Imagine your Windows Defender antivirus, the built-in guardian of your PC, being tricked by a clever hacker. Sounds scary, right? Well, security researchers have uncovered a new method that does exactly that—bypassing Microsoft’s security software using direct syscalls and XOR encryption. This technique isn’t just theoretical; it’s actively being used to slip past defenses unnoticed. If you rely solely on Windows Defender for protection, this discovery should make you rethink your security setup. Let’s break down how this works and what you can do to stay safe. How Windows Defender Normally Works Windows Defender is Microsoft’s built-in antivirus solution, designed…
Author: Cyber infos
It’s not every day that a new tool genuinely shifts the landscape for developers, but Google’s recent launch of Google Firebase Studio might be one of those moments. Let’s be real—building full-stack apps, especially those infused with AI, can often feel like navigating a maze blindfolded. There are countless tools, scattered documentation, and that constant tug-of-war between speed and quality. So when I heard about Firebase Studio, I was curious… then impressed… and now, honestly, kind of excited. What is Firebase Studio, Really? In a nutshell, Firebase Studio is a new, cloud-based development environment built to help you go from…
Artificial intelligence (AI) has dramatically transformed cybersecurity. Red teams—ethical hackers who simulate cyberattacks—are now leveraging AI to develop more sophisticated techniques. These AI-powered red teams can automate attacks, analyze vulnerabilities faster, and bypass traditional security measures more effectively than ever before. But what does this mean for businesses and cybersecurity professionals? As AI becomes more advanced, red team activities are evolving rapidly, creating new challenges for security defenses. This article delves into the role of AI in red teaming, the emerging tactics being used, and what organizations can do to stay ahead of these threats. What is Red Teaming in…
In a world where cyber threats evolve faster than most people can keep up with, even the most secure software can have cracks. Google Chrome, the most widely used web browser, recently became the target of a sophisticated attack exploiting a zero-day vulnerability. Dubbed CVE-2025-2783, this flaw allowed hackers to bypass Chrome’s sandbox protection, putting countless users at risk. If you use Chrome, this isn’t just another security update you can ignore—it’s a serious issue that requires immediate action. Let’s break it down and see what happened, how it worked, and what you should do next. What Happened? Cybersecurity researchers…
As with any developing generation in online advertising, businesses turned to Meta fake email, formerly Facebook, in order to take their marketing efforts up a notch. But what happens when the very tools you rely on turn out to be a weapon within the hands of hackers? It has become revealed that a new high-class phishing scheme comes upon the business ads on the portal of Meta. This fraud is not merely believable but the most perilous one as it threatens ad accounts in their thousands. Brief as it may be, let’s get into the particulars and see what measures…
Imagine downloading a seemingly harmless QR scanner or a handy expense tracker from the Google Play Store, only to find out it’s a wolf in sheep’s clothing. This isn’t a hypothetical scenario—it’s a reality that has affected millions of Android users. Recently, security researchers at Bitdefender uncovered a massive ad fraud campaign involving 331 malicious apps that collectively racked up over a 60 million downloads. These apps didn’t just annoy users with intrusive ads; they exploited vulnerabilities in Android 13 to bypass security restrictions, steal credentials, and carry out phishing attacks. Let’s dive into how this happened, what it means…
In the evolving landscape of technology, artificial intelligence (AI) has emerged as a game-changer, revolutionizing industries and simplifying complex tasks. However, as with any powerful tool, AI’s potential for misuse is becoming increasingly apparent. Recent developments have shown that AI-powered agents, designed to automate routine tasks, are being weaponized by malicious actors to create sophisticated cyberattacks. This alarming trend raises critical questions about the ethical implications of AI and the challenges of securing these advanced systems. Rise of AI Operator Agents On January 23, 2025, OpenAI launched Operator, a next-generation AI tool capable of interacting with web pages and performing…
In an alarming new development, a sophisticated Android banking trojan dubbed OctoV2 has emerged, posing as the popular DeepSeek AI application. This malware campaign employs cunning tactics to deceive users, ultimately stealing their login credentials and other sensitive information. With DeepSeek rapidly gaining popularity, cybercriminals are capitalizing on its trusted name to spread malicious software. The Rise of DeepSeek and Its Popularity DeepSeek, an advanced AI chatbot developed by a Chinese startup based in Hangzhou, quickly gained traction after its release in January 2025. With versions available on both iOS and Android, DeepSeek’s intuitive design and impressive capabilities have attracted…
In the ever -evolving world of online crime, few names have received as much attention as Black Basta. This ransomware-as-a-Service (Raas) group, which appeared in April 2022, has rapidly risen to its sophisticated tactics and high-value objectives. But what really sets Black Basta apart is the merciless focus on Edge Network devices, using a framework for Brute Force that has left cybersecurity experts both impressed and frightened. Leak That Changed Everything On February 11, 2025, a Russian-speaking actor using the Telegram handle @ExploitWhispers dropped a bombshell: internal chat logs of Black Basta RaaS members. These logs, spanning from September 2023…
In the ever-changing landscape of cybersecurity, threats are continuously evolving, adapting, and discovering new pathways to exploit weaknesses. Enter into Mora_001, a recently discovered threat actor that has rapidly gained a reputation for a methodical and sophisticated network compromise methodology. Their weapon of choice? A tailor-made ransomware variant labeled “SuperBlack.” The usual ransomware attack this is not, this is a complex, multi-pronged attack that highlights the increasing sophistication of cybercriminals. The exploitation: a perfect storm of vulnerabilities The campaign for Mora_001 starts with the exploitation of two important Fortinet CVEs: CVE-2024-55591 and CVE-2025-24472. These vulnerabilities, which have an impact on FortiOS versions below 7.0.16, could be…