Fake site offers malicious 7-Zip installer with malware

Attackers have exploited the .arpa internet domain to host malicious websites and deliver phishing links. They use IPv6 and hidden .arpa addresses to disguise URLs and steal user credentials. The scheme was reported by TechRadar on March 2, 2026.

13 फरवरी 2026 AI द्वारा रिपोर्ट किया गया

Criminals have distributed fake AI extensions in the Google Chrome Web Store to target more than 300,000 users. These tools aim to steal emails, personal data, and other information. The issue highlights ongoing efforts to push surveillance software through legitimate channels.

Experts have warned that phishing attacks are now appearing in LinkedIn comments. Hackers are exploiting the platform's comment sections to distribute malware. Users are advised to stay vigilant against suspicious links in these interactions.

04 फरवरी 2026 AI द्वारा रिपोर्ट किया गया

Russian state-sponsored hackers quickly weaponized a newly patched Microsoft Office flaw to target organizations in nine countries. The group, known as APT28, used spear-phishing emails to install stealthy backdoors in diplomatic, defense, and transport entities. Security researchers at Trellix attributed the attacks with high confidence to this notorious cyber espionage unit.

Threat actors are using comments on Pastebin to promote a scam that tricks cryptocurrency users into running malicious JavaScript on Swapzone.io, hijacking Bitcoin transactions. The attack, a variant of ClickFix techniques, redirects funds to attacker-controlled wallets while mimicking legitimate arbitrage profits. This appears to be the first known instance of such a browser-based ClickFix targeting crypto exchanges.

21 दिसंबर 2025 AI द्वारा रिपोर्ट किया गया

Cisco Talos has detailed how a Chinese-linked group is exploiting an unpatched zero-day in email security appliances since late November 2025, deploying backdoors and log-wiping tools for persistent access.