Npav Lab - Page 15

Hackers Embed Stealth Backdoor in WordPress Mu-Plugins for Persistent Admin Access

Posted: July 24, 2025

Categories: Data Breach, Hacker

Tags: fp-1b, fp-1a

Author: Npav Lab

Cybersecurity researchers have uncovered a stealth backdoor in WordPress mu-plugins, allowing hackers to maintain persistent admin access. Learn how this malware operates and how to protect your site.

New ZuRu Malware Variant Targets macOS Users via Compromised Termius SSH Client

Posted: July 24, 2025

Categories: Malware Alerts, Cyber Attack, Microsoft

Tags: fp3c, fp-4c, fp-3b, fp-1a

Author: Npav Lab

A new variant of the macOS.ZuRu malware exploits a compromised Termius SSH client to turn developer workstations into remote access points. Learn about the risks and how to protect your systems.

Russian Beluga Vodka Company by Novabev Group, Hit by Ransomware Attack

Posted: July 24, 2025

Categories: Ransomware, Cyber Attack

Tags: fp-3d, fp-3b, fp-1a

Author: Npav Lab

Novabev Group confirmed a ransomware attack on July 14, 2025, disrupting operations and IT infrastructure. The company refuses to pay ransom and assures customer data remains secure.

Major Cyber-Fraud Bust in Lucknow: ₹1.07 Crore Seized, 16 Arrested

Posted: July 24, 2025

Categories: Cyber Attack, Financial fraud, Fraud Protector, Mobile Frauds

Tags: fp-2c, fp-2b, fp-2a, fp-1a

Author: Npav Lab

Lucknow police have arrested 16 individuals and seized ₹1.07 crore in cash during a major cyber-fraud bust linked to a fake betting app, 'Lotus Gaming.' Discover the details of this online scam.

CrushFTP CVE-2025-54309 Authentication Bypass Vulnerability Exploited

Posted: July 23, 2025

Categories: Data Breach, vulnerability

Tags: fp-5d, fp-1a

Author: Npav Lab

CrushFTP warns users of active exploitation of CVE-2025-54309, a vulnerability allowing remote admin access via HTTPS on unpatched servers. Learn about affected versions and recommended actions.

Threat Actors Target Linux SSH Servers to Deploy SVF Botnet

Posted: July 23, 2025

Categories: Cyber Attack, Botnet

Tags: fp-6d, fp-6a, fp-4a

Author: Npav Lab

Cybersecurity researchers reveal a campaign targeting poorly secured Linux servers through SSH brute force attacks to deploy the SVF Botnet, a Python-based DDoS malware using Discord for command-and-control.

Iranian Threat Actors Use AI-Generated Emails to Target Cybersecurity Experts

Posted: July 23, 2025

Categories: Cyber Attack, Data Breach, Email And Password

Tags: fp-2d, fp-1a

Author: Npav Lab

Iranian state-backed APT groups are intensifying cyber operations, leveraging AI-generated emails to target cybersecurity researchers. Learn about their tactics and the implications for global security.

Cyber Scams from Southeast Asia Cost India ₹1,500 Crore Monthly

Posted: July 23, 2025

Categories: Cyber Attack, Financial fraud, Fraud Protector, Mobile Frauds

Tags: fp-1b, fp-1a

Author: Npav Lab

India faces a staggering loss of ₹1,500 crore monthly due to cyber scams originating from Southeast Asia. Discover the impact of these frauds, their origins, and the challenges in combating them.

Warning: npm Phishing Campaign Targets Node.js Developers

Posted: July 22, 2025

Categories: Cyber Attack, Phishing

Tags: fp-3c, fp-3b, fp-1a

Author: Npav Lab

A sophisticated phishing campaign is targeting Node.js developers through a typosquatted domain, npnjs.com. Learn how attackers are impersonating the npm package registry and what you can do to protect your credentials.

Urgent Alert: Microsoft SharePoint Zero-Day Vulnerability 'ToolShell' Actively Exploited

Posted: July 22, 2025

Categories: vulnerability, Microsoft

Tags: fp-6a, fp-4b, fp-4a

Author: Npav Lab

Microsoft has disclosed a critical zero-day vulnerability in SharePoint Server (CVE-2025-53770) with a CVSS score of 9.8. Learn about the active exploitation, impact on enterprises, and emergency patches available.