NPAV Logo

Shopping Cart My Cart 0
₹0.00
Currency
INR
Currency
INR

fp-3a

  1. Job Hunters Alert: Vampire Bot Malware Hides in Fake Job Offer Emails

    Job Hunters Alert: Vampire Bot Malware Hides in Fake Job Offer Emails

    Posted: October 09, 2025
    Categories: Malware Alerts, Email And Password
    Tags: fp-3b, fp-3a, fp-2e, fp-2d, fp-2c, fp-2b, fp-2a, fp-1b, fp-1a
    Author: Npav Lab
    Views: 35
    Vampire Bot spyware targets job seekers via deceptive ZIP attachments in recruiter emails, stealing screenshots and data. Linked to BatShadow hackers, it evades detection—stay safe by verifying offers and using EDR tools to avoid digital traps.
    Read more
  2. OpenAI Bans ChatGPT Accounts of Chinese Hackers Using AI for Malware Refinement and Phishing Attacks

    OpenAI Bans ChatGPT Accounts of Chinese Hackers Using AI for Malware Refinement and Phishing Attacks

    Posted: October 08, 2025
    Categories: Malware Alerts, Phishing, Hacker, AI
    Tags: fp-3b, fp-3a, fp-1a
    Author: Npav Lab
    Views: 28
    OpenAI's October 2025 report reveals bans on ChatGPT accounts linked to PRC-affiliated groups like UNKDROPPITCH, who leveraged AI to debug malware (GOVERSHELL, HealthKick), craft targeted phishing, and build surveillance tools—disrupting 40+ networks; models block direct threats but highlight efficiency risks in cyber ops.
    Read more
  3. Hackers Silently Weaponize WordPress Sites with Malicious PHP Injections for Malvertising and Redirects

    Hackers Silently Weaponize WordPress Sites with Malicious PHP Injections for Malvertising and Redirects

    Posted: October 08, 2025
    Categories: Malware Alerts, Data Breach, Hacker
    Tags: fp-3b, fp-3a, fp-1b, fp-1a
    Author: Npav Lab
    Views: 24
    Sucuri uncovers stealthy PHP code injections in WordPress theme files (functions.php) exploiting weak permissions and outdated plugins to fetch obfuscated JS from brazilc[.]com, enabling pop-ups, redirects, and Cloudflare-mimicking iframes—update themes, tighten permissions, and monitor scripts to secure sites.
    Read more
  4. Microsoft Warns: Hackers Exploit Teams Features Across Attack Chain for Malware and Ransomware Delivery

    Microsoft Warns: Hackers Exploit Teams Features Across Attack Chain for Malware and Ransomware Delivery

    Posted: October 08, 2025
    Categories: Ransomware, Malware Alerts, Cyber Attack, Hacker, Microsoft
    Tags: fp-6d, fp-6a, fp-4a, fp-3b, fp-3a, fp-1b
    Author: Npav Lab
    Views: 22
    Microsoft alerts on cybercriminals and state actors abusing Teams' messaging, calls, and sharing for full attack lifecycle—from reconnaissance with TeamsEnum to exfiltration via GraphRunner and extortion by Octo Tempest. Harden identities, monitor anomalies, and train users to mitigate.
    Read more
  5. CometJacking: New Attack Hijacks Perplexity’s Comet AI Browser for Covert Data Exfiltration

    CometJacking: New Attack Hijacks Perplexity’s Comet AI Browser for Covert Data Exfiltration

    Posted: October 06, 2025
    Categories: Cyber Attack, Data Breach, Browser Hijack, AI
    Tags: fp-3b, fp-3a, fp-1b, fp-1a
    Author: Npav Lab
    Views: 55
    LayerX uncovers CometJacking, exploiting Perplexity’s AI browser via malicious URLs to steal Gmail/Calendar data—tricks AI into Base64-encoded exfiltration, bypassing safeguards. Urgent call for AI security-by-design amid rising agentic threats.
    Read more
  6. Malicious Postmark-MCP Server Steals Emails via Hidden BCC in AI-Powered Workflows

    Malicious Postmark-MCP Server Steals Emails via Hidden BCC in AI-Powered Workflows

    Posted: September 29, 2025
    Categories: Malware Alerts, Data Breach, Email And Password, AI
    Tags: fp-3b, fp-3a, fp-1b
    Author: Npav Lab
    Views: 24
    A malicious update to the postmark-mcp server injects a hidden BCC to exfiltrate sensitive emails from thousands of organizations. Koi’s risk engine uncovered the attack, highlighting risks in AI-driven MCP tools. Remove version 1.0.16+ and audit MCP servers now.
    Read more
  7. Evolved XCSSET Malware Targets macOS Developers: Clipboard Hijacking, Firefox Theft, and Xcode Infections

    Evolved XCSSET Malware Targets macOS Developers: Clipboard Hijacking, Firefox Theft, and Xcode Infections

    Posted: September 26, 2025
    Categories: Malware Alerts, Data Breach
    Tags: fp-6a, fp-4c, fp-3b, fp-3a, fp-1a
    Author: Npav Lab
    Views: 36
    Microsoft uncovers advanced XCSSET variant infecting Xcode projects for macOS devs—adds Firefox data exfiltration, crypto wallet clipboard swaps via AES-encrypted AppleScripts, and LaunchDaemon persistence. Mitigate with updates, Defender for Endpoint, and domain blocks.
    Read more
  8. Hackers Weaponize AI-Generated Code to Obfuscate Phishing Payloads in SVG Files, Bypassing Traditional Defenses

    Hackers Weaponize AI-Generated Code to Obfuscate Phishing Payloads in SVG Files, Bypassing Traditional Defenses

    Posted: September 26, 2025
    Categories: Phishing, Hacker, AI
    Tags: fp-3b, fp-3a, fp-1b, fp-1a
    Author: Npav Lab
    Views: 33
    Microsoft exposes AI-driven phishing campaign targeting US organizations: attackers use AI to craft verbose, business-jargon code in SVG attachments disguised as PDFs, hiding credential-stealing payloads behind invisible dashboards and evading antivirus detection.
    Read more
  9. Hackers Bypass EDR with In-Memory PE Loader: Fileless Execution in Trusted Processes

    Hackers Bypass EDR with In-Memory PE Loader: Fileless Execution in Trusted Processes

    Posted: September 25, 2025
    Categories: Hacker, AI
    Tags: fp-6d, fp-6a, fp-3b, fp-3a, fp-1b, fp-1a
    Author: Npav Lab
    Views: 78
    Threat actors use in-memory PE loaders to download and run malicious executables (e.g., RATs) via Windows APIs like VirtualAlloc and LoadLibraryA, evading file-based EDR like Microsoft Defender/Sophos. Learn the technique's steps, red team success, and need for memory/behavioral defenses.
    Read more
  10. Banking Trojans Disguise as Government Apps to Target Android Users in Indonesia and Vietnam

    Banking Trojans Disguise as Government Apps to Target Android Users in Indonesia and Vietnam

    Posted: September 24, 2025
    Categories: Android Security, Banking Trojan
    Tags: fp-3b, fp-3a, fp-2c, fp-2a, fp-1b
    Author: Npav Lab
    Views: 40
    Since August 2024, BankBot.Remo variants use WebSocket chunked downloads on spoofed Google Play pages to deliver malware as fake payment/identity apps like IdentitasKependudukanDigital.apk; over 100 Alibaba/Gname domains evade filters—monitor WebSockets and block C2 for defense.
    Read more
Page
Categories
Recent Posts
Map of seven Indian airports impacted by cyberattacks: Delhi, Mumbai, Kolkata, Hyderabad, and Bengaluru, showing GPS spoofing locations.
Cyberattack Hits Seven Indian Airports: GPS Spoofing Confirmed, No Flights Disrupted
December 02, 2025
Comparison of fake phishing domain rnicrosoft.com mimicking real Microsoft.com to steal logins via typosquatting.
Phishing Scam Alert: Hackers Swap 'm' for 'rn' to Fake Microsoft and Steal Your Logins
November 25, 2025
Scam alert infographic: Hotel booking with fake staff icon, arrows to QR code payments; protective shields for verification, with "Verify Directly" warning banner over a travel scene.
KTMS warns of hotel scams in Kerala—learn the tactics and tips to avoid losing money to impersonators.
November 17, 2025
Phishing alert infographic: Invoice email with VBS attachment, arrows to XWorm stealing data; protective shields for filtering and training, with "Verify Emails" warning banner over an inbox.
Fake Invoices Spread XWorm: Hackers Steal Login Data
November 17, 2025
Malware alert infographic: Photo frame with auto-download arrows to spyware; protective shields for updates and isolation, with "Secure Your IoT" warning banner over a smart home.
Android Photo Frames: Malware Infects Devices Automatically
November 14, 2025
Back to Top