Malicious Chrome Extensions Are Stealing Your Data
In a new and alarming cybersecurity report, over 100 malicious Google Chrome extensions have been discovered impersonating trusted tools like Fortinet VPN, YouTube downloaders, and AI services. These deceptive extensions were designed not only to lure users with familiar branding, but also to steal sensitive browser data and inject remote scripts. This poses a major threat to anyone using the
Lumma Stealer Disrupted After Infecting 10 Million Devices
In a major win for global cybersecurity, a widespread malware campaign known as Lumma Stealer (LummaC2) has been successfully disrupted after compromising an estimated 10 million systems worldwide. This malicious software, designed to harvest sensitive personal and financial data, had quickly become a tool of choice for cybercriminals across the globe. The takedown marks one of the most significant actions
Ivanti EPMM Security Flaws Exploited By Hackers
Two newly identified Ivanti Endpoint Manager Mobile (EPMM) security flaws, are under active exploitation by a sophisticated hacking group believed to be operating from China. The vulnerabilities, when used together, enable attackers to bypass authentication and remotely execute malicious code, potentially giving them full control of targeted systems. The Vulnerabilities Explained Security experts have flagged two critical issues in Ivanti’s
Fake KeePass Version Executes Ransomware Attacks
A malicious version of the popular open-source password manager KeePass is being used to launch ransomware attacks on VMware ESXi servers. Security researchers have uncovered a trojanized variant, dubbed “KeeLoader” that mimics the real interface while silently compromising users' systems. Once installed, this fake KeePass plants a Cobalt Strike beacon and exfiltrates the user’s password database in plaintext. Thus, paving
France vs VPN Providers: What Happenned?
Recently, an interesting case is gaining traction - France vs VPN providers. In a groundbreaking decision on May 15, 2025, the Paris Judicial Court ruled in favor of French broadcaster Canal+ and the Ligue de Football Professionnel (LFP). Thus, ordering several major VPN providers to block access to over 200 illegal sports streaming websites. The ruling marks the first time
UK Legal Aid Agency Data Breach: Sensitive Information Stolen
The UK Legal Aid Agency (LAA) has confirmed a significant data breach following a cyberattack. The attack compromised sensitive personal information of legal aid applicants, some of which dates back as far as 2010. The breach, uncovered on April 23, 2025, has sparked serious concerns about data protection in the public sector and the security of vulnerable individuals relying on
RVTools Website Hacked to Spread Bumblebee Malware
In a concerning case of software supply chain compromise, the official RVTools website was hacked to distribute malware. RVTools is a trusted utility used by VMware administrators. The installer, normally used to help IT professionals audit virtual environments, was tampered with to deliver the Bumblebee malware loader, a known precursor to ransomware attacks. This incident underscores the persistent and growing
Skitnet Malware Fuels Ransomware Attacks
Ransomware gangs are evolving fast, and their newest weapon, Skitnet malware, proves it. Known alternately as “Bossnet,” this emerging post-exploitation malware is gaining traction among threat actors like BlackBasta and Cactus. Designed for stealth, Skitnet leverages in-memory execution, DNS-based command and control, and anti-forensics to maintain a low profile while enabling persistent remote access. As its use spreads in phishing
Dynamic DNS: The Silent Partner in Modern Cybercrime
In the hectic atmosphere of cyber threats, attackers constantly seek new tools and techniques to evade detection. One such overlooked enabler is Dynamic DNS (DDNS). It’s a legitimate service that’s now being co-opted to power phishing campaigns, malware delivery, and command-and-control operations. While Dynamic DNS was originally designed to help users cope with changing IP addresses, its convenience has unintentionally
Procolored Distributed Malware-Laced Drivers for Half a Year
In an alarming cybersecurity lapse, popular printer brand Procolored has unknowingly distributed malware-infected drivers via its official website for at least six months. The infected software included a Remote Access Trojan (RAT) called XRedRAT and a cryptocurrency stealer known as SnipVex, both capable of compromising user systems and exfiltrating sensitive data. What Happened? The malware was embedded in driver installation
