HexaLocker Ransomware: A Modern Threat Forged for Maximum Pressure
HexaLocker Ransomware: A Modern Threat Forged for Maximum Pressure HexaLocker is a contemporary ransomware strain making waves across cybersecurity circles for its aggressive dual-threat capabilities: data encryption and the threat of public exposure. Once embedded within a target system, it encrypts critical files and simultaneously exfiltrates sensitive data. Victims are coerced not only with file […]
Surge in GPS Spoofing Threatens Aviation Safety in Middle East
Surge in GPS Spoofing Threatens Aviation Safety in Middle East GPS spoofing a cyber technique once confined to academic research and niche military applications has rapidly evolved into a widespread and dangerous threat. In 2024 alone, aviation operators reported hundreds of spoofing incidents, particularly across the Middle East and Southeast Asia. By manipulating satellite-based positioning […]
Digital Crumbs: Exploiting Entra ID’s Session Cookies to Breach Microsoft 365
Digital Crumbs: Exploiting Entra ID’s Session Cookies to Breach Microsoft 365 In a recent wave of sophisticated cyberattacks, security researchers uncovered a stealthy campaign dubbed “Cookie Bite,” which targets Microsoft Entra ID (formerly Azure Active Directory) to compromise Microsoft 365 accounts. The attackers abuse OAuth and session tokens to bypass multi-factor authentication (MFA) protections and […]
Critical Remote Code Execution Vulnerability in Cisco Webex App
Critical Remote Code Execution Vulnerability in Cisco Webex App Cisco has disclosed a critical vulnerability tracked as CVE-2025-20236, affecting its popular Webex video conferencing platform. This flaw allows attackers to execute code remotely on a user’s machine. All they need to do is trick someone into clicking a specially crafted meeting link. The vulnerability lies […]
Android Phones Preloaded with Trojanized WhatsApp Target User Crypto Wallets
Android Phones Preloaded with Trojanized WhatsApp Target User Crypto Wallets Cheap Android smartphones mainly from Chinese manufacturers have been found preloaded with trojanized versions of WhatsApp and Telegram. These malicious apps contain clipper malware that targets cryptocurrency users by intercepting clipboard data and swapping wallet addresses. The malware also steals mnemonic phrases from images, hijacks […]
Waiting Thread Hijacking Malware Technique Bypasses Modern Defenses
Waiting Thread Hijacking Malware Technique Bypasses Modern Defenses Security researchers have uncovered a sophisticated new malware technique called Waiting Thread Hijacking (WTH). This stealthy method is an advanced form of classic Thread Execution Hijacking, designed to evade detection by Endpoint Detection and Response (EDR) systems and antivirus solutions. WTH manipulates waiting threads in Windows Thread […]
Beware Fake PDF Converters: Malware Stealing Passwords
Beware Fake PDF Converters: Malware Stealing Passwords A highly targeted malware campaign is exploiting users’ trust in online file conversion services by mimicking the legitimate platform pdfcandy.com. The attack utilizes fake PDF-to-DOCX converters designed to deceive victims into running a malicious PowerShell script, which installs Arechclient2, a variant of the SectopRAT infostealer. This malware is […]
Vulnerabilities in CrushFTP Could Allow Internal Scanning and SMB File Access
Vulnerabilities in CrushFTP Could Allow Internal Scanning and SMB File Access CrushFTP versions 9.x, 10.x up to 10.8.4, and 11.x up to 11.3.1 are affected by two critical vulnerabilities: CVE-2025-32102 (Server-Side Request Forgery) and CVE-2025-32103 (Directory Traversal). The SSRF flaw stems from improper validation of telnetSocket requests, allowing arbitrary port scanning. The Directory Traversal issue […]
Beware of Malicious Campaigns with HR and Target Employee Trust
Beware of Malicious Campaigns with HR and Target Employee Trust Cybercriminals are taking advantage of Q1 performance evaluations by sending HR-themed phishing emails that impersonate “Human Capital” departments. These deceptive messages create a false sense of urgency and authority, prompting employees to click on malicious links leading to a JotForm survey and a fake Microsoft […]
Critical Remote Vulnerability in Gladinet CentreStack and Triofox Actively Exploited
Critical Remote Vulnerability in Gladinet CentreStack and Triofox Actively Exploited In March 2025, a critical vulnerability identified as CVE-2025-30406 was discovered in Gladinet CentreStack and Triofox platforms. This flaw, stemming from the use of hardcoded cryptographic keys in the web.config files, allows attackers to perform remote code execution (RCE) by exploiting ASP.NET ViewState deserialization. The […]