News

TamperedChef serves bad ads, with infostealers as the main course

Bys s January 16, 2026

Sophos X-Ops explores a malvertising campaign that leverages Google Ads to distribute an infostealer

Categories: Threat Research

Tags: TamperedChef, EvilAI, infostealer, Sophos X-Ops

News

AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
Bys s July 28, 2025

In November 2022, the All India Institute of Medical Sciences (“AIIMS“) reportedly suffered a ransomware attack. They may have just escaped another incident thanks to the responsible disclosure of a vulnerability found by a researcher. Ashish Khaitan reports: A critical vulnerability in the AIIMS portal exposed highly sensitive data of voluntary organ and tissue donors…

Read More AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
News

I am not a robot: ClickFix used to deploy StealC and Qilin
Bys s January 14, 2026

The fake human verification process led to infostealer and ransomware infections Categories: Threat Research Tags: clickfix, Featured, GOLD FEATHER, human verification, infostealer, qilin, Ransomware, StealC

Read More I am not a robot: ClickFix used to deploy StealC and Qilin
News

⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More
Bys s September 1, 2025

Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door. The news this week shows how attackers are mixing methods—combining stolen access, unpatched software, and…

Read More ⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More
News

Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers
Bys s April 27, 2025

Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year. “The attack involves the use of AzureChecker.exe, a Command Line Interface (CLI) tool that is being used by a wide range of threat actors,” the Microsoft Threat Intelligence…

Read More Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers
News

CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428
Bys s September 18, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of two sets of malware that were discovered in an unnamed organization’s network following the exploitation of security flaws in Ivanti Endpoint Manager Mobile (EPMM). “Each set contains loaders for malicious listeners that enable cyber threat actors to run arbitrary code on the…

Read More CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428
News

The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?
Bys s October 10, 2025

The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and velocity, a new generation of AI-powered agents is reshaping how Security Operations Centers (SOCs) detect, respond, and adapt. But not all AI SOC platforms are created equal. From prompt-dependent copilots to autonomous, multi-agent systems, the…

Read More The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?

Similar Posts