NPAV Logo

Shopping Cart My Cart 0
₹0.00
Currency
INR
Currency
INR

Npav Lab

  1. MalTerminal: Pioneering GPT-4-Powered Malware That Generates Ransomware and Reverse Shells on Demand

    MalTerminal: Pioneering GPT-4-Powered Malware That Generates Ransomware and Reverse Shells on Demand

    Posted: September 22, 2025
    Categories: Ransomware, Malware Alerts, AI
    Tags: fp-3b, fp-1b, fp-1a, fo-3a
    Author: Npav Lab
    Views: 78
    SentinelLABS uncovers MalTerminal, an early LLM-enabled malware using OpenAI's GPT-4 to dynamically create ransomware or reverse shells at runtime, evading detection and marking a new era in AI-driven cyber threats.
    Read more
  2. EDR-Freeze: New Tool Exploits Windows Function to Suspend EDR and Antivirus in 'Coma' State

    EDR-Freeze: New Tool Exploits Windows Function to Suspend EDR and Antivirus in 'Coma' State

    Posted: September 22, 2025
    Categories: Malware Alerts, Windows
    Tags: fp-6d, fp-6a, fp-3b, fp-3a, fp-1b, fp-1a
    Author: Npav Lab
    Views: 223
    Zero Salarium's EDR-Freeze proof-of-concept uses Windows' MiniDumpWriteDump to freeze EDR and antivirus software indefinitely, offering a stealthy alternative to BYOVD attacks without third-party drivers or detection risks.
    Read more
  3. Rise of AI-Generated Fake CAPTCHAs: Cybercriminals' New Tool for Sophisticated Phishing Attacks

    Rise of AI-Generated Fake CAPTCHAs: Cybercriminals' New Tool for Sophisticated Phishing Attacks

    Posted: September 22, 2025
    Categories: Bank Phishing, Cyber Attack, Phishing, Email And Password, AI
    Tags: fp-3c, fp-3a, fp-2-d, fp-1b, fp-1a, f-3b
    Author: Npav Lab
    Views: 33
    Trend Micro warns of cybercriminals using AI to create fake CAPTCHA pages that trick users into revealing sensitive data, boosting phishing success rates and challenging cybersecurity defenses.
    Read more
  4. New Phishing Campaign Targets Facebook Users Using Redirected Fake Login Pages

    New Phishing Campaign Targets Facebook Users Using Redirected Fake Login Pages

    Posted: September 19, 2025
    Categories: Phishing, Facebook
    Tags: fp-3c, fp-3b, fp-3a, fp-1b, fp-1a
    Author: Npav Lab
    Views: 60
    A sophisticated phishing attack uses Facebook’s URL redirect service to trick users into entering login credentials on fake pages, stealing emails, phone numbers, and passwords.
    Read more
  5. KrasAvia Cyberattack Disrupts Website and Flight Operations, Forcing Manual Procedures

    KrasAvia Cyberattack Disrupts Website and Flight Operations, Forcing Manual Procedures

    Posted: September 19, 2025
    Categories: Cyber Attack, Website hacks
    Tags: fp-1b
    Author: Npav Lab
    Views: 37
    Russian regional airline KrasAvia suffers a cyberattack causing website outage and halting online ticket sales. Flight operations switch to manual control as investigation continues.
    Read more
  6. Everest Ransomware Group Claims Major Data Breach at BMW, Threatens to Leak Sensitive Files

    Everest Ransomware Group Claims Major Data Breach at BMW, Threatens to Leak Sensitive Files

    Posted: September 19, 2025
    Categories: Ransomware, Data Breach
    Tags: fp-1b
    Author: Npav Lab
    Views: 123
    The Everest ransomware group alleges stealing 600,000 lines of BMW’s internal documents, including audit reports and engineering files, and threatens public release. BMW has yet to confirm the breach or respond.
    Read more
  7. Zero-Click Vulnerability in ChatGPT’s Deep Research Agent Exposes Gmail Data

    Zero-Click Vulnerability in ChatGPT’s Deep Research Agent Exposes Gmail Data

    Posted: September 19, 2025
    Categories: Email And Password, vulnerability, AI
    Tags: fp-3a, fp-2d, fp-1b, fp-1a
    Author: Npav Lab
    Views: 41
    A zero-click flaw in ChatGPT’s Deep Research agent allowed attackers to exfiltrate sensitive Gmail data via hidden email prompts. OpenAI patched the service-side vulnerability in 2025 to prevent stealthy data leaks from its cloud infrastructure.
    Read more
  8. Insight Partners Confirms Data Breach Exposing Personal Information After Months-Long Intrusion

    Insight Partners Confirms Data Breach Exposing Personal Information After Months-Long Intrusion

    Posted: September 18, 2025
    Categories: Cyber Attack, Data Breach
    Tags: fp-3a, fp-1b, fp-1a
    Author: Npav Lab
    Views: 36
    Insight Partners suffered a data breach from a social engineering attack that exposed personal data from HR and finance systems. The breach went undetected for nearly three months before ransomware deployment. Affected users receive identity protection.
    Read more
  9. Pixie Dust Wi-Fi Attack Exploits WPS Flaw to Steal Router PIN and Access Networks

    Pixie Dust Wi-Fi Attack Exploits WPS Flaw to Steal Router PIN and Access Networks

    Posted: September 18, 2025
    Categories: Cyber Attack, Data Breach
    Tags: fp-6c, fp-6b, fp-1b
    Author: Npav Lab
    Views: 188
    The Pixie Dust attack targets vulnerabilities in Wi-Fi Protected Setup (WPS) to recover router PINs offline, allowing attackers to access wireless networks. Disabling WPS or updating firmware is essential to prevent this exploit.
    Read more
  10. Founder of BreachForums Sentenced to Three Years for Running Major Cybercrime Marketplace

    Founder of BreachForums Sentenced to Three Years for Running Major Cybercrime Marketplace

    Posted: September 18, 2025
    Categories: Cyber Attack
    Tags: fp-1b
    Author: Npav Lab
    Views: 27
    Conor Fitzpatrick, creator of BreachForums, was sentenced to three years in prison for operating a massive cybercriminal forum with over 330,000 users and 14 billion stolen records. DOJ and FBI continue crackdown on dark web crime.
    Read more
Page
Categories
Recent Posts
Cybersecurity alert: India's digital growth fuels cybercrime; boost awareness to prevent fraud and losses.
India's Cybercrime Explosion: 22.68 Lakh Cases in 2024, ₹22,845 Crore Lost
December 04, 2025
Map of seven Indian airports impacted by cyberattacks: Delhi, Mumbai, Kolkata, Hyderabad, and Bengaluru, showing GPS spoofing locations.
Cyberattack Hits Seven Indian Airports: GPS Spoofing Confirmed, No Flights Disrupted
December 02, 2025
Comparison of fake phishing domain rnicrosoft.com mimicking real Microsoft.com to steal logins via typosquatting.
Phishing Scam Alert: Hackers Swap 'm' for 'rn' to Fake Microsoft and Steal Your Logins
November 25, 2025
Scam alert infographic: Hotel booking with fake staff icon, arrows to QR code payments; protective shields for verification, with "Verify Directly" warning banner over a travel scene.
KTMS warns of hotel scams in Kerala—learn the tactics and tips to avoid losing money to impersonators.
November 17, 2025
Phishing alert infographic: Invoice email with VBS attachment, arrows to XWorm stealing data; protective shields for filtering and training, with "Verify Emails" warning banner over an inbox.
Fake Invoices Spread XWorm: Hackers Steal Login Data
November 17, 2025
Back to Top