Latest Threat Intel

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft’s Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and plant backdoors. Two of the extensions, removed from VSCode after counting 17,000 downloads, are still present on OpenVSX. Furthermore, TigerJack republishes the same malicious code under new names on the

Microsoft is restricting access to Internet Explorer mode in Edge browser after learning that hackers are leveraging zero-day exploits in the Chakra JavaScript engine for access to target devices. The tech giant did not share too many technical details but said that the threat actor combined social engineering with an exploit in Chakra to gain remote

An ongoing smishing campaign is targeting New Yorkers with text messages posing as the Department of Taxation and Finance, claiming to offer “Inflation Refunds” in an attempt to steal victims’ personal and financial data. The Inflation Refund is an initiative from New York State that automatically sends refund checks to eligible residents to help offset

Spanish Guardia Civil have dismantled the “GXC Team” cybercrime operation and arrested its alleged leader, a 25-year-old Brazilian known as “GoogleXcoder.” The GXC Team operated a crime-as-a-service (CaaS) platform offering AI-powered phishing kits, Android malware, and voice-scam tools via Telegram and a Russian-speaking hacker forum. “The Civil Guard has dismantled one of the most active criminal

Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which allows a local attacker to access system files without authentication. At least three companies have been targeted so far. Although a patch is not yet available, customers can apply mitigations. CentreStack and Triofox are Gladinet’s business solutions for file sharing and

Home Viewing author profile for Bill Toulas Author Bio Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks. New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube A new Android spyware called ClayRat is luring

A new Android spyware called ClayRat is luring potential victims by posing as popular apps and services like WhatsApp, Google Photos, TikTok, and YouTube. The malware is targeting Russian users through Telegram channels and malicious websites that appear legitimate. It can steal SMS meessages call logs, notifications, take pictures, and even make phone calls. Malware researchers

A cybercrime gang tracked as Storm-2657 has been targeting university employees in the United States to hijack salary payments in “pirate payroll” attacks since March 2025. Microsoft Threat Intelligence analysts who spotted this campaign found that the threat actors are targeting Workday accounts; however, other third-party human resources (HR) software-as-a-service (SaaS) platforms could also be