Malicious VSCode extension in Cursor IDE led to $500K crypto theft

A malicious VSCode-compatible extension named Solidity Language distributed via the Cursor AI IDE's Open VSX registry led to the theft of $500,000 in cryptocurrency. The extension impersonated a legitimate Ethereum smart contract syntax highlighter.

Russia-linked group spoofing European journalists to spread disinformation

A Russian state-linked threat actor, Storm-1516, has launched a sophisticated disinformation campaign across Europe by impersonating legitimate journalists and publishing fabricated stories on spoofed news websites.

Dordt University notifies 34K+ people of April 2024 data breach that compromised SSNs, medical info

Dordt University has notified 34,251 individuals of a data breach stemming from a ransomware attack by the BianLian group. The breach occurred between April 21 and May 16, 2024, but notifications were only issued in July 2025—14 months later.

Indian Police Raid Tech Support Scam Call Center

Indian law enforcement, in collaboration with international agencies, has dismantled a fraudulent tech support call center operation targeting victims in the UK, US, and Australia through fraudulent tech support schemes.

WordPress Gravity Forms developer hacked to push backdoored plugins

A supply-chain attack has compromised the popular WordPress plugin Gravity Forms, affecting manual and composer installations of versions 2.9.11.1 and 2.9.12 downloaded between July 10 and 11, 2025.

Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now

A critical pre-authentication remote code execution (RCE) vulnerability, tracked as CVE-2025-25257, has been disclosed in Fortinet FortiWeb. The flaw allows unauthenticated attackers to execute arbitrary code on vulnerable servers.

Stealthy PHP Malware Uses ZIP Archive to Redirect WordPress Visitors

A new stealthy PHP malware campaign has been discovered targeting WordPress websites. The malware leverages the `zip://` PHP wrapper to include obfuscated malicious code from a ZIP archive embedded in the WordPress core file `wp-settings.php`.

Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub

A critical security issue has been identified in Laravel applications due to leaked APP_KEYs on GitHub, enabling attackers to exploit deserialization vulnerabilities and achieve remote code execution. Over 600 applications are confirmed vulnerable.

Google Gemini flaw hijacks email summaries for phishing

By embedding hidden instructions in emails, attackers can manipulate Gemini to generate misleading summaries that direct users to phishing sites—without using traditional indicators like attachments or links.

eSIM Vulnerability in Kigen's eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks

A critical vulnerability in Kigen's eUICC cards used in eSIM technology exposes billions of IoT devices to potential compromise. As of December 2020, Kigen has enabled over two billion SIMs in IoT devices.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags