hackers
-
Blog
Discord flaw lets hackers reuse expired invites in malware campaign
Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access trojans and information-stealing malware. The campaign relies on a flaw in the Discord invitation system to leverage multi-stage infections that evade multiple antivirus engines. “Reviving” expired Discord invites Discord invite links are URLs that allow someone to join a specific Discord server. They…
Read More » -
Blog
Hackers exploited Windows WebDav zero-day to drop malware
An APT hacking group known as ‘Stealth Falcon’ exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen. Stealth Falcon (aka ‘FruityArmor’) is an advanced persistent threat (APT) group known for conducting cyberespionage attacks against Middle East organizations. The flaw, tracked under CVE-2025-33053, is a remote code execution…
Read More » -
Blog
Hackers target Salesforce accounts in data extortion attacks
Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organization’s Salesforce platforms. According to Google’s Threat Intelligence Group (GTIG), which tracks the threat cluster as ‘UNC6040,’ the attacks target English-speaking employees with voice phishing attacks to trick them into connecting a modified modified version of Salesforce’s Data…
Read More » -
Blog
Hackers are using fake Booking.com sites to infect summer travelers with dangerous malware — how to stay safe
Summer is here and if you haven’t booked your holiday travel plans yet, you’re going to want to be extra careful when doing so. The reason being, hackers are now using popular booking sites to infect unsuspecting travelers with dangerous password-stealing malware. According to the cybersecurity firm Malwarebytes, a new campaign has been spotted online that uses malicious links on…
Read More » -
Blog
Hackers are using fake tool installers to dupe victims – and AI tools like ChatGPT are a key target
Cyber criminals are spreading malware disguised as popular tool installers to target B2B sales and the technology and marketing sectors, according to new threat research. Cisco Talos said it has found the CyberLock and Lucky_Gh0$t ransomware, along with a newly-discovered malware dubbed ‘Numero’, masquerading as popular and legitimate AI tool installers to dupe victims. Chetan Raghuprasad, a cybersecurity researcher at…
Read More » -
Blog
Hackers are exploiting critical flaw in vBulletin forum software
Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild. The flaws, tracked under CVE-2025-48827 and CVE-2025-48828, and rated critical (CVSS v3 score: 10.0 and 9.0 respectively), are an API method invocation and a remote code execution (RCE) via template engine abuse flaws. They impact vBulletin versions 5.0.0…
Read More » -
Blog
ConnectWise breached in cyberattack linked to nation-state hackers
IT management software firm ConnectWise says a suspected state-sponsored cyberattack breached its environment and impacted a limited number of ScreenConnect customers. “ConnectWise recently learned of suspicious activity within our environment that we believe was tied to a sophisticated nation state actor, which affected a very small number of ScreenConnect customers,” ConnectWise shared in a brief advisory. “We have launched an…
Read More » -
Blog
Hackers give Botetourt County Schools 2 weeks to pay ransom after cyber attack
Ransomware gang Qilin today took credit for a cyber attack on Botetourt County Public Schools earlier this month and demanded the district pay a ransom by June 12, 2025. On May 13, 2025, superintendent Jonathan Russ sent a message to families in the Virginia school district saying that a cybersecurity incident disrupted some of the district’s IT systems. Qilin took…
Read More » -
Blog
Hackers are abusing Microsoft email notifications to target enterprises
Windows users are being warned to look out for a scam delivered via emails from a genuine Microsoft address. According to Kaspersky, threat actors have been able to insert their own text into genuine thank-you messages sent by Microsoft 365 to its new business subscribers, from the legitimate microsoft-noreply@microsoft.com address. “One would be hard-pressed to imagine an email address with…
Read More » -
Blog
Ivanti EPMM flaw exploited by Chinese hackers to breach govt agencies
Chinese hackers have been exploiting a remote code execution flaw in Ivanti Endpoint Manager Mobile (EPMM) to breach high-profile organizations worldwide. The flaw is identified as CVE-2025-4428 and received a high-severity score. The issue can be leveraged to execute code remotely on Ivanti EPMM version 12.5.0.0 and earlier via specially crafted API requests. Ivanti disclosed the flaw together with an authentication bypass (CVE-2025-4427)…
Read More »