Critical zero-day vulnerability in WinRAR is currently being exploited by cybercriminals in targeted attacks.
Posted inCybersecurity News

Critical zero-day vulnerability in WinRAR is currently being exploited by cybercriminals in targeted attacks.

A critical zero-day vulnerability in WinRAR is currently being exploited by cybercriminals in targeted attacks, prompting urgent security warnings and the immediate release of a patched version. The flaw, designated CVE-2025-8088 with a CVSS score of 8.8, represents a significant security threat that requires immediate action from all WinRAR users.
Researchers discover attack method that exploits Gemini AI through Google Calendar invites.
Posted inCybersecurity News

Researchers discover attack method that exploits Gemini AI through Google Calendar invites.

A team of cybersecurity researchers has uncovered a sophisticated attack method that exploits Google's Gemini AI assistant through seemingly innocent calendar invitations, demonstrating how artificial intelligence systems can be weaponized against their own users. The vulnerability, dubbed "Targeted Promptware Attacks," allows malicious actors to hijack Gemini's functionality and perform unauthorized actions ranging from data theft to physical world manipulation.
North Korean ScarCruft Group Shifts Strategy: Adding Ransomware to Espionage Operations.
Posted inCybersecurity News

North Korean ScarCruft Group Shifts Strategy: Adding Ransomware to Espionage Operations.

The North Korean state-backed hacking group ScarCruft has significantly evolved its tactics, moving beyond traditional cyber-espionage to incorporate ransomware attacks—marking a notable strategic shift for the group. This development represents a concerning expansion of capabilities that blends intelligence gathering with financially motivated cybercrime.