News from the world of
cybersecurity

Discover the most important information from the world of cybersecurity. Clear reports and analyses will help you navigate the rapidly changing digital environment.

Reports (in Slovak language)

  • 05.11.2025 - 12.11.2025

    GlassWorm returns and deals with VS Code extensions. Microsoft fixes 63 security flaws, including active zero-day in Windows kernel. Multiple vulnerabilities in ChatGPT allow massive data leaks. GootLoader uses new trick with special fonts to infect WordPress sites. WhatsApp screen-sharing scam.

  • 11.08.2025 - 24.08.2025

    Phishing with AI prompt injection. Docker Desktop SSRF Vulnerability (CVE-2025-9074). Anatsa (TeaBot) banking trojan launched global campaigns. Azure vulnerability allowed access to third-party accounts and services. Firefox 142 fixes critical vulnerabilities allowing remote code execution.

  • 28.07.2025 - 10.08.2025

    AgentFlayer: Zero-click data exfiltration from ChatGPT Connectors. CVE-2025-38236: Privilege Escalation via MSG_OOB in Linux kernel. CVE-2025-53786: Privilege Escalation in Microsoft Exchange Hybrid. DarkCloud Stealer – Fileless Variant with specialized data collection. Mustang Panda attacks Windows users using ToneShell malware that mimics Google Chrome.

  • 14.07.2025 - 27.07.2025

    Detection of privilege escalation via ADCS (ESC1) using Microsoft Sentinel. Soco404: Cryptominer hidden in 404 error pages. ToolShell: an unlimited feast for attackers. The first known LLM-enabled malware from APT28 hackers integrates AI capabilities into the attack methodology. CISA warns of a 0-Day login authentication vulnerability in Google Chromium browser exploited in attacks.

  • 30.06.2025 - 13.07.2025

    Critical RCE vulnerability in mcp-remote threatens LLM tools. Microsoft removes elevated privileges in Microsoft 365 as part of security reform. MacOS infostealers: New wave of attacks on Apple devices. Critical flaw in Linux kernel allows local privilege escalation. Windows BitLocker bypass vulnerability allows attackers to bypass security feature.

  • 16.06.2025 - 29.06.2025

    Global malware campaign exploits NFC payments for financial fraud. Advanced APT campaign exploits ClickOnce to target energy sector. New malware uses prompt injection to manipulate AI models during sample processing. Hackers use TeamFiltration penetration framework to gain access to Microsoft Teams, OneDrive, Outlook, and more accounts. Advanced .NET exploit for hidden malware.

  • 01.06.2025 - 14.06.2025

    Web3 developers face waves of attacks via open source packages. CVE-2025-33053: Critical RCE vulnerability in WebDAV exploited by APT groups. BrowserVenom malware exploits popularity of DeepSeek-R1 to infect Windows users. Outlook adds double-click for encrypted emails to prevent unwanted viewing of sensitive data. Critical flaw in OpenPGP.js allows forgery of digital signatures.

  • 18.05.2025 - 31.05.2025

    Critical flaw in OneDrive File Picker allows apps to access entire storage. Chrome 137 brings AI fraud protection and fixes critical vulnerabilities. GhostSpy: New advanced Android malware allows complete device takeover. SharpSuccessor exploits BadSuccessor flaw in Windows Server 2025 to escalate privileges to domain admin level. .Net Chihuahua Infostealer exploits Google Drive to steal browser and crypto wallet credentials.

  • 05.05.2025 - 18.05.2025

    Sophisticated NPM Attack uses Google Calendar C2 for sophisticated communication. EU court rules that tracking ads violate GDPR. New vulnerability affects all Intel processors from the last 6 years. Hackers disguised remote access malware as a Microsoft Edge service. Bitpixie: Critical BitLocker vulnerability allows encryption to be bypassed in less than 5 minutes.

  • 21.04.2025 - 02.05.2025

    NodeJS backdoor infects users via CAPTCHA verifications. Phishing-as-a-service tools bypass multifactor authentication using adversary-in-the-middle attacks. Attack exploits Google OAuth vulnerability and bypasses Gmail security checks. GPT-4 created a working exploit for a critical SSH vulnerability in Erlang/OTP before PoC was published. Malware campaign targets Docker and evades detection with multi-layered obfuscation.

  • 31.03.2025 - 13.04.2025

    Beware of fake mParivahan app that attacks mobile users via WhatsApp to steal sensitive data. Google introduces A2A protocol that allows AI agents to collaborate and automate work processes. Vulnerability in Windows Kerberos allowed attackers to bypass security feature and gain access to credentials. Vulnerability in Windows Active Directory Domain Services allowed attackers to elevate privileges. Microsoft strengthens Outlook email ecosystem to protect inbox.

  • 17.03.2025 - 21.03.2025

    SANS Institute warns of new cloud-based attacks exploiting APIs. Vulnerability in ChatGPT threatens organizations, attackers actively exploit it. GitHub Actions attack likely triggered supply chain attack. Operation FishMedley: New cyberespionage campaign targeting diplomacy and research. Medusa ransomware uses malicious AbyssWorker driver to bypass security.

  • 04.03.2025 - 14.03.2025

    Microsoft patches 57 security vulnerabilities, including two zero-days. New legislative pressures threaten encryption. Undocumented commands in ESP32 Bluetooth chip could compromise a billion devices. Ballista botnet exploits vulnerability in 2023 TP-Link routers. Google releases March security update for Android, fixes two actively exploited vulnerabilities.

  • 24.02.2025 - 28.02.2025

    Google Cloud KMS adds quantum-safe digital signatures. Lazarus Group steals $1.5 billion in cryptocurrencies. Google enables ad targeting for sensitive users. Firefox continues to support Manifest V2, while Chrome bans ad-blockers. Have I Been Pwned adds 284 million accounts compromised by malware.

  • 18.02.2025 - 22.02.2025

    Apple removes end-to-end iCloud encryption in the UK. Fake Mac updates. Microsoft tests fix for Windows 11 flaw that breaks SSH connections. OpenAI deletes accounts abusing ChatGPT for tracking and influence. Google Chrome disables uBlock Origin for some users as part of Manifest V3 transition.

  • 10.02.2025 - 16.02.2025

    Google fixes bug exposing YouTube users' email addresses. Apple fixes zero-day vulnerability exploited in 'extremely sophisticated' attacks. Hackers exploit CAPTCHA trick on Webflow CDN PDF files to bypass security scanners. Google Chrome introduces AI-powered security feature. Russian hackers exploit 'device code phishing' to take over accounts.

  • 27.01.2025 - 07.02.2025

    DeepSeek faces coordinated DDoS attacks. Microsoft patches critical vulnerabilities in Azure AI Face Service and Microsoft Account. Ransomware payments to drop 35% in 2024. DeepSeek popularity exploited to spread malicious packages via PyPI. Exploited vulnerabilities to increase in 2024.

  • 20.01.2025 - 26.01.2025

    Trump ends DHS advisory board membership, undermining cybersecurity oversight. Hundreds of fake Reddit pages contain Lumma Stealer malware. Insecure tunneling protocols expose 4.2 million hosts, including VPNs and routers. Record-breaking DDoS attack reaches 5.6 Tbps. Supply chain attack targets Chrome extensions.

  • 14.01.2025 - 17.01.2025

    Google OAuth vulnerability puts millions of users at risk via abandoned domains. Data leak from Fortinet devices. Attackers exploit Google ads to steal Google Ads accounts. Critical flaws in Planet WGS-804HPT switches allow remote attacks. Vulnerability in macOS allows installation of rootkits.

  • 07.01.2025 - 09.01.2025

    Neglected domains exploited in malspam campaigns to bypass security measures. Top 5 malware threats to prepare for in 2025. Banshee 2.0: Malware exploiting Apple encryption on macOS. CISA warns of critical vulnerabilities in Oracle WebLogic Server and Mitel MiCollab. Gravy Analytics Hack exposes hidden location data collection through popular apps.

  • 01.11.2024 - 06.11.2024

    New phishing campaign targets Windows systems using malicious Linux VMs. Zero-Click Flaw exposes millions of popular storage devices to potential attack. A man arrested in Canada is believed to be behind the Snowflake customer breach. Malware campaign uses Ethereum smart contracts to control Typosquat npm packages. Google Cloud will enforce multi-factor authentication for all users by 2025.

  • 15.10.2024 - 30.10.2024

    Microsoft: Schools grapple with thousands of cyberattacks every week (US). Google warns that uBlock Origin and other extensions may soon be disabled. FBI creates fake cryptocurrency to expose widespread cryptocurrency manipulation. American Water shuts down systems after cyberattack. Researchers uncover Hijack Loader malware using stolen code-signing certificates.