Npav Lab

A sophisticated phishing attack uses Facebook’s URL redirect service to trick users into entering login credentials on fake pages, stealing emails, phone numbers, and passwords.

Russian regional airline KrasAvia suffers a cyberattack causing website outage and halting online ticket sales. Flight operations switch to manual control as investigation continues.

The Everest ransomware group alleges stealing 600,000 lines of BMW’s internal documents, including audit reports and engineering files, and threatens public release. BMW has yet to confirm the breach or respond.

A zero-click flaw in ChatGPT’s Deep Research agent allowed attackers to exfiltrate sensitive Gmail data via hidden email prompts. OpenAI patched the service-side vulnerability in 2025 to prevent stealthy data leaks from its cloud infrastructure.

Insight Partners suffered a data breach from a social engineering attack that exposed personal data from HR and finance systems. The breach went undetected for nearly three months before ransomware deployment. Affected users receive identity protection.

The Pixie Dust attack targets vulnerabilities in Wi-Fi Protected Setup (WPS) to recover router PINs offline, allowing attackers to access wireless networks. Disabling WPS or updating firmware is essential to prevent this exploit.

Conor Fitzpatrick, creator of BreachForums, was sentenced to three years in prison for operating a massive cybercriminal forum with over 330,000 users and 14 billion stolen records. DOJ and FBI continue crackdown on dark web crime.

Discover how AI is becoming the new weapon against financial crime, with Themis’ AI Investigator platform cutting investigation times from weeks to minutes by revealing hidden criminal networks.

RevengeHotels (TA558) escalates cyberattacks with AI-crafted loaders delivering VenomRAT malware, targeting Windows users via phishing. The malware features stealth, persistence, and encrypted communication.

Hyderabad Cyber Crime Police arrested 61 suspects involved in multi-state online frauds, recovering over ₹1.01 crore for victims. Authorities urge vigilance and prompt reporting to combat rising cybercrime.