China-Linked Lotus Blossom Group Behind Notepad++ Hosting Cyberattack

 

Notepad++ Hosting Breach Linked to China-Linked Lotus Blossom APT, “Chrysalis” Backdoor Discovered

A China-linked cyber-espionage group known as Lotus Blossom has been attributed with medium confidence to the compromise of infrastructure used to host Notepad++, the widely used open-source text editor. The incident enabled attackers to deliver a previously undocumented backdoor dubbed Chrysalis to a select group of users, according to research from Rapid7.

Airtel-Perplexity Pro "Free" Offer Under Fire as New Credit Card Requirement Surfaces

 

A wave of frustration is hitting Indian tech enthusiasts as Perplexity AI and Airtel appear to have altered the terms of their highly publicized "One Year Free Perplexity Pro" collaboration.

The Original Promise Launched as part of the Airtel Thanks program, the offer originally allowed eligible Airtel users to claim a year of Perplexity Pro (valued at ~$200) without any financial commitment. Archived versions of the official help page dated as recently as late November 2024 explicitly confirmed that users did not need to provide credit card or debit card information to activate the service.

Rootkit Tactics: How Chinese Hackers Hide ToneShell Malware Activity

 

Chinese Hackers Use Kernel Rootkit to Conceal ToneShell Malware

A China-linked advanced persistent threat (APT) group associated with HoneyMyte, also known as Mustang Panda or Bronze President, has been observed deploying a new kernel-mode rootkit to stealthily hide its ToneShell backdoor operations.

China-Backed Hackers Abuse Insecure Cisco Configurations in Cyber Attacks

 

China-Linked Hackers Exploit Misconfigured Cisco Security Products to Deploy Backdoors

China-linked threat actors have been actively exploiting misconfigured Cisco security products to gain persistent access to targeted networks, according to new findings from Cisco. The campaign has been ongoing for several weeks and highlights how insecure configuration choices—not software flaws alone—can expose critical infrastructure to advanced cyber threats.

Google to Discontinue Dark Web Monitoring Tool by January 2026

Based on the official Google support page referenced, the Dark Web Report feature is being discontinued due to changes in the dark web landscape and resource allocation. The monitoring functionality will cease on January 15  2026  and all associated data will be permanently lost. This decision aligns with Google's strategic shift away from certain security features.

 

Microsoft Teams Introduces Call Flagging to Combat Malicious Callers

 

Microsoft Teams Introduces New Feature to Flag Malicious Calls: A Major Boost to Communication Security

Microsoft is preparing to roll out a powerful new security enhancement to its Teams platform, aimed at combating the growing threat of spam, phishing, and malicious calls targeting organizations. The upcoming feature, “Report a Suspicious Call,” will give users the ability to directly flag questionable calls — adding an extra layer of protection to everyday communication.

AWS IAM Eventual Consistency: The Overlooked Persistence Technique

 

Exploiting AWS IAM Eventual Consistency: The Persistence Risk Every Cloud Defender Must Understand

AWS Identity and Access Management (IAM) is often perceived as a strongly consistent and immediate-response system. However, like many globally distributed services, it actually operates on an eventual consistency model. While this design enables scalability across regions, it also introduces brief but dangerous windows that attackers can exploit to maintain persistence — even after defenders believe they have removed access.