fp-3b

Mustang Panda, a China-linked threat actor, uses the SnakeDisk USB worm and updated TONESHELL backdoors to target Thailand-based IPs, deploying the Yokai backdoor for remote access. Learn about their evolving malware tactics and focus on Thailand.

Malicious browser extensions SocialMetrics Pro and Madgicx Plus steal Facebook session cookies and credentials to hijack Meta Business accounts. Learn how these fake tools target advertisers via malvertising and fake websites.

A remote code execution flaw in Cursor AI Code Editor allows malicious code to run automatically when opening a project. Learn how disabling Workspace Trust exposes developers and how to protect your environment.

SpamGPT is a dark web “spam-as-a-service” platform using AI to automate large-scale phishing campaigns. Learn how KaliGPT and SMTP cracking training empower cybercriminals.

Cybercriminals abused compromised AWS credentials to hijack Amazon SES, sending 50,000+ phishing emails daily by bypassing sandbox limits. Learn how to detect and prevent SES abuse.

A high-severity COOP vulnerability in pgAdmin4 (up to version 9.7) enables attackers to bypass authentication and hijack accounts. Update to version 9.8 immediately to protect your PostgreSQL environment.

Cybercriminals use X’s AI assistant Grok to bypass ad restrictions and distribute malware through hidden links, reaching millions. Learn about the “Grokking” technique and its impact.

Cybercriminals register deceptive domains mimicking FIFA World Cup sites to steal data and distribute malware ahead of the 2026 tournament. Learn about the attack methods and protection strategies.

CISA warns of a critical Bluetooth vulnerability in SunPower PVS6 solar inverters allowing attackers to take full device control. Learn about the impact, affected devices, and recommended mitigations.

Discover BruteForceAI, an innovative penetration testing tool that uses AI and browser automation to detect login pages and execute advanced brute-force attacks with intelligent evasion and logging.