Reza Rafati
-
Maverick Banking Malware Spreads Via WhatsApp, Targets Brazilian Banks
Maverick, a new banking malware similar to Coyote, is spreading via WhatsApp, targeting Brazilian banks. It uses malicious ZIP files disguised as invoices, leading to fileless infection and WhatsApp account hijacking. The malware steals banking credentials by monitoring URLs and injecting fake forms. This persistent threat highlights the need for regular updates and caution with…
-
UK Joins C-SIPA, Bolstering Regional Security
The UK has formally joined the Comprehensive Security Integration and Prosperity Agreement (C-SIPA), a multilateral framework aimed at bolstering security and stability in the region through closer defense and security ties.
-
What the “Tool limit exceeded (132/128)” error in Visual Studio Chat (Co-pilot) means — and how to fix it
Visual Studio Chat blocked your request after it counted 132 enabled tools—four over the 128 limit. Learn how to fix this.
-
China Showcases GJ-11 Stealth Drone with J-20S Fighter
China released new footage showing its GJ-11 stealth uncrewed combat air vehicle (UCAV), known as Xuanlong, operating with the J-20S stealth fighter, signaling its entry into regular training and active use within the Chinese Air Force.
-
Authenticated SQL Injection Exposes TorrentPier User Data
An authenticated SQL injection vulnerability, tracked as CVE-2025-64519, has been discovered in TorrentPier, the popular open-source BitTorrent tracker engine. The flaw allows malicious actors with moderator privileges to execute arbitrary SQL queries, posing a significant risk to the integrity and confidentiality of database information.
-
Mandiant Warns of Active Exploitation of Critical Triofox Flaw Allowing Remote Access
Mandiant warns of active exploitation of a critical Triofox flaw (CVE-2025-12480) allowing remote code execution, with threat actors UNC6485 bypassing authentication to compromise systems.
-
GlassWorm Malware Resurfaces, Infecting VS Code Extensions with Stealthy Unicode Attack
The GlassWorm malware campaign has re-emerged, targeting the Visual Studio Code (VS Code) ecosystem with a new set of malicious extensions, signaling a persistent threat to developers. This sophisticated, self-propagating worm aims to compromise credentials and cryptocurrency assets using invisible Unicode characters to embed malicious code.
-
ClickFix Phishing Campaign Targets Hotel Systems with PureRAT Malware
A sophisticated ClickFix phishing campaign is targeting the global hospitality sector, deploying PureRAT malware to steal sensitive credentials and defraud hotels and customers on booking platforms like Booking.com and Expedia.
-
The Enterprise Browser: A New Cyber Frontier, Report Warns
A new report highlights a critical shift in the landscape of enterprise cybersecurity, positing that the user’s browser has become a convergence point for significant identity, SaaS, and AI-related risks, often evading the purview of traditional security measures.
-
Linux Kernel Receives Patch to Fortify Cryptographic Random Number Generation
The Linux kernel, a foundational component of countless computing systems worldwide, has recently received an essential security update addressing a vulnerability within its cryptographic random number generator (RNG). This patch, identified as CVE-2025-40109, aims to ensure the integrity of randomness crucial for secure operations, from encryption to digital signatures.