Hackers have unleashed a new self-propagating malware dubbed GlassWorm, which first infiltrated the Visual Studio Code extension ecosystem via the OpenVSX marketplace. Researchers at Koi Security found that the worm conceals malicious code using...
Kuba Gretzky originally sought to make the internet a safer place — yet his creation achieved the opposite. In 2017, the Polish programmer developed Evilginx, a tool designed to help Red Team professionals study...
For the first time, the U.S. Department of Homeland Security has formally demanded that OpenAI disclose the identity of a ChatGPT user whose prompts appeared in a child pornography investigation. The warrant—issued to agents...
Across the Asia-Pacific region and Japan, a new breed of cybercrime is taking shape—one where attackers operate as structured business entities, guided by clear strategies and profit-driven motives. According to the CrowdStrike 2025 APJ...
The Japanese company Ryohin Keikaku, owner of the Muji brand, has suspended operations of its online store following a cyberattack on its logistics partner, Askul Corp. According to Ryohin Keikaku, the decision was made...
Developers using the Cursor and Windsurf IDEs are currently exposed to exploitation through at least 94 known vulnerabilities in Chromium and its JavaScript engine, V8. Both environments are built on outdated versions of Electron...
In early 2025, a developer named Jay Gibson (name changed for security reasons) received a chilling notification on his personal iPhone: Apple had warned him that his device had been the target of a...
LinkedInDumper Python 3 script to dump company employees from LinkedIn Voyager API. The results contain firstname, lastname, position (title), location, and a user’s profile link. Only 2 API calls are required to retrieve all...
A malicious file was discovered in the downloads section of Xubuntu.org, the official website of the Ubuntu distribution featuring the Xfce desktop environment. The counterfeit installer, disguised as “Xubuntu — Safe Downloader,” was designed...
XSS Exploitation Tool It is a penetration testing tool that focuses on the exploitation of Cross-Site Scripting vulnerabilities. Features Technical Data about the victim browser Geolocation of the victim Snapshot of the hooked/visited page...
The South Korean government has officially confirmed a cyberattack on the nation’s key infrastructure—two months after the incident occurred. According to the report, attackers gained access to the Onnara document management system, used by...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning that a vulnerability in the Windows SMB protocol, identified as CVE-2025-33073, is already being actively exploited in real-world attacks. Classified as a...
