Latest News

npm Supply Chain Hack Exposes Developer Secrets

A sophisticated supply chain attack has compromised over 40 npm packages, all maintained by different developers. This campaign, codenamed the ‘Shai-Hulud’ attack after the sandworms ...

StratosAlly

Latest News

New Phishing Tool VoidProxy Targets Microsoft and Google Accounts, Stealing Credentials and MFA Codes

Okta Threat Intelligence has identified a high-risk phishing platform named VoidProxy. The service targets Microsoft 365 and Google users to capture sensitive data, including login ...

StratosAlly

Latest News

Samsung Addresses Critical Android Zero-Day in Quram Image Codec

On September 12, 2025, Samsung issued its latest Android security patch, which resolves a significant zero-day flaw that has been actively exploited in attacks on ...

StratosAlly

Latest News

EggStreme Malware: A Stealth Weapon Targeting Military Systems

A newly uncovered cyber-espionage campaign is attributed to a Chinese-linked Advanced Persistent Threat (APT) group. While the campaign strongly aligns with Chinese APT tactics and ...

StratosAlly

Latest News

Emergency Patch Released for SessionReaper Vulnerability

Adobe has released a security update addressing a serious flaw in Adobe Commerce and Magento Open Source, known as SessionReaper (CVE-2025-54236). This vulnerability has a ...

StratosAlly

Latest News

Silent Push exposed Salt Typhoon’s Hidden Domain Web with UNC4841 Links

Silent Push, a cybersecurity intelligence firm, has uncovered 45 previously unreported domains linked with Salt Typhoon, with part of the infrastructure overlapping with UNC4841. Significantly, ...

StratosAlly

Latest News

Supply Chain Attack: npm Packages Leak Keys to Telegram Bot

Security researchers have uncovered a supply chain attack in the npm registry, involving four packages disguised as Flashbots MEV tools and cryptographic utilities. These packages ...

StratosAlly

Latest News

“Hackers Weaponize ‘HexStrike AI’ to Exploit Fresh Citrix NetScaler Flaws”

Researchers at Check Point have warned that cybercriminals are attempting to leverage HexStrike AI to automate attacks against recently disclosed Citrix NetScaler flaws, with underground ...

StratosAlly

Latest News

‘Silver Fox’ Hackers Exploit Signed Drivers to Evade Security Defenses

Researchers at Check Point reported that the threat actor known as Silver Fox, also referred to as SwimSnake or UTG-Q-1000, employed a Bring Your Own ...

StratosAlly

Latest News

Amazon Disrupts ‘Midnight Blizzard’ Campaign Exploiting Microsoft Login Flow

Amazon’s threat intelligence team has disrupted a watering hole campaign traced to APT29, also known as Midnight Blizzard, a cyber unit tied to Russia’s Foreign ...

StratosAlly

Latest News

npm Supply Chain Hack Exposes Developer Secrets

New Phishing Tool VoidProxy Targets Microsoft and Google Accounts, Stealing Credentials and MFA Codes

Samsung Addresses Critical Android Zero-Day in Quram Image Codec

EggStreme Malware: A Stealth Weapon Targeting Military Systems

Emergency Patch Released for SessionReaper Vulnerability

Silent Push exposed Salt Typhoon’s Hidden Domain Web with UNC4841 Links

Supply Chain Attack: npm Packages Leak Keys to Telegram Bot

“Hackers Weaponize ‘HexStrike AI’ to Exploit Fresh Citrix NetScaler Flaws”

‘Silver Fox’ Hackers Exploit Signed Drivers to Evade Security Defenses

Amazon Disrupts ‘Midnight Blizzard’ Campaign Exploiting Microsoft Login Flow

community

Join the community to Stay Updated with the Latest Cybersecurity Trends