Skip to content
cyber security news today Page 3

cyber security news today

India Orders Phone Makers to Pre-Install Sanchar Saathi App to Tackle Telecom Fraud

India Orders Phone Makers to Pre-Install Sanchar Saathi App to Tackle Telecom Fraud

Dec 01, 2025Ravie LakshmananSurveillance / National Security India’s telecommunications ministry has reportedly asked major mobile device manufacturers to preload a government-backed cybersecurity app named Sanchar Saathi on all new phones within 90 days. According to… 

Read More »India Orders Phone Makers to Pre-Install Sanchar Saathi App to Tackle Telecom Fraud
ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time. Five of these extensions started off as legitimate programs before malicious… 

Read More »ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware
New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control

New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control

A new Android malware named Albiriox has been advertised under a malware-as-a-service (MaaS) model to offer a “full spectrum” of features to facilitate on-device fraud (ODF), screen manipulation, and real-time interaction with infected devices. The… 

Read More »New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control
Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets

Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets

Dec 01, 2025Ravie LakshmananMalware / Threat Intelligence The threat actor known as Tomiris has been attributed to attacks targeting foreign ministries, intergovernmental organizations, and government entities in Russia with an aim to establish remote access… 

Read More »Tomiris Shifts to Public-Service Implants for Stealthier C2 in Attacks on Government Targets
CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV

CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV

Nov 30, 2025Ravie LakshmananHacktivism / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a security flaw impacting OpenPLC ScadaBR, citing evidence of active exploitation.… 

Read More »CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV
Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a… 

Read More »Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

Nov 28, 2025Ravie LakshmananSupply Chain Attack / Malware The North Korean threat actors behind the Contagious Interview campaign have continued to flood the npm registry with 197 more malicious packages since last month. According to… 

Read More »North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware