Latest Cybersecurity News and Articles
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
A phishing campaign is targeting Spanish-speaking users in Latin America and Europe, delivering banking trojans like Casbaneiro and Horabot. The campaign employs dynamic PDF lures, WhatsApp automation, and ClickFix social engineering tactics.
'NoVoice' Android malware on Google Play infected 2.3 million devices
The NoVoice Android malware has been discovered on Google Play, infecting over 2.3 million devices. It exploits old Android vulnerabilities to gain root access and primarily targets WhatsApp for data theft.
Anthropic Claude Code Leak
Anthropic's Claude Code was accidentally leaked, exposing 59.8 MB of source code (513,000 lines, 1,906 files). The leak has been widely distributed on GitHub, with over 84,000 stars and 82,000 forks, posing significant security risks.
Crypto platform Drift suspends services after millions stolen in security incident
Drift Protocol, a decentralized finance platform, has suspended its services following a significant cyberattack resulting in the theft of hundreds of millions of dollars in cryptocurrency.
Telnyx package latest hit in PyPI supply-chain compromise
The Telnyx Python SDK on PyPI has been compromised by TeamPCP, a group linked to the Trivy supply-chain attack. The malicious package versions 4.87.1 and 4.87.2 contain a multi-stage infostealer.
15-Year-Old strongSwan Flaw Lets Attackers Crash VPNs via Integer Underflow
A critical vulnerability, CVE-2026-25075, has been identified in strongSwan's EAP-TTLS plugin, affecting versions 4.5.0 to 6.0.4. This flaw allows attackers to crash VPN services through an integer underflow, leading to massive memory corruption.
Cybercriminals say they hacked the city of Meriden, CT and stole data
A ransomware group named Inc has claimed responsibility for a cyberattack on the city of Meriden, CT. The attack, reported by city officials on February 17, has caused significant disruptions, with services still being restored over a month later.
New RoadK1ll WebSocket implant used to pivot on breached networks
RoadK1ll is a newly identified Node.js implant that enables threat actors to pivot within breached networks. It blends into normal network activity and does not rely on an inbound listener, using a custom WebSocket protocol for communication.
An AI-powered phishing campaign has compromised hundreds of organizations
An AI-powered phishing campaign has compromised 344 organizations across sectors such as construction, law, healthcare, and government. The campaign exploits Microsoft cloud accounts using OAuth tokens.
Hacker walks away with $24.5 million after breaching Resolv DeFi platform
A cyberattack on the Resolv DeFi platform resulted in the unauthorized creation of $80 million worth of USR stablecoin, which was exchanged for 11,408 ETH, valued at $24.5 million.
Defend Against Threats with Cyber Fusion
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.
Learn More
Trending Tags
