Collaborate Disseminate
Researchers reveal CVE-2025-54322, a critical unpatched flaw in XSpeeder networking gear found by AI agents. 70,000 industrial and branch devices are exposed. Continue reading Critical 0day flaw Exposes 70k XSpeeder Devices as Vendor Ignores Alert
Koi Security uncovers lotusbail, a malicious npm package with 56K downloads that steals WhatsApp messages and installs a persistent backdoor. Learn how to protect your data. Continue reading Popular NPM Package lotusbail Exposed as Trojan Stealing WhatsApp Chats
Researchers discovered critical flaws in Eurostar’s AI chatbot including prompt injection, HTML injection, guardrail bypass, and unverified chat IDs – Eurostar later accused them of blackmail. Continue reading Eurostar Accused Researchers of Blackmail for Reporting AI Chatbot Flaws
Jamf security experts have found a new version of MacSync Stealer. Disguised as a zk-call app, it uses official notarization to bypass security and steal your saved passwords. Continue reading New MacSync Stealer Disguised as Trusted Mac App Hunts Saved Passwords
Romania’s national water authority, Romanian Waters, was hit by a major ransomware attack affecting 1,000 systems but dams remain safe. Learn how authorities are fighting back without paying the ransom. Continue reading Ransomware Hits Romanian Water Authority, 1000 Systems Knocked Offline
Spotify has confirmed a massive unauthorised data scrape involving 256 million track records and 86 million audio files. Learn how “Anna’s Archive” bypassed security, and why experts warn against downloading the leaked files. Continue reading Pirate Group Anna’s Archive Copies 256M Spotify Songs in Data Scrape
Kaspersky warns of ‘Frogblight,’ a new Android malware draining bank accounts in Turkiye. Learn how this ‘court case’ scam steals your data and how to stay safe. Continue reading Frogblight Malware Targets Android Users With Fake Court and Aid Apps
Cybersecurity firm Ontinue reveals how the open-source tool Nezha is being used as a Remote Access Trojan (RAT) to bypass security and control servers globally. Continue reading Hackers Abuse Popular Monitoring Tool Nezha as a Stealth Trojan
A new report from Check Point Research reveals a growing trend of cyber criminals recruiting employees at banks, telecoms, and tech giants. Learn how hackers use the darknet and Telegram to offer payouts up to $15,000 for internal access to companies l… Continue reading Insider Threat: Hackers Paying Company Insiders to Bypass Security
US authorities have charged Zahid Hasan with running TechTreek, a $2.9 million online marketplace selling fake ID templates. The investigation, involving the FBI and Bangladesh police, uncovered a global scheme selling fraudulent passports and social s… Continue reading FBI Seizes Fake ID Template Domains Operating from Bangladesh