VSCode Malware and Fake Developer Tools
Harmful VSCode Extensions Spread Early-Stage Ransomware Researchers recently discovered two dangerous extensions in the VSCode Marketplace. Named "ahban.shiba" and "ahban.cychelloworld," these add-ons were designed to launch a piece of ransomware that is still in its testing phase. The marketplace…
0 Comments2 Minutes
Medusa Ransomware on the Rise in 2025 according to the CIA and FBI
Overview The FBI and CISA have recently warned about a growing threat from the Medusa ransomware group. Recent intelligence shows that attacks by this group are happening almost every day this year, with a nearly 45% increase compared to 2024. This surge has prompted government agencies to issue an…
0 Comments3 Minutes
AI Is Not a Toy: A Cybersecurity Guide on AI Dangers and Safe Usage
AI Dangers and Safe Usage Artificial intelligence offers incredible tools—from content creation and photo animation to automating everyday tasks. However, using these tools without proper safeguards can expose you and your organization to serious cybersecurity risks. This guide explores the…
0 Comments15 Minutes
GitHub Actions in Your Workflows Could Leak Data and information
A new security issue has been added to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) list of known risks. The problem comes from a flaw in the tj-actions/changed-files GitHub Action that lets hackers sneak in bad code. The vulnerability is marked as CVE-2025-30066 with a high…
0 Comments3 Minutes
A New Wave in Ad Fraud and Botnet Attacks
Overview A new version of a major ad fraud and residential proxy scheme, known as BADBOX 2.0, has emerged, involving at least four different cybercrime groups. This operation has been described as the largest botnet ever found among connected TV devices and similar gadgets. The scheme infects…
0 Comments5 Minutes
CSS exploits in emails are tracking your actions and data.
Introduction Cybercriminals have found a new way to sneak past email filters and secretly monitor user actions by misusing basic CSS exploits. CSS, a tool normally used to add style and structure to web pages, is now being manipulated in emails to hide extra content and gather details about the…
0 Comments4 Minutes
New Phishing Scam Poses as Booking.com to Steal info
Microsoft has uncovered an ongoing Phishing Attack that targets the hospitality industry by posing as the online travel platform Booking.com. The attack, tracked under the name Storm-1865, began in December 2024 and aims to commit financial fraud and data theft. You might be interested in:…
0 Comments6 Minutes
How SSRF Exploits Can Steal Your Cloud Credentials and Sensitive Data
Coordinated SSRF Exploits on Multiple Platforms A cybersecurity warning has been issued by threat intelligence company GreyNoise about a recent spike in SSRF Exploits targeting Server-Side Request Forgery (SSRF) vulnerabilities. On March 9, 2025, the company detected over 400 IP addresses actively…
0 Comments3 Minutes
Your Router Might Be Infected by Ballista Botnet
Overview A new botnet, known as Ballista, is now attacking TP-Link Archer routers that haven’t been updated. According to researchers at Cato CTRL, the botnet takes advantage of a serious flaw (CVE-2023-1389) in these devices. This weakness lets hackers send commands to the router remotely, putting…
0 Comments3 Minutes
Fake Browser Extensions That Steal Login Info
Fake Browser Extensions Cybersecurity experts have revealed a new way hackers can use Fake Browser Extensions to impersonate legitimate ones, tricking users into giving away their login details. You might be interested in: This PolarEdge Trojan Turns Devices Into Remote Attack Tools According to a…
0 Comments2 Minutes