In March 2024, Mozilla said it was winding down its collaboration with Onerep — an identity protection service offered with the Firefox web browser that […]
Fortinet criticized for ‘silent’ patching after disclosing second zero-day vulnerability in same equipment
Only days after Fortinet was criticized by researchers for ‘silently’ patching a zero-day vulnerability without informing its customers, it has emerged that it did the […]
Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows
Cybersecurity researchers have warned of an actively expanding botnet dubbed Tsundere that’s targeting Windows users. Active since mid-2025, the threat is designed to execute arbitrary […]
‘Matrix Push’ C2 Tool Hijacks Browser Notifications for Phishing
Have you ever given two seconds of thought to a browser notification? No? That’s what hackers are counting on. ​The original article found on darkreading […]
ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet
Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) framework to turn infected clusters with […]
APIContext Introduces MCP Server Performance Monitoring to Ensure Fast and Reliable AI Workflows
Today, APIContext, has launched its Model Context Protocol (MCP) Server Performance Monitoring tool, a new capability that ensures AI systems respond fast enough to meet customer […]
API-Exploit für AI-Browser Comet entdeckt
Sicherheitsforscher haben einen API-Exploit für den KI-Browser Comet offengelegt. Fajri Mulia Hidayat – shutterstock.com Der Security-Anbieter SquareX hat eine bisher nicht dokumentierte API innerhalb des […]
WhatsApp ‘Eternidade’ Trojan Self-Propagates Through Brazil
The infostealer specifically targets Brazilian Portuguese speakers and combines malware designed to phish banking credentials and steal data, a worm, and some uniquely Brazilian quirks. […]
China‑linked PlushDaemon hijacks DNS via ‘EdgeStepper’ to weaponize software updates
PlushDaemon, a China-linked APT group, has been deploying a previously undocumented network implant dubbed EdgeStepper to hijack DNS traffic on compromised network devices. According to […]
ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
This week has been crazy in the world of hacking and online security. From Thailand to London to the US, we’ve seen arrests, spies at […]