Menu
HOME
Current Articles
|
Archives
|
Search
20
A Browser Extension Risk Guide After the ShadyPanda Campaign
Master Code Fu
posted on December 20, 2025 07:29
In early December 2025, security researchers exposed a cybercrime campaign that had quietly hijacked popular Chrome and Edge browser extensions on a massive scale. A threat group dubbed ShadyPanda spent seven years playing the long game, publishing or acquiring harmless extensions, letting them run clean for years to build trust and gain millions of installs, then suddenly flipping them into
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
20
Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector
Master Code Fu
posted on December 20, 2025 07:29
Cybersecurity researchers have disclosed details of an active phishing campaign that's targeting a wide range of sectors in Russia with phishing emails that deliver Phantom Stealer via malicious ISO optical disc images. The activity, codenamed Operation MoneyMount-ISO by Seqrite Labs, has primarily singled out finance and accounting entities, with those in the procurement, legal, payroll
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
20
VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption
Master Code Fu
posted on December 20, 2025 07:29
The pro-Russian hacktivist group known as CyberVolk (aka GLORIAMIST) has resurfaced with a new ransomware-as-a-service (RaaS) offering called VolkLocker that suffers from implementation lapses in test artifacts, allowing users to decrypt files without paying an extortion fee. According to SentinelOne, VolkLocker (aka CyberVolk 2.x) emerged in August 2025 and is capable of targeting both Windows
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
20
CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks
Master Code Fu
posted on December 20, 2025 07:29
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. CVE-2018-4063 (CVSS score: 8.8/9.9) refers to an unrestricted file upload vulnerability that could be exploited to achieve remote code
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
20
Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild
Master Code Fu
posted on December 20, 2025 07:29
Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security flaws that it said have been exploited in the wild, one of which is the same flaw that was patched by Google in Chrome earlier this week. The vulnerabilities are listed below - CVE-2025-43529 (CVSS score: N/A) - A use-after-free vulnerability in WebKit
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
Page 7 of 10
First
Previous
2
3
4
5
6
[7]
8
9
10
Next
Last