A critical vulnerability, CVE-2025-68493, has been identified in Apache Struts 2, affecting versions 2.0.0 through 6.1.0. This flaw, discovered by Zast AI, involves unsafe XML parsing in the XWork component, which can lead to system crashes.

The GhostPoster malware campaign has been active for five years, affecting over 840,000 users through browser extensions on Chrome, Firefox, and Edge. The malware uses hidden payloads within PNG images to evade detection.

A sophisticated phishing scam is leveraging PayPal's legitimate invoice system to deceive users by sending verified invoices with fake support numbers. This scam bypasses traditional email security filters, posing a significant threat to users.

A major data breach has impacted Gulshan Management Services, a Texas-based company operating over 150 gas stations under the Handi Plus and Handi Stop brands. The breach exposed sensitive personal information of more than 377,000 individuals

The Claude Chrome extension, developed by Anthropic, poses significant data exposure risks. This extension allows AI to browse and interact with websites on behalf of users, potentially bypassing traditional web security measures.

The FBI has successfully dismantled an online marketplace operated by Zahid Hasan from Bangladesh, which sold fake ID templates. This operation, known as TechTreek, involved the sale of digital templates for fraudulent identification documents.

Hackers have been using Nezha with scripts containing Simplified Chinese messages, and their command center is hosted on Alibaba Cloud services in Japan. This activity is part of a broader trend of digital warfare.

Frogblight is a newly identified Android malware targeting users in Turkiye. It spreads through smishing attacks, masquerading as legitimate court and aid applications. The malware uses the Turkish name 'Davalar?m' to appear legitimate.

PyStoreRAT is a newly identified malware targeting OSINT researchers and IT professionals through GitHub. It is distributed via fake OSINT tools and other software, leveraging AI to build trust and evade detection.

ChrimeraWire trojan manipulates search engine rankings by simulating user activity through Chrome. Unlike traditional malware, it focuses on boosting the visibility of specific websites in search results rather than stealing data or encrypting files.