Cyber Attack - Page 7

FIN6 Leverages Fake LinkedIn Resumes & AWS to Spread More_eggs Malware

Posted: June 11, 2025

Categories: Ransomware, Malware Alerts, Cyber Attack, vulnerability, LinkedIn

Tags: recruiters, phishing campaign, malware via linkedin, malware, linkedin resumes, fin6, aws

Author: Npav Lab

FIN6 cybercrime group uses fake resumes hosted on AWS to deliver More_eggs malware via LinkedIn. Learn how they target recruiters and evade detection.

China-Linked Cyber Espionage Group Targets 70+ Organizations

Posted: June 10, 2025

Categories: Ransomware, Security, Malware Alerts, Cyber Attack, Data Backup, Data Breach, Spyware

Tags: unc5174, purplehaze, cyber espionage group, china cyber espionage, apt15

Author: Npav Lab

Discover how a China-linked cyber espionage group, including APT15 and UNC5174, targeted over 70 organizations across government, media, and other sectors. Learn about the malware used, including ShadowPad and GoReShell, and the exploited vulnerabilities.

Sensata Technologies Ransomware Attack 2025: Data Breach, Operations Impact, and Response

Posted: June 10, 2025

Categories: Ransomware, Cyber Attack, Data Breach, Phishing, Website hacks

Tags: sensata technology building, sensata technologies, pii, maine, data breach, cybersecurity, cyber security security vulnerability, breach notification

Author: Npav Lab

Learn about the ransomware attack on Sensata Technologies, a leading industrial tech firm. Discover how the breach impacted operations, compromised customer data, and the company's response, including credit monitoring for affected individuals.

Google Account Recovery Vulnerability Exposes Users' Phone Numbers to Attackers

Posted: June 10, 2025

Categories: Google, Cyber Attack, Data Breach, Browser Hijack, vulnerability

Tags: user data protection, phone number exposure, legacy system vulnerabilities, google security breach, google account recovery vulnerability, cybersecurity threats, cve google security flaw, brute-force attack on google

Author: Npav Lab

Learn about a critical vulnerability in Google's account recovery system that allowed attackers to access any user's phone number through a brute-force attack, highlighting the importance of security audits for legacy systems.

Wazuh Server Vulnerability Exploited by Two Distinct Botnets for Mirai-Based DDoS Attacks

Posted: June 10, 2025

Categories: Security, Cyber Attack, Botnet, vulnerability, DDoS

Tags: wazuh server vulnerability, remote code execution vulnerabilities, mirai botnet attacks, iot security vulnerabilities, ddos attacks, cybersecurity threats, cve-2025-24016, botnet exploitation

Author: Npav Lab

Discover how two separate botnets exploit the critical Wazuh Server vulnerability (CVE-2025-24016) to launch Mirai-based DDoS attacks, targeting IoT devices and highlighting the urgency of cybersecurity measures.

OpenAI Bans ChatGPT Accounts Linked to Russian, Iranian, and Chinese Hacker Groups: A Deep Dive into Cyber Threats

Posted: June 09, 2025

Categories: Security, Cyber Attack, Securty Tips, Hacking, Hacker, Trojan

Tags: social media manipulation, openai, north korean cyber threats, malware development, hacker groups, cybersecurity, cyber threat intelligence, chatgpt, apt5, apt15

Author: Npav Lab

Discover how OpenAI has banned ChatGPT accounts associated with Russian, Iranian, and Chinese hacker groups. Learn about the malicious activities, including malware development and social media manipulation, and explore the implications for cybersecurity.

Security Risks in Popular Chrome Extensions: API Key Leaks and Unencrypted Data Transmission

Posted: June 06, 2025

Categories: Security, Cyber Attack, Data Breach

Tags: web security, user privacy, unencrypted data, security vulnerabilities, privacy breaches, password manager security, online security, https, data protection, cybersecurity, chrome extensions, api key leaks, aitm attacks

Author: Npav Lab

Discover significant security vulnerabilities in popular Chrome extensions that expose sensitive user data through unencrypted transmission and hardcoded credentials. Learn how to protect yourself from potential privacy breaches

Business Email Compromise: Detecting the Invisible Threat Before It Strikes

Posted: June 05, 2025

Categories: Cyber Attack, Phishing

Tags: credential theft, bec attacks

Author: Npav Lab

Business Email Compromise (BEC) attacks are stealthy, effective, and devastating. With no malware involved, these attacks bypass traditional security filters, trick employees, and siphon sensitive data or funds. But with real-time visibility through interactive sandboxing and endpoint protection like Net Protector, businesses can stay one step ahead.

Haryana Power Portal Crippled by Cyberattack, Leaves 50,000+ Consumers in the Dark

Posted: May 22, 2025

Categories: Security, Cyber Attack

Tags: power grid hack, haryana power cyberattack

Author: Npav Lab

A major cyber intrusion has taken down the Uttar Haryana Bijli Vitran Nigam Limited (UHBVNL) website, halting critical services like new electricity connections and online bill payments for thousands of consumers across the state. A targeted cyberattack on May 7, 2025, has paralyzed UHBVNL’s digital operations, leaving over 50,000 consumers unable to access vital power utility services. The breach marks yet another alarming example of the vulnerability of India's critical infrastructure to cyber threats.

Subscription-Based Scam Surge: Cybercriminals Use Recurring Payments to Drain Credit Card Accounts

Posted: May 05, 2025

Categories: Cyber Attack, Financial fraud

Tags: subscription scam, credit card fraud

Author: Npav Lab

A new wave of subscription-based scams is flooding the internet, using fake online stores, deceptive pricing, and social media ads to steal users’ credit card details and charge them repeatedly — all under the guise of “exclusive memberships.”