Blog

QR codes, which make our lives easier, are turning into new weapons in the hands of cybercriminals. In recent months, fake stickers pasted over physical QR codes have been detected worldwide, especially in public areas such as cafes, restaurants, and parking lots. With this method, called "Quishing" (QR Phishing), scammers redirect users to fake websites designed to steal personal and financial information instead of a legitimate menu or payment page. The attack aims to infe

To make their activities more convincing recently, attackers have started exploiting already trusted-looking compromised websites instead of using fake domain names. This method makes it harder for users to become suspicious and makes it more difficult for automated security systems to detect malicious traffic. Teams, Xfinity, and UAE Pass users by utilizing compromised WordPress sites.The most dangerous aspect of the attack is that email filters and users fail to notice the

Cybersecurity researchers have uncovered a new malware that uses WhatsApp as a distribution method to spread a Windows banking trojan named Astaroth (also known as Guildma). Astaroth is a banking trojan that has been active since 2024 and was specifically developed to steal the personal and financial information of users, particularly in Latin America. In 2025, two cybercrime groups named PINEAPPLE and Water Makara spread this malware via phishing emails.Recently, cyber attac

NVIDIA announced that it has patched multiple critical and high-severity vulnerabilities affecting enterprise and artificial intelligence software components as part of its March 2026 security updates. According to the published security bulletins, some vulnerabilities carry risks that could allow attackers to execute remote code (RCE), cause denial of service (DoS), or escalate privileges. The most notable vulnerability was CVE-2025-33244, detected in the NVIDIA Apex compone

The cybersecurity community is on high alert as threat actors are actively exploiting CVE-2025-32975 , a critical authentication bypass vulnerability in Quest KACE Systems Management Appliance (SMA) . Key Information: Full System Takeover:  This flaw allows unauthenticated attackers to bypass security layers and gain complete administrative control of the appliance without needing valid credentials. Attack Vector:  By exploiting a logic error in the SSO (Single Sign-On) mecha