Security researchers have uncovered a sophisticated evolution of the Lampion banking trojan campaign, marking a significant escalation in cyber threats targeting Portuguese-speaking financial institutions. This long-running operation, active since at least 2019, has undergone substantial tactical refinements, incorporating the rapidly emerging ClickFix social engineering technique that has proven devastatingly effective across the global threat landscape.
Read More
In a surprising series of events, Google recently advised users of competing email services to consider switching to Gmail due to reliability and service stability concerns. The messaging emphasized that users could avoid potential service interruptions by moving their communication and data to Gmail’s ecosystem.
Read More
Recent threat-intelligence data show that in just 48 hours, over 8.7 million attack attempts targeted websites built on WordPress. The scale and speed of these attacks underline the critical importance of raising your WordPress security level — especially if your organization uses WP for corporate sites, landing pages or content hubs.
Read More
Security teams have been alerted that a critical flaw in Microsoft’s WSUS product (used for patch management in many enterprises) is being actively exploited in the wild. This isn’t just a vulnerability to patch — it highlights broader risk in patch-management infrastructure and the need for heightened vigilance.
Read More
The cybersecurity landscape has entered an inflection point. Where traditional ransomware once involved attacker-coded payloads and direct encryption demands, modern campaigns are now increasingly driven by artificial intelligence: self-learning, adaptive, tailored, and increasingly difficult to detect or defend against. According to recent research, as much as 80 % of ransomware attacks now utilise artificial intelligence.
Read More
A sophisticated new malware campaign is targeting WordPress sites with an ingenious obfuscation technique that’s proving difficult to detect—and it’s already hit over 30,000 sites in a single month.
Read More
A sophisticated malware distribution campaign has transformed YouTube into an unexpected threat vector, leveraging over 3,000 compromised videos to deliver information-stealing malware to unsuspecting users. This operation, designated as the “YouTube Ghost Network” by Check Point Research, represents a paradigm shift in how threat actors exploit trusted platforms to achieve large-scale compromise.
Read More
The rise of AI-powered browsers has introduced a new frontier in web security—one where traditional defenses fall short and attackers have found innovative ways to exploit artificial intelligence itself. Recent research has uncovered critical vulnerabilities in agentic AI browsers, particularly Perplexity’s Comet browser, revealing how malicious actors can manipulate these tools through sophisticated prompt injection techniques.
Read More
A coordinated cyberattack has successfully compromised more than 250 Adobe Commerce and Magento Open Source e-commerce stores within a 24-hour period, exploiting a recently disclosed critical vulnerability. E-commerce security firm Sansec has issued an urgent warning as threat actors actively leverage CVE-2025-54236, also known as “SessionReaper,” to hijack customer accounts and deploy malicious backdoors across vulnerable platforms.
Read More