Threats

APT37 Abuses Facebook, Telegram, and Tampered Installer in New Targeted Intrusion Attack

APT37 Abuses Facebook, Telegram, and Tampered Installer in New Targeted Intrusion Attack

Tushar Subhra Dutta April 13, 2026

A North Korean state-sponsored threat group known as APT37 has launched a new targeted intrusion campaign using...

Critical WordPress Plugin Flaw Lets Attackers Bypass Authentication and Gain Admin Access

Critical WordPress Plugin Flaw Lets Attackers Bypass Authentication and Gain Admin Access

Tushar Subhra Dutta April 13, 2026

A critical security flaw found in a widely used WordPress plugin is putting thousands of websites at...

EngageSDK Vulnerability Exposes Millions of Crypto Wallet Users to Cyberattacks The%20vulnerable%20MTCommonActivity%20activity%20is%20added%20to%20the%20merged%20manifest%20(Source%20-%20Microsoft).webp

The%20vulnerable%20MTCommonActivity%20activity%20is%20added%20to%20the%20merged%20manifest%20(Source%20-%20Microsoft).webp

EngageSDK Vulnerability Exposes Millions of Crypto Wallet Users to Cyberattacks

Tushar Subhra Dutta April 10, 2026

A serious security flaw found inside a widely used Android library called EngageSDK has put over 30...

Hackers Use AiTM Session Hijacking to Redirect Employee Salaries in New Storm-2755 Campaign

Hackers Use AiTM Session Hijacking to Redirect Employee Salaries in New Storm-2755 Campaign

Tushar Subhra Dutta April 10, 2026

A financially motivated threat group called Storm-2755 has launched a campaign that quietly reroutes employee salary payments...

Hackers Use Fake BTS World Tour Ticket Sites to Scam Fans Across Multiple Countries

Hackers Use Fake BTS World Tour Ticket Sites to Scam Fans Across Multiple Countries

Tushar Subhra Dutta April 10, 2026

Cybercriminals are capitalizing on the excitement around BTS’s long-awaited return to the world stage by setting up...

Censys Warns 5,219 Rockwell/Allen-Bradley PLCs Are Exposed Amid Iranian APT Activity

Censys Warns 5,219 Rockwell/Allen-Bradley PLCs Are Exposed Amid Iranian APT Activity

Tushar Subhra Dutta April 10, 2026

The FBI, CISA, NSA, EPA, DOE, and U.S. Cyber Command jointly disclosed on April 7, 2026, that...

Hackers Impersonate Secure Messaging Apps to Deploy ProSpy in Middle East Espionage Attacks

Hackers Impersonate Secure Messaging Apps to Deploy ProSpy in Middle East Espionage Attacks

Tushar Subhra Dutta April 10, 2026

A targeted mobile espionage campaign has been quietly operating across the Middle East since at least 2022,...

Hackers Abuse GitHub and GitLab to Host Malware and Credential Phishing Campaigns

Hackers Abuse GitHub and GitLab to Host Malware and Credential Phishing Campaigns

Tushar Subhra Dutta April 10, 2026

Cybercriminals are now turning two of the most trusted developer platforms in the world — GitHub and...

MuddyWater Turns to Russian Malware-as-a-Service in New ChainShell Campaign

MuddyWater Turns to Russian Malware-as-a-Service in New ChainShell Campaign

Tushar Subhra Dutta April 10, 2026

Iranian state-backed hacking group MuddyWater has made a decisive operational shift, adopting a Russian-built Malware-as-a-Service platform to...

Trojanized OpenVSX Extension Spreads GlassWorm Across VS Code, Cursor, and Windsurf

Trojanized OpenVSX Extension Spreads GlassWorm Across VS Code, Cursor, and Windsurf

Tushar Subhra Dutta April 10, 2026

A fake developer extension published on the OpenVSX marketplace is silently spreading a known malware strain called...

error: Content is protected !!