Blog

As a result of a joint operation conducted by cybercrime teams from the US, Germany, and Canada, four major botnet networks—most notably Aisuru and Kimwolf, along with JackSkid and Mossad—controlling over 3 million devices globally have been successfully dismantled. This operation neutralized one of the most significant cyber threats in recent years while aiming to protect critical internet infrastructure worldwide. Destruction of Command and Control (C2) Infrastructure Cyber

Medical technology company Stryker announced that it has returned to a fully operational status in its production network following the cyberattack it experienced in 2026 that disrupted its global operations. In the company's update, it was stated that commercial systems, ordering, and distribution processes have been restored, and production is rapidly progressing toward peak capacity. It is reported that the attackers accessed Stryker's internal Microsoft environment and al

Attackers are targeting TikTok for Business accounts in a new phishing campaign. According to Push Security, the campaign begins with victims clicking on a fake link. This link redirects the user either to a page mimicking TikTok for Business or a fake recruitment page similar to Google Careers. In some scenarios, the victim is also offered the option to schedule an interview for a supposed job opportunity. The goal is to gain the user's trust and capture their login credenti

Cyber fraudsters are no longer bothering with writing long and suspicious emails; they are directly cloning the voices of company executives! Thanks to the latest advancements in AI-based "Deepfake" technology, cybercriminals can now use just a few seconds of a CEO's voice recording from a social media post or a webinar to flawlessly imitate their tone, intonation, and even their speaking style. The way the system works is quite frightening: An employee in the accounting or

QR codes, which make our lives easier, are turning into new weapons in the hands of cybercriminals. In recent months, fake stickers pasted over physical QR codes have been detected worldwide, especially in public areas such as cafes, restaurants, and parking lots. With this method, called "Quishing" (QR Phishing), scammers redirect users to fake websites designed to steal personal and financial information instead of a legitimate menu or payment page. The attack aims to infe

To make their activities more convincing recently, attackers have started exploiting already trusted-looking compromised websites instead of using fake domain names. This method makes it harder for users to become suspicious and makes it more difficult for automated security systems to detect malicious traffic. Teams, Xfinity, and UAE Pass users by utilizing compromised WordPress sites.The most dangerous aspect of the attack is that email filters and users fail to notice the

Cybersecurity researchers have uncovered a new malware that uses WhatsApp as a distribution method to spread a Windows banking trojan named Astaroth (also known as Guildma). Astaroth is a banking trojan that has been active since 2024 and was specifically developed to steal the personal and financial information of users, particularly in Latin America. In 2025, two cybercrime groups named PINEAPPLE and Water Makara spread this malware via phishing emails.Recently, cyber attac

NVIDIA announced that it has patched multiple critical and high-severity vulnerabilities affecting enterprise and artificial intelligence software components as part of its March 2026 security updates. According to the published security bulletins, some vulnerabilities carry risks that could allow attackers to execute remote code (RCE), cause denial of service (DoS), or escalate privileges. The most notable vulnerability was CVE-2025-33244, detected in the NVIDIA Apex compone

The cybersecurity community is on high alert as threat actors are actively exploiting CVE-2025-32975 , a critical authentication bypass vulnerability in Quest KACE Systems Management Appliance (SMA) . Key Information: Full System Takeover:  This flaw allows unauthenticated attackers to bypass security layers and gain complete administrative control of the appliance without needing valid credentials. Attack Vector:  By exploiting a logic error in the SSO (Single Sign-On) mecha

An attacker group known as "TaxOff" in the cybersecurity world has managed to infiltrate systems by exploiting an unpatched vulnerability they discovered in the Google Chrome browser. By planting a hidden backdoor they call "Trinper" into target computers, this group quickly turned the security flaw to their advantage. Following the detection and reporting of the situation by cybersecurity researchers, Google released an urgent update to patch the dangerous vulnerability. The