Blogs

As we welcome 2025, it's a time to reflect on the past and embrace new opportunities. This year, cybersecurity should be a top priority. With the rise in cyber threats like ransomware, phishing, and data breaches, ensuring your digital safety is more important than ever.

A large-scale phishing attack has compromised 16 popular Chrome browser extensions, exposing over 600,000 users to data theft and credential breaches. The campaign exploited legitimate extension publishers, injecting malicious code into their products to steal sensitive information such as cookies and access tokens.

A Kolkata-based businessman fell victim to a sophisticated investment scam orchestrated through fake Chinese apps, losing Rs 46 lakh. The fraudsters used a deceptive app and social media to lure the victim into a trap, highlighting the growing risks of cyber fraud targeting even the tech-savvy.

This festive season, give the gift of safety! As we celebrate the joy of Christmas, it's a perfect time to protect your loved ones' digital lives. With Net Protector Cyber Security, safeguard your devices and personal information from cyber threats. Stay safe, stay secure, and enjoy a worry-free holiday season.

Ascension, a leading healthcare network, experienced a devastating ransomware breach in May. The attack, linked to the Black Basta group, compromised sensitive data of nearly 5.6 million patients and employees, revealing critical vulnerabilities in the healthcare sector.

The 'Bitter' cyberespionage group has launched attacks on Turkish defense organizations, deploying a new malware family, MiyaRAT. This sophisticated malware, alongside WmRAT, leverages alternate data streams and advanced techniques to exfiltrate sensitive data and control compromised systems.

A Pune police constable lost Rs 2.3 lakh after unknowingly scanning a malicious QR code at a bakery. Fraudsters exploited his device through a malicious APK file, leading to unauthorized access to multiple accounts. This incident highlights the rising risks of cyber scams in digital transactions.

Fraudsters are targeting unsuspecting individuals with fake parcel notifications. These calls, often from numbers starting with +96, +18, claim there’s an issue with your delivery and urge you to "Press 9" for more details. Don’t fall for it—this is a scam!

Artivion, a global leader in heart surgery medical devices, faced a disruptive ransomware attack on November 21. The attack encrypted systems, stole data, and impacted corporate operations, order processing, and shipping. This incident highlights the rising threat of ransomware in the healthcare sector.

A ransomware attack on Comtel Data Centre has severely impacted around 16 stockbrokers, including prominent names like IIFL Securities, 5Paisa, and Axis Securities. The breach has led to blocked exchange access and raised concerns over client data and order flow security. Exchanges have mandated strict security certifications before resuming operations.

Two women in Mumbai, including a 61-year-old homemaker, lost a combined Rs 4.7 lakh to cyber fraudsters. These cases underline the growing sophistication of online scams, including KYC updates and fraudulent advertisements.

A four-month-long cyberattack targeted a major U.S. organization, compromising its network and extracting sensitive data. The breach is attributed to a Chinese state-sponsored group, employing advanced techniques like DLL side-loading, living-off-the-land tools, and targeting Exchange servers.

Chinese state-backed hacking group Salt Typhoon has breached telecommunications companies in dozens of countries, including eight firms in the U.S., exploiting vulnerabilities in private communication networks. This long-running campaign raises alarms about critical infrastructure security and highlights the urgent need for encrypted communications and robust system defenses.

The Horns and Hooves campaign, active since March 2023, has targeted over 1,000 victims with phishing emails containing JavaScript payloads that deploy sophisticated RAT malware like NetSupport RAT and BurnsRAT. This attack primarily targets private users, retailers, and service businesses in Russia, leveraging remote access tools for data theft, ransomware, and malware deployment.

Over 8 million Android users across nine countries have been impacted by SpyLoan malware embedded in loan apps downloaded from the Google Play Store. These apps exploit user trust, financial desperation, and intrusive permissions to harvest sensitive data, leading to extortion, harassment, and financial loss.

Bologna Football Club 1909 has confirmed a ransomware attack by the RansomHub gang, resulting in the theft and public release of sensitive data. The leaked information includes sponsorship contracts, financial records, and personal data of players, employees, and fans, emphasizing the rising cyber threat to sports organizations.

Hackers have leveraged the popular Godot game engine to spread GodLoader malware, infecting over 17,000 systems within three months. By exploiting Godot’s scripting language and packaging capabilities, cybercriminals bypass detection and deliver payloads like the XMRig crypto miner. This attack highlights the need for vigilance within open-source communities and enhanced protection against malware disguised as legitimate tools.

Researchers have discovered "Bootkitty," the first-ever UEFI bootkit targeting Linux systems. Although currently a proof-of-concept, this development signals a critical shift in the UEFI threat landscape, historically dominated by Windows-focused attacks. Bootkitty demonstrates advanced capabilities, including bypassing Secure Boot protocols and disabling kernel integrity checks, emphasizing the need for robust cybersecurity measures to protect Linux environments.

A Russia-aligned cybercrime group, RomCom, has leveraged two zero-day vulnerabilities in Firefox and Windows to deploy its backdoor malware, RomCom RAT, in a series of sophisticated attacks. These vulnerabilities allow remote code execution with no user interaction, escalating the threat posed by this group in both espionage and cybercrime operations.

We are thrilled to announce that NPAV (Net Protector Antivirus) has been awarded the prestigious AV-Test Advanced Threat Protection (ATP) Certificate, a testament to our cutting-edge capabilities in defending against today’s most sophisticated cyber threats.