Five critical flaws in Ingress NGINX Controller expose 6,500+ clusters; update now to prevent unauthorized remote code execution.
African law enforcement authorities have arrested 306 suspects as part of ‘Operation Red Card,’ an INTERPOL-led international crackdown targeting cross-border cybercriminal networks.
Between November 2024 and February 2025, authorities seized 1,842 devices allegedly used in mobile banking, investment, and messaging app scams linked to over 5,000 victims.
“Ahead of the operation, countries exchanged criminal intelligence on key targets. This intelligence was enriched by INTERPOL with insights into criminal modus operandi using data from its private sector partners—Group-IB, Kaspersky and Trend Micro,” the international police organization said.
A threat actor known as EncryptHub has been linked to Windows zero-day attacks exploiting a Microsoft Management Console vulnerability patched this month.
Uncovered by Trend Micro staff researcher Aliakbar Zahravi, this security feature bypass (dubbed ‘MSC EvilTwin’ and now tracked as CVE-2025–26633) resides in how MSC files are handled on vulnerable devices.
Attackers can leverage the vulnerability to evade Windows file reputation protections and execute code because the user is not warned before loading unexpected MSC files on unpatched devices.
A new phishing campaign targets Counter-Strike 2 players utilizing (BitB) attacks that display a realistic window that mimics Steam’s login page.
The attackers impersonate the Ukrainian e-sports team Navi to bait devoted fans and add legitimacy to the phishing page by using a recognizable brand.
The campaign uses the <a href=“https://www.bleepingcomputer.com/news/security/new-phishing-toolkit-lets-anyone-create-fake-chrome-browser-windows/” target=“_blank” rel=“nofollow (BitB) phishing technique created by cybersecurity researcher mr. dox in March 2022. This phishing framework allows threat actors to create realistic-looking popup windows with custom address URLs and titles within another browser window.
To prevent similar incidents from reoccurring in the future, Cloudflare has improved credential logging and verification and now mandates the use of automated deployment tooling to avoid human errors.
The company is also updating standard operating procedures (SOPs) to require dual validation for high-impact actions like credential rotation and plans to enhance health checks for faster root cause detection.
Cloudflare’s R2 service suffered another 1-hour long outage in February, which was also caused by a human error.
New Android malware campaigns use Microsoft’s cross-platform framework. NET MAUI while disguising as legitimate services to evade detection.
A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems.
VanHelsing was first promoted on underground cybercrime platforms on March 7, offering experienced affiliates a free pass to join while mandating a deposit of $5,000 from less experienced threat actors.
The new ransomware operation was first documented by CYFIRMA late last week, while Check Point Research performed a more in-depth analysis published yesterday.
Genetic engineering in non-human primates has long been limited by the need for virus-based gene delivery methods. Recently, researchers in Japan successfully used a nonviral system to introduce a transgene—that is, a gene that has been artificially inserted into an organism—into cynomolgus monkeys, which is a species of primate closely related to humans. The paper is published in the journal Nature Communications.
Small animal models such as mice do not fully replicate the complexity of human diseases, particularly in areas like infectious disease and neuropsychiatric disorders. This limitation has made non-human primates an essential model for biomedical research.
However, genetic modification of these primates has been challenging. For example, conventional virus-based methods require specialized containment facilities and are limited in terms of the size of transgenes that the viruses can carry. Also, these methods do not allow for precise selection of modified embryos before implantation.
David Bai
Posted in futurism | Leave a Comment on David Bai
A couple weeks ago, I participated in the Mercor x Etched x Cognition Hackathon. The theme of the hackathon was “inference-time compute”— and this is what I worked on for 24 hours, with some added rigor, visualizations, and analysis.
You can view the original work here and the code here — my contribution is the hallucinations section for both.
Thanks to Allison Lim and Vijay Kumaravelrajan (alphabetical order) for helping me edit this!