Cryptocurrency Scams Target Asia, Combining Malvertising and Pig Butchering with Losses Up to 10 Million
A sophisticated cryptocurrency scam campaign is currently targeting users across Asia, with a heavy and specific focus on Japan. This operation uniquely combines two distinct fraud models into a single, highly effective attack vector: malvertising and “pig butchering.” By blending the broad reach of malicious advertising with the psychological manipulation of long-term social engineering, cybercriminals […]
New SysUpdate Variant Malware Discovered and Tool Developed to Decrypt Encrypted Linux C2 Traffic
A new variant of the SysUpdate malware has emerged as a sophisticated threat targeting Linux systems with advanced command-and-control (C2) encryption capabilities. The malware was discovered during a Digital Forensics and Incident Response (DFIR) engagement when security teams detected the suspicious Linux binary in a client’s environment. This packed ELF64 executable uses an unknown obfuscated […]
Notepad++ v8.9.2 Released with Double-Lock Update Mechanism Following Recent Hack
Notepad++ v8.9.2 Released The widely used open-source text and code editor has released version v8.9.2, introducing a major security enhancement known as the “Double-Lock” update mechanism. This update addresses vulnerabilities that were exploited in a recent state-sponsored attack targeting the application’s update infrastructure. Last month, Notepad++’s official site confirmed that attackers had successfully hijacked its update channel, allowing […]
Malware in the Wild as Malicious Fork of Legitimate Triton App Surfaces on GitHub
A malicious fork of the legitimate macOS application Triton has surfaced on GitHub, exploiting open-source repositories to distribute malware. The fraudulent repository, created under the account “JaoAureliano,” appeared as a copy of the original Triton app developed by Otávio C. Instead of providing genuine software, the fork redirected users to download a ZIP file containing […]
Malicious Chrome Extension Steals Facebook Business Manage 2FA Codes and Analytics Data
Malicious Chrome Extension Steals Facebook Business Manage 2FA Codes A malicious Chrome extension that claims to help Meta Business users quietly steals Facebook Business Manager 2FA codes and analytics data, putting high‑value ad accounts at risk of takeover. The extension, “CL Suite by @CLMasters” (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), is still available in the Chrome Web Store and specifically […]
Noodlophile Malware Creators Evolve Tactics with Fake Job Postings and Phishing Lures
The Noodlophile information stealer, originally uncovered in May 2025, has significantly evolved its attack strategies to bypass security measures. Initially, this malware hid behind deceptive advertisements for fake AI video generation platforms on social media, tricking users into downloading malicious ZIP files. These early campaigns focused on harvesting credentials and cryptocurrency wallets, which were then […]
Joomla Novarain/Tassos Framework Vulnerabilities Enables SQL injection and Unauthenticated File Read
Joomla Novarain/Tassos Framework Vulnerabilities Websites running the Novarain/Tassos Framework are vulnerable to critical security flaws that allow unauthenticated file read, file deletion, and SQL injection attacks, potentially leading to remote code execution and full administrator takeover on unpatched systems. The issues affect multiple popular Tassos extensions and require urgent patching through the vendor’s updated releases. […]
Critical BeyondTrust Vulnerability Exploited in the Wild to Gain Full Domain Control
BeyondTrust Vulnerability Exploit A critical vulnerability tracked as CVE-2026-1731 is being actively exploited in the wild, enabling attackers to gain full domain control over affected systems. Threat actors are leveraging this flaw to execute operating system commands remotely without authentication. The flaw, discovered in self-hosted BeyondTrust deployments, allows unauthenticated attackers to run arbitrary OS commands via specially crafted […]
Windows 11 KB5077181 Security Update Causing Some Devices to Restart in an Infinite Loop
Windows 11 KB5077181 Security Update Microsoft’s February 10, 2026, security update KB5077181 for Windows 11 versions 24H2 (build 26200.7840) and 25H2 (build 26100.7840) has triggered widespread reports of critical boot failures just days after deployment. Users describe devices entering infinite restart loops, often exceeding 15 cycles, preventing access to the desktop. This cumulative update delivers […]
PentestAgent AI Penetration Testing Tool With Prebuilt Attack Playbooks and HexStrike Integration
PentestAgent PentestAgent, an open-source AI agent framework from developer Masic (GH05TCREW), has introduced enhanced capabilities, including prebuilt attack playbooks and seamless HexStrike integration. Released on GitHub by a researcher with the alias GH05TCREW, this tool leverages large language models (LLMs) like Claude Sonnet or GPT-5 via LiteLLM to conduct sophisticated black-box security assessments. PentestAgent operates […]