The Security Blog From Gridinsoft

Investment Scams on Facebook How Cybercriminals Filter and Target Victims

Investment Scams on Facebook: How Cybercriminals Filter and Target Victims

Investment scams continue to evolve in sophistication, with cybercriminals deploying increasingly complex methods to target potential victims. Recent research from…

BreachForums is Down, Admins Posted a PGP-Signed Message

BreachForums, an infamous Darknet forum, has gone offline recently, only to get back up with a worrying message on its…

$GROK Presale Scam: Crypto Investment Fraud

The $GROK Presale Scam tricks people into investing in a fake cryptocurrency by using Elon Musk’s name and his Grok…

CVE-2025-21605 Redis DoS Vulnerability Discovered, Patch Now

So Redis walks into a bar and the bartender asks, “Why so bloated?” Turns out Redis has been hitting the…

WordPress Ad-Fraud Plugins and the Scallywag Operation

Cybersecurity researchers have found a large-scale ad fraud scheme called “Scallywag”. It used WordPress plugins to generate massive fraudulent ad…

LummaStealer and SmartLoader Use AI-Powered GitHub Repos

SmartLoader, LummaStealer Abuse Fake GitHub Repositories

A new campaign has been discovered where malicious actors are…

What is CVE-2025-27607?

Python JSON Logger Vulnerability Exposes Millions of Users

The CVE-2025-27607 vulnerability was discovered in Python JSON Logger. Its…

Broadcom Fixes VMWare ESXi, Workstation Vulnerabiltiies

VMWare ESXi Vulnerabilities Exploited, Patch Now

Broadcom has published a report on the discovery of three…

Frauds Promote Trading Scam With AI Bots in YouTube Ads

Frauds Promote Trading Scam With AI Bots in YouTube Ads

Attackers use AI-generated videos featuring credible crypto experts to create…

Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger

Signal Linked Devices Abused by Russian Intelligence

A new fraudulent campaign to hijack Signal accounts has been…

StaryDobry ruins New Year’s Eve, delivering miner instead of presents

StaryDobry Malware Hides in Pirated Games, Deploys XMRig

A major malware campaign named StaryDobry infected gamers by distributing…

Phishing Campaign Abuses Webflow, SEO, and Fake CAPTCHA

Fake CAPTCHA Abuses PDF and SEO Poisoning

Cybercrime actors misuse search ads to distribute fraudulent PDF files,…

Zimbra Releases Fixes for a Critical CVSS 9.8 SQL Injection Vulnerability

Zimbra Security Updates Fix a Critical SQL Injection Vulnerability

Zimbra has released updates that fix vulnerabilities in its products.…

Fake Google Chrome Sites Distribute ValleyRAT Malware, Using DLL Hijacking

Fake Google Chrome Downloading Sites Distribute ValleyRAT

Cybercriminals have set up fake websites mimicking Google Chrome’s official…

SVG Virus: Phishing Attacks and Malware Injection Through an Image

SVG Virus: New Phishing Tactique in Images

Security researchers have discovered a phishing campaign that is based…

Cisco Identity Services Engine Java Deserialization and Authorization Bypass Vulnerabilities Fixed, Update As Soon As Possible

Cisco Authorization Bypass Vulnerabilities Discovered

Cisco has rolled out security updates to fix two critical…

The Alarming Rise of DeepSeek Scams

The Alarming Rise of DeepSeek Scams

The release of DeepSeek AI chatbot gave a push for…

AI Assistant

Hello! 👋 How can I help you today?