These scams, which have evolved from simple fake ads to sophisticated operations using Telegram bots, are targeting online marketplaces and deceiving users into divulging their financial information.

A Pakistan-linked APT group has been found creating a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country.

In the latest campaign, Sophos X-Ops researchers found PJobRAT samples disguising themselves as instant messaging apps. As per their telemetry, all the victims appeared to be based in Taiwan.

A series of security vulnerabilities has been identified in Artifex Ghostscript, a widely used interpreter for PostScript and PDF files. These vulnerabilities could lead to buffer overflows and unauthorized file access.

A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of EDRKillShifter to disable endpoint security software, according to ESET.

The redirections have been found to occur via JavaScript hosted on five different domains (e.g., "zuizhongyj[.]com") that, in turn, serve the main payload responsible for performing the redirects.

Successful exploitation could allow the attacker to “store arbitrary files on the server where the product is running“. The consequences of this are severe, as it “can be leveraged to execute an arbitrary script on the server“.

Morphing Meerkat likely delivered thousands of spam emails, with the phishing messages using compromised WordPress websites and open redirect vulnerabilities on advertising platforms like Google-owned DoubleClick to bypass security filters.

This week, Google has released out-of-band fixes to address a high-severity security vulnerability, tracked as CVE-2025-2783, in the Chrome browser for Windows. The flaw was actively exploited in attacks targeting organizations in Russia.

Researchers at Cofense warned of a growing number of phishing campaigns leveraging trusted online document platforms, such as Adobe, DocuSign, Dropbox, Canva, and Zoho, to evade secure email gateways (SEGs) and steal credentials.