Blogs

The Coyote banking Trojan, active since February 2024, is the first malware to exploit the Windows UI Automation framework, targeting banks and crypto exchanges in Brazil. Learn how it operates and the risks involved.

Cybersecurity researchers have uncovered a stealth backdoor in WordPress mu-plugins, allowing hackers to maintain persistent admin access. Learn how this malware operates and how to protect your site.

A new variant of the macOS.ZuRu malware exploits a compromised Termius SSH client to turn developer workstations into remote access points. Learn about the risks and how to protect your systems.

Novabev Group confirmed a ransomware attack on July 14, 2025, disrupting operations and IT infrastructure. The company refuses to pay ransom and assures customer data remains secure.

Lucknow police have arrested 16 individuals and seized ₹1.07 crore in cash during a major cyber-fraud bust linked to a fake betting app, 'Lotus Gaming.' Discover the details of this online scam.

CrushFTP warns users of active exploitation of CVE-2025-54309, a vulnerability allowing remote admin access via HTTPS on unpatched servers. Learn about affected versions and recommended actions.

Cybersecurity researchers reveal a campaign targeting poorly secured Linux servers through SSH brute force attacks to deploy the SVF Botnet, a Python-based DDoS malware using Discord for command-and-control.

Iranian state-backed APT groups are intensifying cyber operations, leveraging AI-generated emails to target cybersecurity researchers. Learn about their tactics and the implications for global security.

India faces a staggering loss of ₹1,500 crore monthly due to cyber scams originating from Southeast Asia. Discover the impact of these frauds, their origins, and the challenges in combating them.

A sophisticated phishing campaign is targeting Node.js developers through a typosquatted domain, npnjs.com. Learn how attackers are impersonating the npm package registry and what you can do to protect your credentials.

Microsoft has disclosed a critical zero-day vulnerability in SharePoint Server (CVE-2025-53770) with a CVSS score of 9.8. Learn about the active exploitation, impact on enterprises, and emergency patches available.

Discover how Fancy Bear (APT28), a sophisticated Russian cyberespionage group, infiltrates governments and military organizations using advanced cyber tools and tactics. Learn about their methods, motivations, and recent activities.

A senior government officer in Chhattisgarh, Maya Tiwari, was defrauded of ₹90 lakh by a Facebook scammer posing as a friend. Learn about the incident and the rise of cyber fraud in the state.

Discover the critical NVIDIAScape vulnerability (CVE-2025-23266) in the NVIDIA Container Toolkit, allowing attackers to escape container isolation and gain root access. Learn about its implications and mitigation strategies.

Cybersecurity researchers have uncovered a new attack method by the PoisonSeed group that exploits FIDO key protections through QR phishing and cross-device sign-in. Learn how this technique deceives users and compromises account security.

A 62-year-old woman from Bandra, Mumbai, was defrauded of ₹7.8 crore by scammers who lured her into a fake trading app promising high returns. Learn how the scam unfolded and the warning signs to watch for.

Discover the details of the recent CoinDCX cyberattack where $44 million was stolen. Learn about the incident, recovery plans, and how customer funds remain safe.

Cybersecurity researchers have identified new AsyncRAT variants featuring a disturbing "Screamer" tool for audio manipulation and a USB malware spreader that revives autorun-based infections. Learn about these evolving cyber threats and their implications.

A Nagpur teacher fell victim to a sophisticated mobile hacking scam, losing ₹10 lakh after being tricked into installing a malicious app for KYC verification. Learn about this alarming incident and the growing threat of financial cyber fraud in India.

Two employees of Paytm Payments Bank have been arrested for allegedly unfreezing accounts linked to cyber fraud, releasing nearly ₹30 lakh without legal authorization. Learn about the investigation and implications for internal oversight.