Imagine downloading a seemingly harmless QR scanner or a handy expense tracker from the Google Play Store, only to find out it’s a wolf in sheep’s clothing. This isn’t a hypothetical scenario—it’s a reality that has affected millions of Android users. Recently, security researchers at Bitdefender uncovered a massive ad fraud campaign involving 331 malicious apps that collectively racked up over a 60 million downloads. These apps didn’t just annoy users with intrusive ads; they exploited vulnerabilities in Android 13 to bypass security restrictions, steal credentials, and carry out phishing attacks. Let’s dive into how this happened, what it means…
Author: V Diwahar
V Diwahar
V Diwahar is a final-year B.E Cybersecurity student, independent security researcher, and founder of CyberInfos.in an - global cybersecurity analysis blog delivering technical depth, expert threat intelligence, and actionable security guidance to readers across the US, UK, Europe, Asia, and beyond. With hands-on academic and practical experience in ethical hacking, network security, malware analysis, penetration testing, vulnerability research, and digital forensics, I brings a practitioner's perspective to every article going beyond headlines to analyse what vulnerabilities and breaches actually mean, who is genuinely at risk, and what every reader should do about it right now. Every article published on CyberInfos.in is built on verified technical research CVE details cross-referenced with nvd.nist.gov, attack mechanics explained using real tools and lab environments, and expert analysis that challenges official statements when the evidence demands it. I founded CyberInfos.in with a single mission: to fill the gap between generic press-release rewrites and inaccessible technical papers delivering cybersecurity analysis that is deep enough for security professionals, clear enough for business owners, and actionable enough for everyone.
In the evolving landscape of technology, artificial intelligence (AI) has emerged as a game-changer, revolutionizing industries and simplifying complex tasks. However, as with any powerful tool, AI’s potential for misuse is becoming increasingly apparent. Recent developments have shown that AI-powered agents, designed to automate routine tasks, are being weaponized by malicious actors to create sophisticated cyberattacks. This alarming trend raises critical questions about the ethical implications of AI and the challenges of securing these advanced systems. Rise of AI Operator Agents On January 23, 2025, OpenAI launched Operator, a next-generation AI tool capable of interacting with web pages and performing…
In an alarming new development, a sophisticated Android banking trojan dubbed OctoV2 has emerged, posing as the popular DeepSeek AI application. This malware campaign employs cunning tactics to deceive users, ultimately stealing their login credentials and other sensitive information. With DeepSeek rapidly gaining popularity, cybercriminals are capitalizing on its trusted name to spread malicious software. The Rise of DeepSeek and Its Popularity DeepSeek, an advanced AI chatbot developed by a Chinese startup based in Hangzhou, quickly gained traction after its release in January 2025. With versions available on both iOS and Android, DeepSeek’s intuitive design and impressive capabilities have attracted…
In the ever -evolving world of online crime, few names have received as much attention as Black Basta. This ransomware-as-a-Service (Raas) group, which appeared in April 2022, has rapidly risen to its sophisticated tactics and high-value objectives. But what really sets Black Basta apart is the merciless focus on Edge Network devices, using a framework for Brute Force that has left cybersecurity experts both impressed and frightened. Leak That Changed Everything On February 11, 2025, a Russian-speaking actor using the Telegram handle @ExploitWhispers dropped a bombshell: internal chat logs of Black Basta RaaS members. These logs, spanning from September 2023…
In the ever-changing landscape of cybersecurity, threats are continuously evolving, adapting, and discovering new pathways to exploit weaknesses. Enter into Mora_001, a recently discovered threat actor that has rapidly gained a reputation for a methodical and sophisticated network compromise methodology. Their weapon of choice? A tailor-made ransomware variant labeled “SuperBlack.” The usual ransomware attack this is not, this is a complex, multi-pronged attack that highlights the increasing sophistication of cybercriminals. The exploitation: a perfect storm of vulnerabilities The campaign for Mora_001 starts with the exploitation of two important Fortinet CVEs: CVE-2024-55591 and CVE-2025-24472. These vulnerabilities, which have an impact on FortiOS versions below 7.0.16, could be…
Artificial intelligence revolutionizes productivity in offices, and Microsoft Copilot will be one such pioneer. Businesses all over the world immediately adopted the AI assistant into their operations shortly after its launch in 2023, using it to automate processes in Microsoft 365 applications. Technically, at the birth of every new technology, there is just as much of an equal opportunity for something new to endanger the security of all systems using it. Cybercriminals, always adept at hunting fresh chances, seem to have converged on Microsoft Copilot. Phishing campaigns now sham messages that closely resemble what could be sent from Microsoft’s Copilot…