Hackers exploiting zero-day in Gladinet file sharing software

Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which ...
Decrypt

Astaroth Banking Trojan Harnessing GitHub to Steal Crypto Credentials

The keylogging malware is capable of using GitHub to redirect itself to new servers whenever existing servers go offline.

New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube

A new Android spyware called ClayRat is luring potential victims by posing as popular apps and services like WhatsApp, Google ...
The Hacker News

175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to ...
The Hacker News

New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and ...
Mashable

No mercy: Facebook page held hostage in payment dispute

A disgruntled Pakistani marketing agency has seized control of its client's Facebook page in order to demand payment supposedly owed by the brand. Yet the brand itself claims to have cleared all of ...