Latest Tech News
Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally
Cybersecurity researchers are calling attention to a new wave of campaigns distributing a Python-based information stealer called PXA Stealer.
The malicious activity has been assessed to be the work of Vietnamese-speaking cybercriminals who monetize the stolen data through a subscription-based underground ecosystem that automates the resale and reuse via Telegram APIs, according to a joint
⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More
Malware isn’t just trying to hide anymore—it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just about being malicious—it’s about being believable.
Ransomware gangs join attacks targeting Microsoft SharePoint servers
Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide. [...]
Man-in-the-Middle Attack Prevention Guide
Some of the most devastating cyberattacks don’t rely on brute force, but instead succeed through stealth. These quiet intrusions often go unnoticed until long after the attacker has disappeared. Among the most insidious are man-in-the-middle (MITM) attacks, where criminals exploit weaknesses in communication protocols to silently position themselves between two unsuspecting parties
New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft
Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year.
"The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access," Nextron Systems researcher Pierre-Henri Pezier said.
Pluggable Authentication Modules
The US Military Is Raking in Millions From On-Base Slot Machines
The Defense Department operates slot machines on US military bases overseas, raising millions of dollars to fund recreation for troops—and creating risks for soldiers prone to gambling addiction.
A Hiker Was Missing for Nearly a Year—Until an AI System Recognized His Helmet
Using AI to analyze thousands of frames taken by drone, The Piedmontese Alpine Rescue team has found the body of a doctor who had been missing since September 2024.
The Wild West of Shadow IT
Everyone’s an IT decision-maker now. The employees in your organization can install a plugin with just one click, and they don’t need to clear it with your team first. It’s great for productivity, but it’s a serious problem for your security posture.
When the floodgates of SaaS and AI opened, IT didn’t just get democratized, its security got outpaced. Employees are onboarding apps faster than
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads
Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected more than 11,000 devices, primarily across Portugal, Spain, France, Morocco, Peru, and Hong Kong.
"The botnet's rapid growth, which now exceeds 2,000 new infections per week, is driven by aggressive campaigns focusing on Spanish and French speakers, indicating a strategic
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign
Telecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks.
Palo Alto Networks Unit 42 said it observed multiple incidents in the region, including one aimed at critical telecommunications infrastructure between February and November 2024.
The attacks are characterized by the
Google Will Use AI to Guess People’s Ages Based on Search History
Plus: A former top US cyber official loses her new job due to political backlash, Congress is rushing through a bill to censor lawmakers’ personal information online, and more.
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025.
"In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs," Arctic Wolf Labs researcher Julian Tuin said in a report.
The cybersecurity company
Anthropic Revokes OpenAI's Access to Claude
OpenAI lost access to the Claude API this week after Anthropic claimed the company was violating its terms of service.
WIRED Roundup: ChatGPT Goes Full Demon Mode
On today’s episode of Uncanny Valley, our senior business editor joins us to talk Meta, brain aging, and ChatGPT’s recent dark turn.
Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection
Cybersecurity researchers have disclosed a now-patched, high-severity security flaw in Cursor, a popular artificial intelligence (AI) code editor, that could result in remote code execution (RCE).
The vulnerability, tracked as CVE-2025-54135 (CVSS score: 8.6), has been addressed in version 1.3 released on July 29, 2025. It has been codenamed CurXecute by Aim Labs, which previously disclosed