ShadyPanda Weaponizes Trusted Browser Extensions in 7-Year Campaign

• Post author:Pocholo Legaspi
• Post published:December 4, 2025
• Post category:Blogs

A seven-year malware campaign turned trusted browser extensions into spyware, affecting 4.3 million. WeTab and other extensions remain active in Edge's store.

Continue ReadingShadyPanda Weaponizes Trusted Browser Extensions in 7-Year Campaign

Everest Ransomware Gang Claims Under Armour and Petrobras Breaches

• Post author:Pocholo Legaspi
• Post published:November 21, 2025
• Post category:Blogs

Everest ransomware group claims breaches of Under Armour and Petrobras in mid-November 2025. The attacks exposed customer data and seismic survey information.

Continue ReadingEverest Ransomware Gang Claims Under Armour and Petrobras Breaches

PureRAT Malware Campaign Exploits Hotels to Steal Guest Banking Details

• Post author:Pocholo Legaspi
• Post published:November 13, 2025
• Post category:Blogs

Hotels worldwide face PureRAT infections via fake Booking.com emails. The result is stolen credentials and scams against real guests.

Continue ReadingPureRAT Malware Campaign Exploits Hotels to Steal Guest Banking Details

Memento Labs Spyware Used in Chrome Zero-Day Campaign

• Post author:Pocholo Legaspi
• Post published:October 29, 2025
• Post category:Blogs

Operation ForumTroll used a Chrome zero-day to install spyware traced to Memento Labs. The phishing campaign hit research and media groups.

Continue ReadingMemento Labs Spyware Used in Chrome Zero-Day Campaign

Medical Specialist Group Fined £100,000 After Cyber Attack Exposed Patient Data

• Post author:Pocholo Legaspi
• Post published:October 24, 2025
• Post category:Blogs

A £100,000 fine hits the Medical Specialist Group after hackers stole patient data, highlighting major security lapses and the cost of poor cyber hygiene.

Continue ReadingMedical Specialist Group Fined £100,000 After Cyber Attack Exposed Patient Data

Hacker Group TA585 Deploys MonsterV2 Malware with Advanced Web Injection Capabilities

• Post author:Pocholo Legaspi
• Post published:October 17, 2025
• Post category:Blogs

TA585 launches MonsterV2 malware, capable of live transaction tampering via browser injection. Just-in-time privilege controls help limit damage.

Continue ReadingHacker Group TA585 Deploys MonsterV2 Malware with Advanced Web Injection Capabilities

JLR’s Production Crisis Exposes Manufacturing’s Cyber Weakness

• Post author:Pocholo Legaspi
• Post published:September 19, 2025
• Post category:Blogs

JLR's global factories remain offline after a major cyberattack. Weeks of halted production expose serious risks in connected manufacturing systems.

Continue ReadingJLR’s Production Crisis Exposes Manufacturing’s Cyber Weakness

Salesloft Drift AI Agent Vulnerability Leads to Widespread Data Theft

• Post author:Pocholo Legaspi
• Post published:September 5, 2025
• Post category:Blogs

Threat actors used stolen OAuth tokens to breach Salesforce data at scale, exposing major flaws in AI agent integrations and enterprise security.

Continue ReadingSalesloft Drift AI Agent Vulnerability Leads to Widespread Data Theft

Electronics Manufacturer Data I/O Hit by Ransomware Attack

• Post author:Pocholo Legaspi
• Post published:August 29, 2025
• Post category:Blogs

A ransomware attack knocked out key systems at Data I/O, a chip services firm for Apple and Google. The fallout exposes serious supply chain vulnerabilities.

Continue ReadingElectronics Manufacturer Data I/O Hit by Ransomware Attack

Dior Joins Growing List of Retailers Targeted by Cybercriminals 

• Post author:Pocholo Legaspi
• Post published:May 23, 2025
• Post category:Blogs

Dior joins a wave of retail brands hit by cyberattacks. While financial data was safe, exposed shopping histories raise major phishing risks.

Continue ReadingDior Joins Growing List of Retailers Targeted by Cybercriminals