Hackers abuse Triofox antivirus feature to deploy remote access tools

Hackers exploited a critical vulnerability and the built-in antivirus feature in Gladinet's Triofox file-sharing and ...
SecurityWeek

Critical Triofox Vulnerability Exploited in the Wild

A threat actor exploited a critical vulnerability in Triofox to obtain remote access to a vulnerable server and then achieve code execution.
The Hacker News

Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature

"To achieve code execution, the attacker logged in using the newly created Admin account. The attacker uploaded malicious ...

Hackers found a way to weaponize CAPTCHA pages, and it's incredibly effective

A year of escalating social-engineering attacks has produced one of the most efficient infection chains observed to date. Known as ClickFix, this method requires only that ...

ImageKit launches its MCP server, enabling secure AI assistant integration to accelerate bulk media operations and automate workflows

ImageKit introduces its MCP Server, enabling teams to use natural language with AI assistants to automate bulk media ...
Cryptopolitan on MSN

Maverick malware takes over WhatsApp Web

Cybersecurity firms CyberProof, Trend Micro, Sophos, and Kaspersky believe Maverick attacks WhatsApp web users by combining ...

Greece arrests man in Europol's global 'Endgame' operation against cybercrime

Greece has arrested a 38-year-old man as part of a Europol crackdown on international cybercrime, during which authorities ...

RCE flaw in ImunifyAV puts millions of Linux-hosted sites at risk

The ImunifyAV malware scanner for Linux server, used by tens of millions of websites, is vulnerable to a remote code ...
Infosecurity Magazine

Hackers Exploit Critical Flaw in Gladinet's Triofox File Sharing Product

Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud ...
The Hacker News

WhatsApp Malware 'Maverick' Hijacks Browser Sessions to Target Brazil's Biggest Banks

Maverick malware spreads via WhatsApp Web, targeting Brazilian banks through PowerShell and browser hijacking.

Commercial spyware “Landfall” ran rampant on Samsung phones for almost a year

Unit 42 says that Landfall first appeared in July 2024, relying on a software flaw now catalogued as CVE-2025-21042. Samsung ...
CSO Online

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser ...