Discovery of Google Chrome sandbox escape vulnerability nets researcher $250,000 reward.
Posted inCybersecurity News

Discovery of Google Chrome sandbox escape vulnerability nets researcher $250,000 reward.

A security researcher going by the handle "Micky" recently earned a record-breaking $250,000 reward from Google for discovering a critical Chrome sandbox escape vulnerability. This represents one of the highest bug bounty payouts in Google's Chrome Vulnerability Reward Program (VRP) history, matching the program's maximum possible award.
Charon Ransomware: APT-Level Sophistication Meets Enterprise Targeting
Posted inCybersecurity News

Charon Ransomware: APT-Level Sophistication Meets Enterprise Targeting

Charon is a newly discovered ransomware family that represents a concerning evolution in cyber threats, combining advanced persistent threat (APT) techniques with destructive ransomware operations. This sophisticated ransomware has been observed in targeted attacks against enterprises, particularly in the Middle East's public sector and aviation industry.
Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543
Posted inCybersecurity News

Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543

The Netherlands' National Cyber Security Centre (NCSC) has issued urgent warnings about sophisticated cyberattacks exploiting a critical zero-day vulnerability in Citrix NetScaler systems, identified as CVE-2025-6543. This vulnerability has been actively exploited to breach multiple critical organizations across the Netherlands since at least early May 2025.
Critical zero-day vulnerability in WinRAR is currently being exploited by cybercriminals in targeted attacks.
Posted inCybersecurity News

Critical zero-day vulnerability in WinRAR is currently being exploited by cybercriminals in targeted attacks.

A critical zero-day vulnerability in WinRAR is currently being exploited by cybercriminals in targeted attacks, prompting urgent security warnings and the immediate release of a patched version. The flaw, designated CVE-2025-8088 with a CVSS score of 8.8, represents a significant security threat that requires immediate action from all WinRAR users.
Researchers discover attack method that exploits Gemini AI through Google Calendar invites.
Posted inCybersecurity News

Researchers discover attack method that exploits Gemini AI through Google Calendar invites.

A team of cybersecurity researchers has uncovered a sophisticated attack method that exploits Google's Gemini AI assistant through seemingly innocent calendar invitations, demonstrating how artificial intelligence systems can be weaponized against their own users. The vulnerability, dubbed "Targeted Promptware Attacks," allows malicious actors to hijack Gemini's functionality and perform unauthorized actions ranging from data theft to physical world manipulation.
North Korean ScarCruft Group Shifts Strategy: Adding Ransomware to Espionage Operations.
Posted inCybersecurity News

North Korean ScarCruft Group Shifts Strategy: Adding Ransomware to Espionage Operations.

The North Korean state-backed hacking group ScarCruft has significantly evolved its tactics, moving beyond traditional cyber-espionage to incorporate ransomware attacks—marking a notable strategic shift for the group. This development represents a concerning expansion of capabilities that blends intelligence gathering with financially motivated cybercrime.
Scammers Launch Mass-Mailing Campaigns with Efimer Trojan to Steal Cryptocurrency
Posted inCybersecurity News

Scammers Launch Mass-Mailing Campaigns with Efimer Trojan to Steal Cryptocurrency

In recent months, cybersecurity experts have observed a surge in mass-mailing campaigns designed to spread the Efimer Trojan—a sophisticated and increasingly dangerous type of malware engineered to steal cryptocurrency. This new wave of attacks highlights both the technical skill and global scope of scammers targeting digital assets, underscoring the urgent need for enhanced vigilance among individuals and organizations.