Critical flaw in Open VSX Registry patched after researchers warn of supply-chain danger
Attack vector could have handed over the whole extension market An Israeli security outfit has revealed that an error buried deep in the automation scripts of the Open VSX Registry might have let criminals hijack every Visual Studio Code extension distributed through the popular open-source…
0 Comments6 Minutes
New Linux Privilege-Escalation Chain Gives Attackers Instant Root Access
Two Bugs, One Exploit Chain Security specialists at Qualys have revealed a pair of vulnerabilities that—when combined—let any logged-in user jump from a normal account to full administrator rights on many mainstream Linux distributions. The first flaw, CVE-2025-6018, sits inside the Pluggable…
0 Comments5 Minutes
Fake GitHub Projects Hides Malicious Code, Researchers Warn
Banana Squad Returns With a Fresh Batch of Booby-Trapped Repositories Security analysts at ReversingLabs say they have uncovered a new surge of activity by a group they call Banana Squad. The actors have opened and maintained more than 67 GitHub projects that pretend to contain handy Python hacking…
0 Comments6 Minutes
The Web’s Biggest Password Leak Puts Billions at Risk
A Record-Breaking Trove of Stolen Credentials Comes to Light A data cache containing roughly 16 billion usernames and passwords has surfaced on dark-web forums, according to investigative work led by researcher Vilius Petkauskas and the Cybernews team. Spread across 30 colossal files—each one…
0 Comments6 Minutes
Anubis Ransomware Emerges With a Destructive Twist
Dual Threat: Scrambling and Erasing Data A newly observed strain of ransomware called Anubis has attracted the attention of security researchers for its ability not only to lock files but also to wipe them out completely. According to a recent study by Trend Micro, the malware carries a “wipe…
0 Comments6 Minutes
Google Cloud Disruptions Affect Major Online Services
Several Companies Report Issues as Google Scrambles to Restore Cloud Platform Google Cloud faced major technical problems on Thursday, causing widespread outages that affected businesses and online services around the world. The issues began late in the morning Pacific Time and continued for…
0 Comments6 Minutes
Adobe Fixes Over 250 Security Bugs in Major Software Update
Most Issues Found in Adobe Experience Manager, Users Urged to Update Immediately Adobe has released a major round of security patches this week, fixing a total of 254 different vulnerabilities in several of its popular software products. The company said the majority of these flaws—225 in…
0 Comments5 Minutes
Fake Resumes on LinkedIn Deliver More_eggs Malware
Posing as Job Seekers on Professional Platforms A criminal gang that security researchers know as FIN6 has begun taking advantage of the job-hunting world in a new way. According to a fresh investigation from DomainTools, the group is approaching recruiters on popular employment sites such as…
0 Comments6 Minutes
Google Confirms 6 in 10 Gmail Users Targeted by Email Scams
Why This Matters Google’s own survey shows that 61 % of people say they’ve been hit with email-based scams in the past year, and the majority of those attacks aimed straight at Gmail inboxes. At the same time, Google warns that “most users still rely on outdated log-ins like passwords and SMS 2FA,”…
0 Comments3 Minutes
Voice-Phishing Crew Poses as IT Staff to Raid Salesforce Data
Google Spots a New Wave of Social Engineering Google’s threat-intelligence analysts have warned that a profit-driven hacking crew—tagged UNC6040—has been dialing company employees, pretending to be help-desk staff, and talking its way into corporate Salesforce accounts. According to a report shared…
0 Comments6 Minutes