Hackers are tricking people into downloading a virus called Noodlophile by using fake AI tools. They create fake websites and promote them on social media.

These fake sites offer AI tools for video and image editing. When users upload content, they’re told to download a file. But instead of the expected results, they download a malicious ZIP file.

The file installs Noodlophile, which can:

• Steal...

  ---

  May 15, 2025 00:05 (on 5/15/25) |  0 | 1 minute read

A company that stores backups online recently found out that a very skilled group of hackers, likely supported by a government, broke into its system by using a hidden problem that no one knew about before. Even though the system was broken into, there’s no evidence that customer information was looked at or taken, and the company kept running normally.

The company first heard something was wrong in February 2025, and they shared what they knew in March 2025. The hackers used a...

WhatsApp is rolling out a new feature called Private Processing that lets users take advantage of AI tools — like summarizing unread messages or getting writing suggestions — without giving up their privacy.

The company, owned by Meta, says the new feature keeps your messages secure by processing them in a protected space that even WhatsApp and Meta can’t access. This means you can use helpful AI features without worrying that your chats are being read or...

Microsoft has uncovered a malware campaign that uses fake cryptocurrency apps to spread malicious software. Since October 2024, attackers have been tricking users into downloading what looks like Binance or TradingView installers. These fake apps use Node.js and PowerShell to steal system data and send it to hackers.

The malware avoids detection by disabling Defender scans, stealing sensitive data like browser info, and staying active through scheduled tasks. Some versions use a...

Microsoft is warning about a series of phishing attacks using fake tax-related emails to spread malware and steal user credentials. These scams often include PDF attachments with shortened links or QR codes, which lead to fake websites that look like trusted services (e.g., DocuSign or Microsoft 365).

Some of these attacks use a platform called RaccoonO365, which helps cybercriminals create phishing websites. Once users click the links, they might be tricked into downloading malware...

Mozilla has released urgent updates for its Firefox browser to fix a security issue that could allow attackers to bypass protective measures. This comes shortly after Google patched a similar vulnerability in Chrome, which had been actively exploited.

The flaw, identified as CVE-2025-2857, could let a compromised part of Firefox’s system access more powerful functions, potentially leading to security risks. Mozilla has addressed the issue in Firefox versions 136.0.4 and 115.21.1, and...

The ClearFake cyberattack, first discovered in 2023, has grown into a more dangerous threat. Originally using fake browser update pop-ups, ClearFake now tricks people by pretending to be security checks, like fake reCAPTCHA or Cloudflare Turnstile verifications. These false alerts lead users to unknowingly download harmful software, such as Lumma Stealer and Vidar Stealer.

A new tactic called ClickFix has emerged, where attackers fool users into running harmful...

The FBI Denver Field Office has issued an urgent warning about a rise in cybercrimes involving free online file converters. Criminals are using these services to install malware on users' computers, risking data theft or ransomware attacks. A recent Colorado incident highlights the threat, with cybercriminals targeting individuals seeking free tools to convert or merge files, such as converting Word documents to PDFs. These tools appear legitimate but secretly deliver malicious...

Researchers found a new attack where a malicious web extension mimics any installed add-on, copying icons, popups, and workflows. This tricks users into entering credentials, which attackers can use to hijack accounts and steal sensitive data. The attack affects all Chromium-based browsers like Chrome, Edge, Brave, and Opera.

The malicious extension scans for target extensions, changes its icon to match, and disables the legitimate extension using the "chrome.management" API. Google...

The U.K.'s Information Commissioner's Office (ICO) has launched an investigation into TikTok, Reddit, and Imgur to examine how they protect children aged 13 to 17. The probe focuses on how these platforms use children’s personal data to recommend content, amid concerns that such practices may expose young users to inappropriate material.

The ICO is particularly scrutinizing TikTok’s recommendation algorithms and the methods Reddit and Imgur use to verify user age and tailor content....