Npav Lab - Page 7

SolarWinds Web Help Desk Vulnerability (CVE-2025-26399) Enables Remote Command Execution

Posted: March 12, 2026

Categories: vulnerability, Website hacks

Tags: fp-5a, fp-3b, fp-3a, fp-1b, fp-1a

Author: Npav Lab

A critical SolarWinds Web Help Desk vulnerability (CVE-2025-26399) allows attackers to execute commands via deserialization flaws. CISA warns organizations to patch immediately.

Instagram Down: Global Outage Disrupts Posting and Direct Messages

Posted: March 11, 2026

Categories: Social Media, Instagram

Tags: fp-2c, fp-2b, fp-2a, fp-1b, fp-1a

Author: Npav Lab

Instagram experienced a major outage on March 11, 2026, leaving thousands of users unable to access feeds, post content, or send direct messages worldwide.

Leaked Coruna iPhone Exploit Toolkit Used by Russian Spies and Cybercriminals

Posted: March 10, 2026

Categories: Cyber Attack, Mobile Frauds

Tags: fp-2b, fp-2a, fp-1b, fp-1a

Author: Npav Lab

A powerful iPhone exploit toolkit called Coruna, originally built by a U.S. defense contractor, has leaked and is now used by Russian spies and cybercriminals to target iOS devices.

Cognizant TriZetto Data Breach Exposes Health Data of 3.4 Million Patients

Posted: March 09, 2026

Categories: Data Breach

Tags: fp-2c, fp-2b, fp-2a, fp-1b, fp-1a

Author: Npav Lab

Cognizant’s TriZetto Provider Solutions disclosed a major data breach exposing sensitive health information of 3.4 million patients after attackers accessed external systems.

Indirect Prompt Injection Attack Lets Hackers Manipulate AI Agents via Hidden Web Content

Posted: March 06, 2026

Categories: Hacker

Tags: fp-4a, fp-2c, fp-2b, fp-2a, fp-1b, fp-1a

Author: Npav Lab

Researchers warn that indirect prompt injection attacks allow hackers to manipulate AI agents using hidden instructions in web pages, enabling phishing, data theft, and system compromise.

LastPass Phishing Attack: Hackers Mimic Support Emails to Steal Vault Passwords

Posted: March 05, 2026

Categories: Data Breach, Phishing, Email And Password, Hacker

Tags: fp-3b, fp-3a, fp-2b, fp-2a, fp-1b, fp-1a

Author: Npav Lab

A new phishing campaign targeting LastPass users uses fake support emails, display name spoofing, and fraudulent login pages to steal vault master passwords.

Silver Dragon APT Linked to APT41 Targeting Governments with Cobalt Strike & Google Drive C2

Posted: March 04, 2026

Categories: Google, Cyber Attack, Data Breach

Tags: fp-5a, fp-4c, fp-4b, fp-4a, fp-1b, fp-1a

Author: Npav Lab

Silver Dragon, a threat group linked to APT41, is targeting government entities using Cobalt Strike, DLL sideloading, DNS tunneling, and Google Drive-based command-and-control techniques.

India Post GDS Phishing Scam: Fake Website Warning for Job Seekers

Posted: February 04, 2026

Categories: Phishing, Website hacks, Financial fraud, Fraud Protector, Mobile Frauds

Tags: fp-1b, fp-1a

Author: Npav Lab

Fake India Post GDS recruitment websites are stealing user data. Learn how to identify phishing sites and stay protected with NPAV security.

Notepad++ Breach: China-Linked Hackers Deploy Chrysalis Backdoor

Posted: February 03, 2026

Categories: Data Breach, Hacking, Hacker

Tags: fp-1b, fp-1a

Author: Npav Lab

China-linked Lotus Blossom group breached Notepad++ hosting, delivering Chrysalis backdoor via tampered updates. Learn the attack details and how to stay safe.

Republic Day 2026: Protect Digital India – Stop Fraud, Block Virus, Stay Secure with Net Protector Antivirus.

Posted: January 23, 2026

Categories: Updates, NPAV Announcement

Tags: fp-6a, fp-1b, fp-1a

Author: Npav Lab

Celebrate Republic Day 2026 by securing your online life with Total Security Fraud Protector. Protect banking, emails, passwords, and personal data from cyber threats and fraud.