Npav Lab
-
Read moreCybercriminals are now leveraging steganography to hide ransomware in ordinary JPG image files, deploying Fully Undetectable (FUD) malware that bypasses traditional security solutions. These advanced tactics exploit metadata and pixel data to deliver multi-stage attacks — silently and effectively. -
Read moreAscension, one of the largest private healthcare providers in the U.S., has confirmed a significant data breach affecting 437,329 patients, linked to a former business partner’s software vulnerability. This marks yet another serious blow to the healthcare sector’s cybersecurity posture, coming less than a year after Ascension's systems were crippled by ransomware. -
Read moreAs tensions escalate in the wake of the Pahalgam attack, India’s digital frontline is now under coordinated cyber assault. The government’s Computer Emergency Response Team (CERT-In) has issued urgent advisories, calling for heightened vigilance across banks, strategic sectors, and private enterprises. The increased threat environment has prompted a nationwide effort—public and private—to fortify cyber defenses under Operation Sindoor. -
Read moreA deeply embedded backdoor in Magento extensions has surfaced after six years, affecting 500 to 1,000 e-commerce websites—including a $40 billion multinational. The long-dormant malware has now been activated, compromising sensitive customer data in a widespread supply chain attack. -
Read moreIn a chilling example of cyber exploitation, threat actors are leveraging the tragic Pahalgam attack to deceive Indian government personnel into opening malicious documents. These phishing campaigns aim to install Remote Access Trojans (RATs) and extract sensitive intelligence data from highly sensitive departments. -
Read moreA new wave of subscription-based scams is flooding the internet, using fake online stores, deceptive pricing, and social media ads to steal users’ credit card details and charge them repeatedly — all under the guise of “exclusive memberships.” -
Read moreIn a recent high-impact ransomware incident, a reputed biopharmaceutical company in Pune’s Hinjawadi IT hub has fallen victim to a crippling cyberattack. The attackers have demanded a ransom of $80,000 (₹68 lakh) in exchange for unlocking sensitive encrypted data, effectively halting the firm's operations for over 48 hours. -
Read moreA newly surfaced ransomware group, RansomHub, is aggressively targeting corporate environments using an advanced, multi-stage infection chain that combines initial access malware with strategic network infiltration tactics. Cybersecurity researchers warn that this Ransomware-as-a-Service (RaaS) group poses a serious threat to global organizations by leveraging deceptive update prompts and stealthy backdoors. -
Read moreA stealthy new cyberattack campaign is using steganography and a legacy Microsoft Office vulnerability to deliver AsyncRAT — a powerful remote access trojan capable of full system compromise. This multi-stage campaign cleverly embeds malicious code in innocent-looking image files, using advanced evasion tactics to bypass traditional security solutions. -
Read moreCyber attackers are now weaponizing Google Forms—an otherwise legitimate tool—to craft highly convincing phishing campaigns that evade email security filters and steal user logins. Trusted domains and smart obfuscation tactics make these threats harder to detect and more dangerous than ever.
Recent Posts
