New Phishing Scam Imitates Facebook Login Page to Harvest User Credentials
A fast-growing phishing campaign is leveraging a Browser-in-the-Browser (BitB) overlay to mimic Facebook's login page and steal user credentials. The scam uses a misleading CAPTCHA challenge that transforms into a [...]
Stealthy Backdoor Discovered in WordPress Plugins Grants Hackers Long-Term Website Access
A highly sophisticated WordPress malware campaign has been uncovered, exploiting the seldom-monitored mu-plugins (must-use plugins) directory to gain persistent access to compromised sites while avoiding detection by conventional security tools. [...]
Google Launches OSS Rebuild to Detect Malicious Code in Popular Open-Source Software
Google has unveiled a new initiative called OSS Rebuild, aimed at strengthening the security of open-source package ecosystems and defending against software supply chain attacks. “As supply chain attacks increasingly [...]
New DCHSpy Malware Targets Android: Steals WhatsApp Data, Call Logs, and More
"A New DCHSpy Variant Unveiled: Iranian Cyber Group MuddyWater Targets Mobile Data Amid Rising Israel-Iran Tensions" This advanced version of the DCHSpy Android surveillance tool, deployed just a week after [...]
CoinDCX Hack: $44.2 Million Drained from the Platform
On July 19, 2025, CoinDCX, India's second-largest cryptocurrency exchange, confirmed a sophisticated security breach that led to the theft of approximately $44.2 million from its platform. This major cyberattack adds [...]
Get Social