Npav Lab

A sophisticated phishing campaign is targeting Node.js developers through a typosquatted domain, npnjs.com. Learn how attackers are impersonating the npm package registry and what you can do to protect your credentials.

Microsoft has disclosed a critical zero-day vulnerability in SharePoint Server (CVE-2025-53770) with a CVSS score of 9.8. Learn about the active exploitation, impact on enterprises, and emergency patches available.

Discover how Fancy Bear (APT28), a sophisticated Russian cyberespionage group, infiltrates governments and military organizations using advanced cyber tools and tactics. Learn about their methods, motivations, and recent activities.

A senior government officer in Chhattisgarh, Maya Tiwari, was defrauded of ₹90 lakh by a Facebook scammer posing as a friend. Learn about the incident and the rise of cyber fraud in the state.

Discover the critical NVIDIAScape vulnerability (CVE-2025-23266) in the NVIDIA Container Toolkit, allowing attackers to escape container isolation and gain root access. Learn about its implications and mitigation strategies.

Cybersecurity researchers have uncovered a new attack method by the PoisonSeed group that exploits FIDO key protections through QR phishing and cross-device sign-in. Learn how this technique deceives users and compromises account security.

A 62-year-old woman from Bandra, Mumbai, was defrauded of ₹7.8 crore by scammers who lured her into a fake trading app promising high returns. Learn how the scam unfolded and the warning signs to watch for.

Discover the details of the recent CoinDCX cyberattack where $44 million was stolen. Learn about the incident, recovery plans, and how customer funds remain safe.

Cybersecurity researchers have identified new AsyncRAT variants featuring a disturbing "Screamer" tool for audio manipulation and a USB malware spreader that revives autorun-based infections. Learn about these evolving cyber threats and their implications.

A Nagpur teacher fell victim to a sophisticated mobile hacking scam, losing ₹10 lakh after being tricked into installing a malicious app for KYC verification. Learn about this alarming incident and the growing threat of financial cyber fraud in India.