https://krebsonsecurity.com/2025/06/inside-a-dark-adtech-empire-fed-by-fake-captchas/ Security researchers have uncovered a sophisticated criminal advertising ecosystem that leverages fake CAPTCHA challenges to trick users into enabling malicious push notifications,...
https://www.apra.gov.au/for-action-information-security-obligations-and-critical-authentication-controls Australia’s financial regulator has issued an urgent directive to all superannuation funds, demanding they assess and strengthen their authentication...
https://www.aikido.dev/blog/supply-chain-attack-on-react-native-aria-ecosystem Cybersecurity researchers have uncovered a sophisticated supply chain attack targeting over a dozen packages associated with GlueStack, delivering malware to developers worldwide. The...
https://fearsoff.org/research/roundcube More than 84,000 Roundcube webmail installations worldwide remain vulnerable to CVE-2025-49113, a critical remote code execution flaw that affects versions spanning over a decade and has already been exploited by cybercriminals...
The strange tale of ischhfd83: When cybercriminals eat their own Sophos researchers have traced more than a hundred backdoored malware repositories on GitHub to a single Russian threat actor using the identifier “ischhfd83,” who has been systematically...
https://cdn.openai.com/threat-intelligence-reports/5f73af09-a3a3-4a55-992e-069237681620/disrupting-malicious-uses-of-ai-june-2025.pdf OpenAI has terminated accounts linked to 10 malicious campaigns that exploited ChatGPT for various nefarious activities, including...
