Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian ‘RomCom’ hacking group to drop different malware payloads. […] Go to Source Author: Bill Toulas
Category Archives: Security
Cybersecurity firm Profero cracked the encryption of the DarkBit ransomware gang’s encryptors, allowing them to recover a victim’s files for free without paying a ransom. […] Go to Source Author: Bill Toulas
The U.S. Department of Justice charged four Ghanaian nationals for their roles in a massive fraud ring linked to the theft of over $100 million in romance scams and business email compromise attacks. […] Go to Source Author: Sergiu Gatlan
Over 29,000 Exchange servers exposed online remain unpatched against a high-severity vulnerability that can let attackers move laterally in Microsoft cloud environments, potentially leading to complete domain compromise. […] Go to Source Author: Sergiu Gatlan
Connex, one of Connecticut’s largest credit unions, warned tens of thousands of members that unknown attackers had stolen their personal and financial information after breaching its systems in early June. […] Go to Source Author: Sergiu Gatlan
Google fixed a bug that allowed maliciously crafted Google Calendar invites to remotely take over Gemini agents running on the target’s device and leak sensitive user data. […] Go to Source Author: Bill Toulas
Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers. […] Go to Source Author: Lawrence Abrams
Sixty malicious Ruby gems containing credential-stealing code have been downloaded over 275,000 times since March 2023, targeting developer accounts. […] Go to Source Author: Bill Toulas
A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. […] Go to Source Author: Lawrence Abrams
A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. […] Go to Source Author: Lawrence Abrams