A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper. The attack, observed in mid-March 2025 by Positive Technologies, involved the use of a sandbox escape vulnerability tracked as CVE-2025-2783 (CVSS score: 8.3). Google addressedRead More »Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor

Cybersecurity researchers have disclosed a now-patched security flaw in LangChain’s LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts. The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security. LangSmith isRead More »LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents

The Washington Post was the subject of a cyberattack. 

Cybersecurity researchers are warning of a new phishing campaign that’s targeting users in Taiwan with malware families such as HoldingHands RAT and Gh0stCringe. The activity is part of a broader campaign that delivered the Winos 4.0 malware framework earlier this January by sending phishing messages impersonating Taiwan’s National Taxation Bureau,Read More »Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT Malware

The notorious cybercrime group known as Scattered Spider (aka UNC3944) that recently targeted various U.K. and U.S. retailers has begun to target major insurance companies, according to Google Threat Intelligence Group (GTIG). “Google Threat Intelligence Group is now aware of multiple intrusions in the U.S. which bear all the hallmarksRead More »Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms

Research has identified an unencrypted, non-password-protected database containing 170,360 records.