Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware
The threat actor known as Silver Fox has turned its focus to India, using income tax-themed lures in phishing campaigns to distribute […]
How to Integrate AI into Modern SOC Workflows
Artificial intelligence (AI) is making its way into security operations quickly, but many practitioners are still struggling to turn early experimentation into […]
Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor
The Chinese hacking group known as Mustang Panda has leveraged a previously undocumented kernel-mode rootkit driver to deliver a new variant of […]
Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors
In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August […]
⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More
Last week’s cyber news in 2025 was not about one big incident. It was about many small cracks opening at the same […]
MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide
A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified […]
27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials
Cybersecurity researchers have disclosed details of what has been described as a “sustained and targeted” spear-phishing campaign that has published over two […]
New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory
A high-severity security flaw has been disclosed in MongoDB that could allow unauthenticated users to read uninitialized heap memory. The vulnerability, tracked […]
Trust Wallet Chrome Extension Breach Caused $7 Million Crypto Loss via Malicious Code
Trust Wallet is urging users to update its Google Chrome extension to the latest version following what it described as a “security […]
China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware
A China-linked advanced persistent threat (APT) group has been attributed to a highly-targeted cyber espionage campaign in which the adversary poisoned Domain […]
Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection
A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and […]
ThreatsDay Bulletin: Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories
It’s getting harder to tell where normal tech ends and malicious intent begins. Attackers are no longer just breaking in — they’re […]