Cyber Security
A trusted tool for VMware administrators has been weaponized. Attackers built a fake version of RVTools, a widely used utility for managing virtual infrastructure, and disguised it with a real digital certificate to slip past Windows security warnings without raising...
Cyber Security
A new wave of social engineering attacks is targeting millions of State Bank of India customers across the country. Fraudsters are sending fake messages warning users that their YONO banking app will be deactivated unless they update their Aadhaar number immediately....
Cyber Security
The anonymous researcher known as Nightmare-Eclipse has been blocked from two major code-hosting platforms in less than a week, as their disruptive public zero-day campaign against Microsoft draws serious real-world consequences. GitLab moved to suspend the account of...
Cyber Security
A critical heap buffer overflow vulnerability has been disclosed in 7-Zip version 26.00, enabling attackers to achieve arbitrary code execution via a vtable hijack by exploiting a defect in the tool’s NTFS archive handler. Tracked as CVE-2026-48095 and assigned...
Cyber Security
A newly identified scareware kit called CypherLoc is locking victims’ browsers and tricking them into calling fake Microsoft support lines. The kit has been linked to roughly 2.8 million attacks since the start of 2026, making it one of the more aggressive...
Cyber Security
PyrsistenceSniper is an advanced tool for detecting offline persistence, enabling cybersecurity analysts to identify 117 separate persistence mechanisms across Windows, Linux, and macOS platforms. Originally inspired by Autoruns and PersistenceSniper, this...
Cyber Security
A highly sophisticated supply chain attack has compromised the Laravel-Lang ecosystem, injecting credential-stealing remote code execution backdoors into 233 package versions across 700 GitHub repositories. Discovered in May 2026 by Socket and Aikido, threat actors...
Cyber Security
“`html The npm registry executed a swift platform-wide action last week after supply chain breaches jeopardized numerous developers. On May 19, npm rendered invalid every granular access token with write privileges that circumvent two-factor authentication,...
Cyber Security
“`html Two previous executives of a U.S.-based call routing and analytics firm have admitted guilt to federal offenses for knowingly facilitating India-based call centers in deceiving thousands of American victims through intricate tech-support scam operations...
Cyber Security
“`html GitHub has acknowledged unauthorized entry to its internal repositories following the detection of an infiltrated employee device compromised by a harmful Visual Studio Code extension, the firm revealed in a series of official announcements on May 20,...
