The Security Blog From Gridinsoft

$GROK Presale Scam: Crypto Investment Fraud

$GROK Presale Scam: Crypto Investment Fraud

The $GROK Presale Scam tricks people into investing in a fake cryptocurrency by using Elon Musk’s name and his Grok…

CVE-2025-21605 Redis DoS Vulnerability Discovered, Patch Now

So Redis walks into a bar and the bartender asks, “Why so bloated?” Turns out Redis has been hitting the…

WordPress Ad-Fraud Plugins and the Scallywag Operation

Cybersecurity researchers have found a large-scale ad fraud scheme called “Scallywag”. It used WordPress plugins to generate massive fraudulent ad…

MITRE Warns CVE Program Funding Expires on April 16

MITRE, a key player in cybersecurity awareness, has issued a warning about the funding for the Common Vulnerabilities and Exposures…

CVE-2025-32395 Vite Vulnerability Exposes Sensitive Files

A newly discovered Vite vulnerability, a widely used frontend development tool, has been assigned the identifier CVE-2025-32395. This flaw affects…

CVE-2025-24071 Windows File Explorer Spoofing Vulnerability Overview

CVE-2025-24071 Windows File Explorer Spoofing Vulnerability Uncovered, Patch Now

Microsoft uncovered the information about a critical vulnerability in Windows…

MassJacker Malware Targets Pirated Software Users

MassJacker Malware

Cybersecurity researchers have found MassJacker, a new, previously undocumented malware.…

Jaguar Land Rover Hacked In Two Steps, Customer Data Leaked

Jaguar Land Rover Data Breach Involved Two Attacks

Jaguar Land Rover suffered a significant data breach. Two hackers…

X DDoS Attack Overview

Threat Actor Behind X DDoS Attack Revealed

The X DDoS Attack, reported on March 10, 2025, caused…

CISA Has Added Five Vulnerabilities To Its KEV List

CISA Adds 5 Exploited Vulnerabilities, Patch ASAP

CISA recently updated its Known Exploited Vulnerabilities catalog, adding five…

LummaStealer and SmartLoader Use AI-Powered GitHub Repos

SmartLoader, LummaStealer Abuse Fake GitHub Repositories

A new campaign has been discovered where malicious actors are…

What is CVE-2025-27607?

Python JSON Logger Vulnerability Exposes Millions of Users

The CVE-2025-27607 vulnerability was discovered in Python JSON Logger. Its…

Broadcom Fixes VMWare ESXi, Workstation Vulnerabiltiies

VMWare ESXi Vulnerabilities Exploited, Patch Now

Broadcom has published a report on the discovery of three…

Frauds Promote Trading Scam With AI Bots in YouTube Ads

Frauds Promote Trading Scam With AI Bots in YouTube Ads

Attackers use AI-generated videos featuring credible crypto experts to create…

Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger

Signal Linked Devices Abused by Russian Intelligence

A new fraudulent campaign to hijack Signal accounts has been…

StaryDobry ruins New Year’s Eve, delivering miner instead of presents

StaryDobry Malware Hides in Pirated Games, Deploys XMRig

A major malware campaign named StaryDobry infected gamers by distributing…

Phishing Campaign Abuses Webflow, SEO, and Fake CAPTCHA

Fake CAPTCHA Abuses PDF and SEO Poisoning

Cybercrime actors misuse search ads to distribute fraudulent PDF files,…

AI Assistant

Hello! 👋 How can I help you today?