Whalers Blog

As internet security evolves, SSL (Secure Sockets Layer) certificates, cornerstones of encrypted communication, are stepping into a brand-new role as vital tools in the fight against cyberattacks. Experts are now leveraging SSL intelligence and historical SSL data to expose hidden threat actor infrastructure, track malware activity, and thwart potential cyber threats before they gain traction.…

A sophisticated cyber campaign orchestrated by the threat group TAG-124 has compromised over 1,000 WordPress websites to deploy malicious payloads. The operation leverages a multi-layered Traffic Distribution System (TDS) to infect users with malware, demonstrating advanced evasion tactics and infrastructure management. TAG-124’s infrastructure consists of compromised WordPress sites injected with malicious JavaScript to redirect visitors…

The New York Blood Center Enterprises (NYBC), a vital organization responsible for supplying blood and blood products to hospitals across the region, has fallen victim to a ransomware attack. The incident has significantly disrupted its IT systems, forcing the organization to implement emergency measures while cybersecurity experts work to prevent the threat. The NYBC detected…

Cybersecurity researchers have uncovered a sophisticated campaign leveraging GitHub’s trusted release infrastructure to distribute the Lumma Stealer malware. This information-stealing malware, part of a growing trend of cybercriminals abusing legitimate platforms, poses significant risks by exfiltrating sensitive data and deploying additional malicious payloads. The attackers utilized GitHub repositories to host malicious files disguised as legitimate…

Researchers have uncovered two critical vulnerabilities in GitHub Copilot, Microsoft’s AI-powered coding assistant, that expose systemic weaknesses in enterprise AI tools.  The flaws—dubbed “Affirmation Jailbreak” and “Proxy Hijack”—allow attackers to bypass ethical safeguards, manipulate model behavior, and even hijack access to premium AI resources like OpenAI’s GPT-o1. These findings highlight the ease with which AI…

The rapid rise of DeepSeek, a Chinese artificial intelligence (AI) company, has not only disrupted the AI industry but also attracted the attention of cybercriminals. As its AI Assistant app became the most downloaded free app on the iOS App Store in January 2025, surpassing OpenAI’s ChatGPT, malicious actors have exploited its popularity to launch…

A new wave of cyberattacks leveraging the Coyote Banking Trojan has been identified, targeting financial institutions in Brazil. This sophisticated malware employs malicious Windows LNK (shortcut) files as an entry point to execute PowerShell scripts, enabling multi-stage infection chains that ends in data theft and system compromise. The attack begins with a malicious LNK file…

A critical cybersecurity vulnerability has been uncovered in Contec CMS8000 patient monitors, revealing embedded malware that poses significant risks to patient safety and data security. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported that the devices include a backdoor linked to a hard-coded IP address associated with a Chinese university. The Contec CMS8000 patient…

Video games are a favorite pastime for millions of kids and teenagers worldwide, offering exciting challenges, epic battles, and opportunities to connect with friends online. But what happens when the search for an edge in these games—like cheats or special hacks—leads to something far more dangerous?   McAfee Labs has uncovered a growing threat aimed…

SentinelLABS has observed an active phishing campaign targeting high-profile X accounts to hijack and exploit them for fraudulent activity. Executive Summary An active phishing campaign is targeting high-profile X accounts in an attempt to hijack and exploit them for fraudulent activity. This campaign has been observed targeting a variety of individual and organization accounts such…