WhatsApp for Windows users are being urged to update immediately following the discovery of a critical vulnerability that could allow attackers to execute malicious code simply by sending a crafted file.
The flaw, tracked as CVE-2025-30401, affects all versions of WhatsApp for Windows prior to 2.2450.6, and has now been patched by Meta.
A new zero-day vulnerability in Microsoft Windows has come under active exploitation by a sophisticated ransomware group, prompting an urgent security response from Microsoft. The flaw, identified as CVE-2025-29824, affects the Common Log File System (CLFS) and has already been used in targeted attacks across multiple industries and countries.
A new wave of phishing scams is hitting mobile users across the U.S., as fraudsters impersonating toll authorities like E-ZPass, The Toll Roads, and FasTrak flood phones with fake payment texts. These scam messages are designed to trick you into handing over sensitive personal and financial details — and they're getting more sophisticated.
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp
A suspected Russian hacking group known as Water Gamayun, also referred to as EncryptHub and LARVA-208, has been identified as the threat actor behind the zero-day exploitation of CVE-2025-26633 in Microsoft Windows. This vulnerability, also dubbed "MSC EvilTwin," enables attackers to deploy two new backdoors: SilentPrism and DarkWisp.
A set of five critical security vulnerabilities have been disclosed in the Ingress NGINX Controller for Kubernetes, potentially allowing unauthenticated remote code execution (RCE). This flaw puts over 6,500 clusters at immediate risk, particularly those with the component exposed to the public internet.
Citizen Lab Uncovers WhatsApp Zero-Day Exploited by Paragon’s Graphite Spyware
A recent investigation by The Citizen Lab at the University of Toronto has exposed the exploitation of a zero-day vulnerability in Meta’s WhatsApp by Graphite, a spyware developed by Israeli company Paragon Solutions. This discovery raises serious concerns about the use of commercial surveillance tools against individuals worldwide.
Over 300 Malicious Android Apps Installed 60 Million Times in 'Vapor' Campaign
A large-scale malware operation, dubbed "Vapor," has infiltrated Google Play, with over 300 malicious apps being downloaded 60 million times. These apps acted as adware, committed large-scale ad fraud, and attempted to steal user credentials and credit card information.
Critical WhatsApp for Windows Vulnerability Allows Remote Code Execution — Update Now WhatsApp for Windows users are being urged to upda...
