A newly disclosed vulnerability dubbed ImageRunner, uncovered by Tenable Research, exposed a subtle yet powerful privilege escalation pathway in Google Cloud Platform’s Cloud Run service. The vulnerability, now patched byRead More →
Two malicious Visual Studio Code (VSCode) extensions were recently discovered deploying early-stage ransomware, raising serious concerns about the security of Microsoft’s extension vetting process. Identified by cybersecurity firm ReversingLabs, theRead More →
A well-known hacking group called GreenCharlie (also known as APT42, TA453, or Mint Sandstorm) has set up new online infrastructure between January and February 2025, which is believed to beRead More →
A cybercriminal named “mr. Guram,” affiliated with the notorious “Ramp” group, has launched Mimic v.10, a new Ransomware-as-a-Service (RaaS) program, allowing hackers and Initial Access Brokers (IABs) to distribute ransomwareRead More →
On February 21, 2025, cybersecurity expert Jason Haddix, from Arcanum Information Security, released MSFTRecon—a powerful tool designed to scan Microsoft 365 and Azure for security loopholes, misconfigurations, and attack pathsRead More →
A cybercriminal known as “7****7” is selling a database of 45,000 Chinese women living in the US on a dark web marketplace called Chang’An Sleepless Night for $350. The databaseRead More →
A large-scale malware campaign, dubbed FatBoyPanel, is targeting Android users in India, compromising over 50,000 victims. Security researchers from Zimperium attribute this attack to a single threat actor deploying overRead More →
A new artificial intelligence (AI) tool called GhostGPT is being misused by cybercriminals to create harmful programs, hack systems, and send convincing phishing emails. Security researchers from Abnormal Security foundRead More →
In a critical security disclosure, the Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Food and Drug Administration (FDA) have warned healthcare providers and cybersecurity professionals about a high-riskRead More →
Wallarm’s 2025 API ThreatStats Report uncovers a dramatic 1,025% rise in AI-centric security flaws over the past year. Researchers cataloged 439 AI-related CVEs in 2024, and nearly every one—99%—traced backRead More →
