17 Jul, 2026

APT37 hackers abuse Google Find Hub in Android data-wiping attacks

North Korean hackers are abusing Google’s Find Hub tool to track the GPS location of their targets and remotely reset Android devices to factory settings. The attacks are primarily targeting South Koreans, and start by approaching the potential victims over KakaoTalk messenger – the most popular instant messaging app in the country. South Korean cybersecurity solutions […]

5 mins read

Mozilla Firefox gets new anti-fingerprinting defenses

Mozilla announced a major privacy upgrade in Firefox 145 that reduces even more the number of users vulnerable to digital fingerprinting. The new protections will initially be available only in Private Browsing Mode and Enhanced Tracking Protection (ETP) Strict mode. After testing and optimization, they will be enabled by default in the Firefox web browser. […]

3 mins read

CISA orders feds to patch Samsung zero-day used in spyware attacks

CISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day attacks to deploy LandFall spyware on devices running WhatsApp. Tracked as CVE-2025-21042, this out-of-bounds write security flaw was discovered in Samsung’s libimagecodec.quram.so library, allowing remote attackers to gain code execution on devices running Android 13 and later. While Samsung patched it in […]

2 mins read

Yanluowang initial access broker pleaded guilty to ransomware attacks

A Russian national will plead guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks that targeted at least eight U.S. companies between July 2021 and November 2022. According to a plea agreement signed by the defendant on October 29, first spotted by Court Watch editor Seamus Hughes, Aleksey Olegovich Volkov (who used the “chubaka.kor” and “nets” aliases) […]

3 mins read

Popular JavaScript library expr-eval vulnerable to RCE flaw

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. The security issue was discovered by security researcher Jangwoo Choe and is tracked as CVE-2025-12735. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the severity rating is critical, with a […]

2 mins read

Lost iPhone? Don’t fall for phishing texts saying it was found

The Swiss National Cyber Security Centre (NCSC) is warning iPhone owners about a phishing scam that claims to have found your lost or stolen iPhone but is actually trying to steal your Apple ID credentials. When iPhone customers lose their phone or it is stolen, they can set a custom message in Apple’s Find My app that appears on […]

3 mins read

Dangerous runC flaws could allow hackers to escape Docker containers

Three newly disclosed vulnerabilities in the runC container runtime used in Docker and Kubernetes could be exploited to bypass isolation restrictions and get access to the host system. The security issues, tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881 (all ), were reported this week and disclosed by SUSE software engineer and Open Container Initiative (OCI) board […]

2 mins read

GlassWorm malware returns on OpenVSX with 3 new VSCode extensions

The GlassWorm malware campaign, which impacted the OpenVSX and Visual Studio Code marketplaces last month, has returned with three new VSCode extensions that have already been downloaded over 10,000 times. GlassWorm is a campaign and malware that leverages Solana transactions to fetch a payload targeting GitHub, NPM, and OpenVSX account credentials, as well as cryptocurrency […]

2 mins read

Malicious NuGet packages drop disruptive ‘time bombs’

Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database implementations and Siemens S7 industrial control devices. The embedded malicious code uses a probabilistic trigger, so it may or may not activate depending on a set of parameters on the infected device. NuGet is an open-source package manager and software […]

3 mins read