Hola Browser for Windows Compromised
Overview A recent supply‑chain compromise has impacted the Windows version of Hola Browser, delivering an undeclared executable identified as a cryptocurrency miner. The breach was discovered during […]
Month: June 2026
Weaponized ChatGPT
Overview A new malvertising campaign is exploiting ChatGPT’s global popularity by promoting a weaponized fake download site through sponsored search results, delivering malware to both […]
Hackers Deploy New Atlas RAT in European Cyberattacks
Overview A Chinese‑speaking cybercrime group, tracked as TA4922, has expanded its operations beyond East Asia, launching financially motivated attacks across Germany, Italy, the United Kingdom, and South Africa. The group’s latest campaigns feature previously […]
Fake Chrome Web Store to Steal Google Credentials
Overview A sophisticated phishing campaign is targeting Chrome extension developers using fake copyright removal notices that mimic official messages from the Chrome Web Store. The scam tricks developers into entering their Google credentials […]
Acer Zero‑Day in Wave 7 Routers
Overview Acer has confirmed it is actively developing fixes for two maximum‑severity zero‑day vulnerabilities affecting its Wave 7 mesh routers. Reported by security researcher Gergo Pap, these flaws impact devices running firmware version T7c_GBL_1.01.000055 or earlier, […]
Unpatched Windows Search URI Vulnerability
Overview Cybersecurity researchers at Huntress have uncovered an unpatched Windows vulnerability that exposes users’ NTLMv2 hashes through the search: URI handler, echoing the same flaw previously seen in […]
Microsoft 365 Android Apps Account Takeover
Overview A critical flaw dubbed FlagLeft exposed billions of Android users to silent Microsoft account token theft across six major Microsoft 365 apps — Word, PowerPoint, Excel, Copilot, Loop, and […]
Hackers Steal GitHub Tokens in One Click using VSCode
Overview A newly disclosed zero‑day vulnerability in Visual Studio Code (VS Code) has exposed developers to a serious GitHub token theft risk. Security researcher Ammar Askar released exploit code demonstrating how attackers can […]
Afghanistan Finance Ministry Targeted with Xeno RAT
Overview A new cyber‑espionage campaign, codenamed Operation XENOFISCAL, has been uncovered targeting Afghanistan’s Ministry of Finance and provincial revenue directorates. The campaign is attributed to the Pakistan‑aligned SideCopy group, a sub‑cluster […]
ClickFix and FakeUpdate Attacks
Overview A large‑scale malware distribution campaign led by a threat actor known as DriveSurge has compromised thousands of websites, redirecting unsuspecting visitors to malware‑delivery infrastructure. […]