16 Jul, 2026

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities. Previously spread through pirated software and cheats for games like Roblox, Counter Strike, and Rust, WebRAT is a backdoor with info-stealing capabilities that emerged at the beginning of the year. According to a report from Solar 4RAYS in May, […]

3 mins read

Malicious extensions in Chrome Web store steal user credentials

Two Chrome extensions in the Web Store named ‘Phantom Shuttle’ are posing as plugins for a proxy service to hijack user traffic and steal sensitive data. Both extensions are still present in Chrome’s official marketplace at the time of writing and have been active since at least 2017, according to a report from researchers at the […]

2 mins read

Cyberattack knocks offline France’s postal, banking services

La Poste, the French national postal service, confirmed on Monday that all its information systems were knocked offline by “a major network incident,” disrupting digital banking and online services for millions of customers. On social media, La Poste announced that the disruption rendered multiple platforms temporarily inaccessible, including its main website, mobile app, digital identity […]

2 mins read

Italy fines Apple $116 million over App Store privacy policy issues

Italy’s competition authority (AGCM) has fined Apple €98.6 million ($116 million) for using the App Tracking Transparency (ATT) privacy framework to abuse its dominant market position in mobile app advertising. ATT requires developers to request consent to collect their data for targeted advertising before tracking them across websites, apps, and services owned by other companies. Apple […]

2 mins read

Baker University says 2024 data breach impacts 53,000 people

Baker University has disclosed a data breach after attackers gained access to its network one year ago and stole the personal, health, and financial information of over 53,000 individuals. Founded in 1858, Baker University is a private university in Baldwin City, Kansas, with nearly 2,000 enrolled students (1,457 undergraduates) and over 300 employees. The school detected suspicious […]

2 mins read

Nissan says thousands of customers exposed in Red Hat breach

Nissan Motor Co. Ltd. (Nissan) has confirmed that information of thousands of its customers has been compromised after the data breach at Red Hat in September. The Japanese multinational automobile manufacturer headquartered in Yokohama, Japan, produces more than 3.2 million cars a year. The company employs 120,000 people and has a strong presence in Japan, North […]

2 mins read

New MacSync malware dropper evades macOS Gatekeeper checks

The latest variant of the MacSync information stealer targeting macOS systems is delivered through a digitally signed, notarized Swift application. Security researchers at Apple device management platform Jamf say that the distribution method constitutes a significant evolution from past iterations that used less sophisticated “drag-to-Terminal” or ClickFix tactics. “Delivered as a code-signed and notarized Swift application within […]

2 mins read

Interpol-led action decrypts 6 ransomware strains, arrests hundreds

An Interpol-coordinated initiative called Operation Sentinel led to the arrest of 574 individuals and the recovery of $3 million linked to business email compromise, extortion, and ransomware incidents. Between October 27 and November 27, the investigation, which involved law enforcement in 19 countries, took down more than 6,000 malicious links and decrypted six distinct ransomware […]

2 mins read

Malicious npm package steals WhatsApp accounts and messages

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. A fork of the popular WhiskeySockets Baileys project, the malicious package provides the legitimate functionality. It has been available on npm published under the name lotusbail for at least […]

2 mins read