embedded API credential, requests code-only VBScript obfuscations, logs the model responses locally,Read More →
SquareX Labs demonstrates a practical, low-friction attack class — AI Sidebar Spoofing — where a malicious browser extension or attacker-controlled page injects a visually identical, writable AI sidebar into theRead More →
The U.S. Secret Service’s recent seizure of 300 SIM servers and 100,000 SIM cards in New York highlights a growing national security issue: the weaponization of telecom infrastructure for fraud,Read More →
In what is now considered the largest npm supply-chain compromise in history, attackers hijacked 18 widely used npm packages — including chalk, debug, ansi-styles, and strip-ansi — with a staggeringRead More →
Agentic AI browsers (e.g., Microsoft Copilot in Edge, OpenAI’s “agent mode” sandboxed browser, and Perplexity’s Comet) are designed to autonomously browse, click, shop, and interact with content on behalf ofRead More →
In a case that redefines the boundaries of modern cybercrime, a threat actor known as UNC2891 has carried out a multi-vector cyber-heist targeting ATM infrastructure across several banking institutions. Group-IB’sRead More →
