Scammers Abuse PayPal Subscriptions to Send Fake Purchase Notification Emails
https://www.bleepingcomputer.com/news/security/beware-paypal-subscriptions-abused-to-send-fake-purchase-emails Cybersecurity researchers have uncovered a new email scam that abuses PayPal’s “Subscriptions” billing feature to send legitimate-looking...Google Links Additional Chinese Hacking Groups to Widespread Exploitation of Critical React2Shell Vulnerability
https://cloud.google.com/blog/topics/threat-intelligence/threat-actors-exploit-react2shell-cve-2025-55182 Google’s threat intelligence team has identified five more Chinese cyber-espionage groups joining the ongoing attacks exploiting the critical...Notepad++ Releases Security Update to Address Traffic Hijacking Vulnerability
https://notepad-plus-plus.org/news/v889-released The popular text editor Notepad++ has released version 8.8.9 to address a critical security vulnerability affecting its updater, WinGUp. According to security experts, incidents of traffic hijacking have been reported,...Thousands of Exposed Secrets on Docker Hub Put Organisations at Serious Risk
https://flare.io/learn/resources/docker-hub-secrets-exposed In just one month of scanning, security researchers found more than 10,000 Docker Hub images have been found to contain leaked secrets, including live credentials to production systems. This breach has...Cybercriminals Exploit Google Ads and AI Platforms to Spread macOS Infostealer Malware
Infostealer has entered the chat Researchers have uncovered a new campaign that abuses Google search ads and popular AI platforms like ChatGPT and Grok to lure macOS users into installing the AMOS infostealer malware. The attack, dubbed “ClickFix,” begins...