Tag: DISCOVERY

OpenAI Offering 0K Bounties for Critical Vulnerabilities
Summary: OpenAI has increased its bug bounty payout to 0,000 to enhance the discovery of critical vulnerabilities. This initiative is part of a larger security program that includes funding for cybersecurity research and collaboration with experts. OpenAI is actively inviting hackers to propose projects and providing microgrants to accelerate the development of innovative security solutions.…
Read More
New Phishing Campaign Uses Browser-in-the-Browser Attacks to Target Video Gamers/Counter-Strike 2 Players
A new phishing campaign targets Counter-Strike 2 players through complex browser-in-the-browser (BitB) phishing attacks using fake pop-up windows that impersonate legitimate sites. The campaign aims to steal Steam credentials, especially affecting fans of the esports team Navi, with potential resale of compromised accounts on various platforms.…
Read More
Defense Contractor Morse Corp Settles Cybersecurity Fraud Allegations for .6M
Summary: Morse Corp Inc., a Massachusetts defense contractor, will pay .6 million to settle allegations of cybersecurity fraud after misrepresenting compliance with federal cybersecurity standards. The lawsuit was initiated by whistleblower Kevin Berich, with the U.S. Department of Justice supporting the case, revealing that the company failed to implement essential cybersecurity controls.…
Read More
Austria uncovers alleged Russian disinformation campaign spreading lies about Ukraine
Summary: Austrian authorities have uncovered a Russian disinformation campaign targeting German-speaking countries, particularly Austria, linked to a Bulgarian woman spying for Russia. The campaign involved spreading false narratives and nationalist messages, falsely attributed to pro-Ukrainian activists, and was revealed through investigations into the woman’s electronic devices.…
Read More
Chrome Releases Critical Update to Address CVE-2025-2783 Vulnerability
Summary: Google has released a critical security update for Chrome to address the high-severity vulnerability CVE-2025-2783 affecting the Windows version of the browser. The update, made available on March 25, 2025, fixes an issue within the Mojo component that could lead to potential system compromises. Users are advised to manually check for updates and exercise caution while browsing to avoid falling victim to exploits.…
Read More
SnakeKeylogger: A Multistage Info Stealer Malware Campaign
The SnakeKeylogger campaign illustrates a sophisticated credential-stealing threat targeting both individuals and businesses. Utilizing multi-stage infection techniques, it cleverly evades detection while harvesting sensitive data from various platforms. Attackers employ malicious spam emails containing disguised executable files to initiate the infection. Affected: Individuals, Businesses, Email Clients, Web Browsers, FTP Clients.…
Read More
YouTube Creators Under Siege Again: Clickflix Technique Fuels Malware Attacks
This report reveals a sophisticated malware campaign targeting YouTube creators through spearphishing, utilizing the Clickflix technique to deceive victims into executing malicious scripts. Attackers leverage brand impersonation and exploit interest in professional collaborations to spread malware via meticulously crafted phishing emails. Once activated, the malware steals sensitive data or allows remote access.…
Read More
The Curious Case of PlayBoy Locker
Cybereason’s Threat Analysis report discusses the emerging PlayBoy Locker Ransomware-as-a-Service (RaaS), detailing how it enables less-skilled cybercriminals to conduct ransomware attacks through a comprehensive toolkit. The platform provides affiliates with customized ransomware capabilities, regular updates, and customer support, thus representing a growing threat. Affected: Ransomware, Cybersecurity, Dark Web, Affiliates

Keypoints :

PlayBoy Locker RaaS is designed for less-skilled attackers with a complete toolkit for launching ransomware attacks.…
Read More
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker
Summary: A recent investigation has revealed nearly 200 unique command-and-control domains linked to the malware Raspberry Robin, a complex threat actor that acts as an initial access broker for various criminal groups, particularly those associated with Russia. This malware facilitates access for various malicious strains and employs multiple distribution methods, including USB propagation and communication via Discord.…
Read More
CVE-2025-2783: Chrome Zero-Day Exploited in State-Sponsored Espionage Campaign
Summary: Kaspersky Labs has identified a complex cyber-espionage campaign named Operation ForumTroll, utilizing a new Google Chrome zero-day exploit (CVE-2025-2783) initiated through spear-phishing emails. The attack required no additional action from victims once they accessed the malicious link, with the exploit bypassing Chrome’s sandbox protections. This operation is believed to be conducted by a state-sponsored APT group targeting Russian media, educational institutions, and government organizations.…
Read More
Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky
Summary: Google has released a patch for a critical vulnerability (CVE-2025-2783) in its Chrome browser that was exploited in a state-sponsored cyberespionage campaign. Kaspersky identified this vulnerability as part of a sophisticated attack targeting Russian organizations, utilizing drive-by downloads through phishing techniques. The patch was expedited following the discovery of a sandbox escape flaw that compromised Chrome’s security measures.…
Read More
Raspberry Robin: Copy Shop USB Worm Evolves to Initial Access Broker Enabling Other Threat Actor Attacks
The article discusses the ongoing threat posed by Raspberry Robin, a sophisticated initial access broker (IAB) linked to various cybercriminal organizations, particularly those connected to Russia. It highlights recent findings such as the discovery of nearly 200 unique command and control domains, the involvement of Russian GRU’s Unit 29155, and the threat actor’s evolution in attack methodologies.…
Read More

Summary: The video discusses the challenges faced by beginners in penetration testing and emphasizes the foundational skills necessary for success in the field. It underscores the importance of coding, networking, and system administration as essential pillars that aspiring penetration testers should focus on to enhance their capabilities and effectively identify vulnerabilities.…
Read More
New Android malware uses Microsoft’s .NET MAUI to evade detection
Summary: New Android malware campaigns leveraging Microsoft’s .NET MAUI framework have emerged, allowing attackers to disguise malicious apps as legitimate services to evade detection. These tactics, first reported by McAfee, pose a significant security risk, especially as targeting could expand beyond China and India. The use of multi-layered encryption and the unique storage of app logic in binary blob files complicates detection efforts further.…
Read More
New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI  | McAfee Blog
The article discusses the emergence of malware campaigns utilizing .NET MAUI, a new cross-platform development framework, to evade detection and steal sensitive user information. These malicious apps disguise themselves as legitimate services and often target users from unofficial app stores or through phishing links. Recommendations for user protection against such threats are provided.…
Read More
Active Lumma Stealer Campaign Impacting U.S. SLTTs
The Lumma Stealer malware has been observed targeting U.S. State, Local, Tribal, and Territorial (SLTT) government organizations through fake CAPTCHA verification pages that trick users into executing malicious PowerShell scripts. This malware, available as a Malware-as-a-Service, specializes in stealing sensitive data. Cyber threat actors utilize a variety of deceptive tactics and defense evasion techniques to deliver the malware and avoid detection.…
Read More
Unveiled the Threat Actors
This article explores various threat actors known for their significant cyber attacks, detailing their origins, techniques, and famous hacks. It categorizes these actors by their affiliations, such as state-sponsored and financially motivated groups, providing insight into their behaviors and methodologies. Affected: Government networks, financial institutions, healthcare, energy sector, retail, hospitality, media, technology, and more.…
Read More
Tempted to Classifying APT Actors: Practical Challenges of Attribution in the Case of Lazarus’s Subgroup
The article discusses the evolution of the Lazarus group, indicating that it has now transformed into a collection of subgroups rather than a single entity. It emphasizes the importance of understanding these subgroups, their tactics, and their individual characteristics for effective cyber defense strategies. Affected: Japan, cryptocurrency sector, defense industry, aviation industry

Keypoints :

The term “Lazarus” has evolved from a singular APT group to multiple subgroups.…
Read More