Popular Iranian App BadeSaba was Hacked to Send “Help Is on the Way” Alerts
Hackers took over Iran’s BadeSaba Calendar prayer app, sending “Help Is on the Way” alerts and messages urging soldiers to lay down weapons.
ShinyHunters Leak 2M Records From Dutch Telecom Odido, Claim 21M Stolen
ShinyHunters hackers leak 2 million records from Dutch telecom Odido after ransom refusal, claiming up to 21 million customer records were stolen in the breach.
ClawJacked Vulnerability in OpenClaw Could Let Websites Hijack AI Agents
Is your AI assistant safe? Oasis Security researchers have found a critical ClawJacked vulnerability in OpenClaw that allows hackers to hijack AI agents through a simple browser tab.
Hackers Use 1Campaign to Hide Malicious Ads From Google Reviewers
Varonis Threat Labs reveals 1Campaign, a platform used to trick Google Ads and hide phishing pages. Learn how this cloaking tool targets real users while evading security.
New Aeternum C2 Botnet Evades Takedowns via Polygon Blockchain
Qrator Research Lab has identified Aeternum C2, a botnet that uses the Polygon blockchain for commands, making it nearly impossible to shut down.
Fake Avast Website Targets Users With €499 Phishing Refund Scam
Fraudsters clone Avast’s website to target French users with a €499 phishing scam, using urgency tactics, live chat, and card validation to steal payment data.
Entra ID OAuth Consent Can Grant ChatGPT Access to Emails
OAuth consent in Entra ID can grant apps like ChatGPT email access after approval, exposing hidden risks that may bypass MFA and enable persistent access.
Report Finds Just 1% of Security Flaws Drive Most Cyberattacks in 2025
New VulnCheck research reveals that while thousands of CVEs are discovered yearly, only 1% drive real-world impact.
US Sanctions Russian Exploit Broker Over Stolen US Cyber Tools
The US Treasury targets Sergey Zelenyuk and his firm Operation Zero for the illegal trade of stolen government cyber tools following the sentencing of Peter Williams.
$300 a Month Android Malware ‘Oblivion’ Uses Fake Updates to Hijack Phones
Cybersecurity researchers at Certo reveal Oblivion, a new Android Trojan targeting major brands like Samsung and Xiaomi. It bypasses security to steal passwords and bank codes.