VoidLink Malware Targets Linux Cloud Servers
Security researchers have identified VoidLink malware as a new and highly sophisticated framework built specifically for Linux cloud environments. Rather than acting as a single-purpose backdoor, VoidLink functions as a full post-exploitation platform. It focuses on persistence, stealth, and long-term operational control inside virtual machines, containers, and cloud workloads. VoidLink malware reflects a shift in attacker priorities. Cloud servers now
Telegram Proxy IP Leak Exposes Users With a Single Click
A newly highlighted Telegram proxy IP leak has raised serious concerns about user privacy and false assumptions around anonymity. Security researchers have revealed that specially crafted Telegram proxy links can expose a user’s real IP address instantly. The attack requires only one click and no further interaction. The issue does not rely on malware or account compromise. Instead, it abuses
Instagram Data Leak Reports Dismissed by Meta
Claims of an Instagram data leak involving millions of user accounts spread quickly across hacking forums and social media. Posts advertising a dataset tied to roughly 17 million accounts raised immediate concerns about platform security and user privacy. The allegations triggered a rapid response from Instagram and its parent company Meta, which both denied that a breach had occurred. According
BreachForums database leak exposes 324,000 forum accounts
A major BreachForums database leak has exposed account data linked to roughly 324,000 users of the well-known hacking forum. The leaked dataset surfaced online after unknown parties gained access to the forum’s user database and published it publicly. Although the exposure does not include plaintext passwords, the incident still presents serious risks for users who relied on anonymity. The leak
WhatsApp Banking Worm Delivers Astaroth Trojan
A new WhatsApp banking worm highlights how messaging platforms have become powerful tools for malware distribution. Instead of relying on email phishing, this campaign spreads the Astaroth banking trojan through trusted WhatsApp conversations, abusing automated behavior inside WhatsApp Web sessions. The result is a fast-moving infection chain that blends seamlessly into everyday communication. Because messages originate from known contacts, victims
KimWolF Android Botnet Targets Networks via Residential Proxies
Android devices increasingly play a role far beyond personal communication, and the KimWolF Android botnet highlights how attackers now weaponize that reality. Instead of relying on traditional external attacks, this campaign abuses residential proxy infrastructure to blend malicious activity into everyday network traffic. By compromising Android devices that appear to belong to ordinary households, attackers gain access to networks that
ClickFix BSOD Attack Pushes Malware via Fake Crashes
Fake system crashes have become a powerful tool for modern malware campaigns. Instead of exploiting software flaws, attackers increasingly rely on fear and urgency to push users into dangerous actions. One of the clearest examples of this shift is the ClickFix BSOD attack, which uses convincing Windows Blue Screen of Death visuals to manipulate victims into executing malicious commands themselves.
Transparent Tribe RAT Evolves With Cross-Platform Support
Transparent Tribe RAT has emerged as a new tool in a long-running cyber-espionage campaign linked to a South Asia–focused threat actor. Security researchers have identified a newly developed remote access trojan capable of targeting both Windows and Linux systems, marking a clear expansion in platform coverage. This development matters because it reflects a deliberate shift toward persistence and stealth. Instead
Glassworm Malware Spreads via Fake Crypto Wallets on macOS
Glassworm malware has emerged as a new threat targeting macOS users who rely on cryptocurrency wallets. The campaign spreads through trojanized wallet applications that appear legitimate but secretly deliver a data-stealing payload. This activity highlights how attackers continue to abuse user trust and familiar software to bypass security controls on macOS systems. Unlike loud ransomware attacks, Glassworm focuses on stealth
European Space Agency Breach Linked to External Servers
A confirmed European Space Agency breach has drawn attention to the growing security risks tied to external digital infrastructure used by major institutions. The incident involved servers that support collaboration with external partners rather than core mission systems, yet the scope of the exposure has raised serious concerns across the cybersecurity community. The case highlights how attackers increasingly target secondary
