Blogs

A new phishing campaign is targeting Windows users with a deceptive technique called ClickFix, tricking victims into executing malicious PowerShell commands. The attack, active since March 2025, deploys a modified version of the Havoc command-and-control (C2) framework through SharePoint abuse, allowing attackers to take full control of compromised systems.

Angel One, a leading financial services platform, has confirmed a data breach impacting 8 million users after hackers gained unauthorized access to its Amazon Web Services (AWS) resources. The breach was discovered when dark web monitoring alerts signaled potential data leakage. While the company acted quickly to secure its systems, concerns remain about how the breach occurred and its long-term implications.

A dangerous phishing campaign is targeting job seekers in the Web3 and cryptocurrency industry. Attackers are using fake job listings and fraudulent interview invites to trick victims into downloading a malicious video meeting app called GrassCall. Once installed, the malware steals login credentials, authentication data, and cryptocurrency wallets.

A new phishing attack is targeting Amazon Prime users, tricking them with fake renewal notifications to steal login credentials, personal details, and payment information. Discovered by the Cofense Phishing Defense Center on February 18, 2025, this attack uses advanced social engineering techniques and multiple layers of deception.

A new phishing campaign is targeting industrial organizations in the Asia-Pacific (APAC) region using a dangerous malware called FatalRAT. Hackers are using Chinese cloud services to deliver the malware, making it harder to detect. The attack mainly targets government agencies, manufacturing, IT, telecommunications, healthcare, energy, and logistics companies in countries like Taiwan, Malaysia, China, Japan, and more.

Cybercriminals are using stolen browser fingerprints to bypass security checks and impersonate users. The ScreamedJungle attack targets outdated Magento e-commerce platforms to inject malicious scripts that steal unique digital identifiers. This allows hackers to evade security systems, including multi-factor authentication (MFA) and device reputation checks.

A dangerous Android malware app, SpyLend, was downloaded 100,000+ times from Google Play, pretending to be a financial tool. Instead, it stole user data and was used for predatory loan scams in India. Users were harassed, blackmailed, and threatened if they failed to repay high-interest loans.

Cybercriminals are abusing PayPal’s address settings to send scam emails that look like official notifications. These emails claim a new shipping address has been added to your PayPal account and include a fake purchase confirmation for a MacBook M4. The goal is to trick users into calling a fake PayPal support number, where scammers try to gain remote access to their devices.

A dangerous Wi-Fi password-stealing tool has been found on GitHub. This Python-based script can extract saved Wi-Fi credentials from Windows devices, making it a serious security risk. While labeled as an "educational tool," it can easily be misused by hackers to gain unauthorized network access.

A new cyberattack campaign is tricking users into downloading malware through fake browser update alerts. Hackers from the SmartApeSG group are targeting compromised websites to distribute NetSupport RAT and StealC malware, which can steal sensitive data and give attackers remote access to your system.

Raymond Limited, a well-known textile and clothing company, has confirmed a cyber attack on its IT systems. The breach impacted some internal infrastructure, but the company's retail stores, supply chain, and digital services continue to operate normally. The attack was detected during routine security monitoring, and immediate action was taken to isolate affected systems.

Cybercriminals have exploited over 150 Indian government and financial websites to trick users into fake gambling and investment scams. By injecting malicious code into trusted domains, they manipulate search engine rankings, redirecting visitors to fraudulent rummy and casino websites. This attack highlights the urgent need for stronger cybersecurity measures to protect public sector platforms.

A major security flaw in the Indian Post Office portal exposed thousands of KYC records, including Aadhaar numbers, PAN details, and personal data. The vulnerability, known as an IDOR attack, allowed unauthorized users to access sensitive data simply by altering numbers in the website’s URL. This incident highlights the urgent need for stronger cybersecurity in government platforms.

The Kaveri 2.0 portal, used for property registrations in Karnataka, faced a major DDoS cyberattack in December 2024 and January 2025. The attack overwhelmed the system with fake user requests, slowing it down and stopping many property registrations. Authorities later confirmed that the attack was deliberate and registered a case under the IT Act, 2000.

A new ransomware campaign called XELERA is tricking job seekers with fake job offers from the Food Corporation of India (FCI). Victims receive malicious Word documents via email, which install ransomware and steal personal data. The attack also uses Discord bots to control infected computers remotely.

A new phishing attack has been discovered where hackers use Webflow’s CDN and fake CAPTCHAs to trick users into entering their credit card details. The attackers manipulate search results to lure victims into clicking malicious PDFs that lead to phishing websites.

A serious security flaw in YouTube and Google’s Pixel Recorder API allowed hackers to extract users’ email addresses from their anonymous YouTube accounts. Security researchers found a way to convert hidden Google IDs (Gaia IDs) into email addresses, exposing millions of users to privacy risks. Google has now fixed the issue, but it highlights how interconnected services can create security loopholes.

Cybercriminals are creating fake Valentine’s Day-themed websites using words like “love,” “gift,” and “Valentine” to steal personal and financial information. These scams include phishing emails, fake online stores, and romance frauds, tricking people into revealing sensitive data or downloading malware.

Hackers are exploiting QR codes in a new scam called “quishing”, tricking users into scanning fake QR codes that lead to phishing sites, malware downloads, or financial fraud. These attacks are bypassing traditional security measures, making individuals and businesses vulnerable.

Hackers are using fake virus warnings to scare mobile users into downloading malicious antivirus apps. These scareware attacks create a false sense of urgency, tricking people into installing apps that can steal data, encrypt files, or cause system damage.