Google's August 2025 Android update patches two actively exploited Qualcomm zero-day vulnerabilities. Learn about CVE-2025-21479 and CVE-2025-27038 and why you must update your device now.
A massive, AI-driven scam campaign codenamed 'ClickTok' is targeting TikTok Shop users worldwide. Cybersecurity firm CTM360 reports that threat actors have created over 15,000 fake TikTok Shop domains to execute a dual-pronged attack involving phishing and malware distribution. The campaign leverages AI-generated videos and fake influencer promotions on Meta platforms to lure victims to these lookalike sites. Once there, users are tricked into entering credentials on phishing pages or downloading a trojanized TikTok app. This malicious app contains the SparkKitty malware, a cross-platform threat designed to steal sensitive data, including cryptocurrency wallet seed phrases from screenshots on both Android and iOS devices. The scam's primary goals are financial, using fake product listings, fraudulent crypto payments, and credential theft to exploit both buyers and affiliate sellers on the popular e-commerce platform.
A state-sponsored threat actor, CL-STA-0969, has been targeting telecommunications organizations in Southeast Asia in a sophisticated espionage campaign lasting 10 months. According to Palo Alto Networks Unit 42, the attackers focused on critical telecom infrastructure between February and November 2024. The campaign is notable for its high operational security (OPSEC) and the deployment of specialized tools like Cordscan to collect mobile device location data. While the group gained remote control over compromised networks, researchers found no evidence of data exfiltration. The actor shares significant overlaps with the China-nexus group Liminal Panda, indicating a calculated and persistent effort to maintain stealthy access to sensitive networks.
Akira ransomware is targeting fully-patched SonicWall SSL VPNs, suggesting a potential zero-day exploit. Learn the details and how to protect your network from this emerging threat. Researchers note a rapid attack timeline, with ransomware deployment occurring shortly after initial VPN access.
Hackers breached Toptal’s GitHub account to publish 10 malicious npm packages with destructive payloads, leading to 5,000 downloads. The incident highlights growing threats in software supply chains and open-source ecosystems.
A critical vulnerability, CVE-2025-23266, in NVIDIA's Container Toolkit allows for complete server takeover on shared AI cloud services with a simple exploit.
Explore five exceptional React component libraries built on top of ShadCN/UI. From production-ready dashboards to beautifully animated UI sections, these open-source kits offer performance, accessibility, and design excellence for modern web apps.
Security researchers have discovered a serious vulnerability in Google Gemini for Workspace that allows attackers to inject hidden commands into emails, leading to convincing phishing attempts—all without links or attachments.
Over 2.3 million Chrome and Edge users were compromised by 18 malicious browser extensions in the RedDirection campaign. Learn about the Trojan threat, affected extensions, and how to protect yourself.
Newer posts
