APT29 compromised popular sites by injecting obfuscated JavaScript that quietly redirected around 10% of visitors to actor‑controlled domains. These pages mimicked Cloudflare’s auth flow exactly, leading users to generate and enter Microsoft device authentication codes effectively allowing attackers to enroll their own devices. Who’s Affected & What’s at RiskAny user visiting a compromised website could…
During the 12-day conflict in June 2025, Iranian state-sponsored hacking groups and hacktivist proxies operated with greater coordination against Israel than previously documented, according to research from Security Scorecard’s STRIKE Team and the Middle East Institute. More than 178 Iranian-affiliated actors conducted operations ranging from influence campaigns to data theft. The state-backed group Imperial Kitten…
Read More “Iranian Cyber Offensive Shows Unprecedented Coordination” »
Cybersecurity firm Guardio has uncovered a new campaign, ClickFix, that weaponizes fake CAPTCHA verification pages to trick users into executing malicious commands marking a major evolution from 2024’s fake browser update scams. Victims encounter CAPTCHA pages branded with Google reCAPTCHA or Cloudflare logos, but instead of solving a puzzle, they’re instructed to perform keyboard shortcuts…
Read More “CAPTCHA geddon’ Click Fix Malware Campaign Emerges” »
Researchers from Palo Alto Networks Unit 42 have uncovered a state-sponsored Chinese threat actor tracked as Storm-2603 by Microsoft and CL-CRI-1040 by Unit 42 exploiting four critical Microsoft SharePoint vulnerabilities (CVE-2025–49704, CVE-2025–49706, CVE-2025–53770, CVE-2025–53771) to deliver a custom malware suite dubbed Project AK47. Active since March 2025, the campaign uses the ToolShell exploit chain to…
Read More “Chinese Hackers Exploit SharePoint Flaws in ‘Project AK47’ Campaign” »
Cybersecurity researcher Elad Beber of Cumulate has uncovered two critical flaws in Anthropic’s Claude Code AI development assistant CVE-2025–54794 and CVE-2025–54795 that could allow attackers to bypass safeguards and execute unauthorized commands. Both have since been patched by Anthropic. The vulnerabilities were identified using an “inverse prompting” approach, where Claude itself was manipulated to reveal…
Read More “Critical Flaws in Claude AI Code Assistant Patched” »
A sophisticated North Korean cyber campaign has resurfaced, deploying twelve malicious NPM packages to infiltrate developer systems and steal cryptocurrency. The attack exploits supply chain trust in open-source repositories, with threat actors posing as interviewers who instruct developers to install infected packages during coding tests. Once installed, the malware a Beavertail variant scans for crypto…
Read More “North Korean Hackers Launch NPM Supply Chain Attack” »
On July 30, the National Company Law Tribunal (NCLT) Kolkata bench faced a cybersecurity breach during an online court hearing when an unknown individual hijacked the session to display inappropriate content. The disruption began around 2:52 pm and lasted for three to four minutes, halting proceedings. According to a complaint filed with the Bidhannagar Cyber…
Read More “Cyber Breach Disrupts NCLT Kolkata Virtual Hearing” »
Cybersecurity researchers have uncovered a Vietnamese-speaking hacking group running a highly evasive, multi-stage campaign to steal sensitive information from over 4,000 victims across 62 countries. The most affected regions include South Korea, the U.S., the Netherlands, Hungary, and Austria. Active since late 2024, the group has recently refined its techniques to bypass antivirus tools and…
Read More “Vietnamese Hackers Run Global Data Theft Campaign” »
What Happened and Who Was Affected: On July 24, 2025, Cisco confirmed a filthy vishing attack targeting one of its representatives. The employee was deceived over a phone call, enabling attackers to gain access to a third-party cloud-based CRM instance used by CiscoFrom that CRM dashboard, attackers extracted basic profile information of Cisco.com users, including names, email addresses, phone numbers, organization names,…
Between February and November 2024, state-sponsored threat actor CL-STA-0969 linked to China-based espionage group Liminal Panda targeted telecommunications infrastructure in Southeast Asia to establish persistent access and conduct network surveillance. According to Palo Alto Networks’ Unit 42, attackers employed a range of custom implants and evasive techniques without evidence of data exfiltration. Key tools used…
