Cybercriminals are using fake Facebook pages and ads to impersonate Kling AI, a popular AI tool for creating images and videos. These ads lead users to fake websites like klingaimedia[.]com, which claim to offer AI services but instead trick visitors into downloading malicious software. The malicious files are hidden in ZIP archives and install a remote access trojan (RAT) that allows attackers to control the victim’s device and steal sensitive information such as passwords and...

Hackers are tricking people into downloading a virus called Noodlophile by using fake AI tools. They create fake websites and promote them on social media.

These fake sites offer AI tools for video and image editing. When users upload content, they’re told to download a file. But instead of the expected results, they download a malicious ZIP file.

The file installs Noodlophile, which can:

• Steal...

  ---

  May 15, 2025 15:05 (on 5/15/25) |  0 | 1 minute read

A company that stores backups online recently found out that a very skilled group of hackers, likely supported by a government, broke into its system by using a hidden problem that no one knew about before. Even though the system was broken into, there’s no evidence that customer information was looked at or taken, and the company kept running normally.

The company first heard something was wrong in February 2025, and they shared what they knew in March 2025. The hackers used a...

WhatsApp is rolling out a new feature called Private Processing that lets users take advantage of AI tools — like summarizing unread messages or getting writing suggestions — without giving up their privacy.

The company, owned by Meta, says the new feature keeps your messages secure by processing them in a protected space that even WhatsApp and Meta can’t access. This means you can use helpful AI features without worrying that your chats are being read or...

Microsoft has uncovered a malware campaign that uses fake cryptocurrency apps to spread malicious software. Since October 2024, attackers have been tricking users into downloading what looks like Binance or TradingView installers. These fake apps use Node.js and PowerShell to steal system data and send it to hackers.

The malware avoids detection by disabling Defender scans, stealing sensitive data like browser info, and staying active through scheduled tasks. Some versions use a...

Microsoft is warning about a series of phishing attacks using fake tax-related emails to spread malware and steal user credentials. These scams often include PDF attachments with shortened links or QR codes, which lead to fake websites that look like trusted services (e.g., DocuSign or Microsoft 365).

Some of these attacks use a platform called RaccoonO365, which helps cybercriminals create phishing websites. Once users click the links, they might be tricked into downloading malware...

Mozilla has released urgent updates for its Firefox browser to fix a security issue that could allow attackers to bypass protective measures. This comes shortly after Google patched a similar vulnerability in Chrome, which had been actively exploited.

The flaw, identified as CVE-2025-2857, could let a compromised part of Firefox’s system access more powerful functions, potentially leading to security risks. Mozilla has addressed the issue in Firefox versions 136.0.4 and 115.21.1, and...

The ClearFake cyberattack, first discovered in 2023, has grown into a more dangerous threat. Originally using fake browser update pop-ups, ClearFake now tricks people by pretending to be security checks, like fake reCAPTCHA or Cloudflare Turnstile verifications. These false alerts lead users to unknowingly download harmful software, such as Lumma Stealer and Vidar Stealer.

A new tactic called ClickFix has emerged, where attackers fool users into running harmful...

The FBI Denver Field Office has issued an urgent warning about a rise in cybercrimes involving free online file converters. Criminals are using these services to install malware on users' computers, risking data theft or ransomware attacks. A recent Colorado incident highlights the threat, with cybercriminals targeting individuals seeking free tools to convert or merge files, such as converting Word documents to PDFs. These tools appear legitimate but secretly deliver malicious...

Researchers found a new attack where a malicious web extension mimics any installed add-on, copying icons, popups, and workflows. This tricks users into entering credentials, which attackers can use to hijack accounts and steal sensitive data. The attack affects all Chromium-based browsers like Chrome, Edge, Brave, and Opera.

The malicious extension scans for target extensions, changes its icon to match, and disables the legitimate extension using the "chrome.management" API. Google...