OpenCart websites were silently injected with malware that mimics trusted tracking scripts
Script hides in analytics tags and quietly swaps real payment forms for fake ones
Obfuscated JavaScript allowed attackers to slip past detection and launch credential theft in real time
A new Magecart-style attack has raised concerns across the cybersecurity landscape, targeting ecommerce websites which rely on the OpenCart CMS.
The attackers injected malicious JavaScript into landing pages, cleverly hiding their payload among legitimate analytics and marketing tags such as Facebook Pixel, Meta Pixel, and Google Tag Manager.
Exepers from c/side, a cybersecurity firm that monitors third-party scripts and web assets to detect and prevent client-side attacks, says the injected code resembles a standard tag snippet, but its behavior tells a different story.
Obfuscation techniques and script injection
This particular campaign disguises its malicious intent by encoding payload URLs using Base64 and routing traffic through suspicious domains such as /tagscart.shop/cdn/analytics.min.js, making it harder to detect in transit.
At first, it appears to be a standard Google Analytics or Tag Manager script, but closer inspection reveals otherwise.
When decoded and executed, the script dynamically creates a new element, inserts it before existing scripts, and silently launches additional code.
The malware then executes heavily obfuscated code, using techniques such as hexadecimal references, array recombination, and the eval() function for dynamic decoding.
The key function of this script is to inject a fake credit card form during checkout, styled to appear legitimate.
Once rendered, the form captures input across the credit card number, expiration date, and CVC. Listeners are attached to blur, keydown, and paste events, ensuring that user input is captured at every stage.
Importantly, the attack doesn’t rely on clipboard scraping, and users are forced to manually input card details.
After this, data is immediately exfiltrated via POST requests to two command-and-control (C2) domains: //ultracart[.]shop/g.php and //hxjet.pics/g.php.
In an added twist, the original payment form is hidden once the card information is submitted - a second page then prompts users to enter further bank transaction details, compounding the threat.
What stands out in this case is the unusually long delay in using the stolen card data, which took several months instead of the typical few days.
The report reveals that one card was used on June 18 in a pay-by-phone transaction from the US, while another was charged €47.80 to an unidentified vendor.
This breach shows a growing risk in SaaS-based e-commerce, where CMS platforms like OpenCart become soft targets for advanced malware.
There is therefore a need for stronger security measures beyond basic firewalls.
Automated platforms like c/side claim to detect threats by spotting obfuscated JavaScript, unauthorized form injections, and anomalous script behavior.
As attackers evolve, even small CMS deployments must remain vigilant, and real-time monitoring and threat intelligence should no longer be optional for e-commerce vendors seeking to secure their customers’ trust.
Experts warn of malware running real apps in fake virtual environments
GodFather bypasses security checks and overlays fake screens to steal credentials
Targets banking and crypto apps globally with nearly invisible techniques
Zimperium zLabs has uncovered a new version of the GodFather malware that uses on-device virtualization to hijack real banking and cryptocurrency apps.
Unlike older attacks that showed fake login screens, this malware launches the actual apps in a virtual space where attackers can see everything the user does.
The attack begins with a host app that includes a virtualization tool - this host app downloads the targeted banking or crypto app and runs it in a private environment.
Moving beyond simple overlays
When users open their app, they are unknowingly redirected into the virtual version. From there, every tap, login, and PIN entry is tracked in real time.
Because the user is interacting with a real app, it is almost impossible to spot the attack by looking at the screen.
GodFather also uses ZIP tricks and hides much of its code in a way that defeats static analysis. It requests accessibility permissions and then silently grants itself more access, making the attack smooth and hard to detect.
“Mobile attackers are moving beyond simple overlays; virtualization gives them unrestricted, live access inside trusted apps,” said Fernando Ortega, Senior Security Researcher, Zimperium zLabs.
“Enterprises need on-device, behavior-based detection and runtime app protection to stay ahead of this shift toward a mobile-first attack strategy.”
Zimperium’s analysis shows that this version of GodFather is focused on Turkish banks, but the campaign targets almost 500 apps globally. These include financial services, cryptocurrency platforms, e-commerce, and messaging apps.
The malware checks for specific apps on the device, clones them into the virtual space, and uses the cloned version to collect data and track user behavior.
It can also steal device lock screen credentials using fake overlays that look like system prompts.
Attackers can control the infected phone remotely using a set of commands. These can perform swipes, open apps, change brightness, and simulate user actions.
How to stay safe
Avoid installing apps from unknown sources - always use official stores like Google Play.
Check app permissions carefully. If an app asks for accessibility access or screen overlay permissions without a clear reason, uninstall it immediately.
A threat actor has used a patched vulnerability in SonicWall software
The group is tracked as UNC6148
This allowed UNC6148 to potentially steal credentials and deploy ransomware
A financially motivated threat actor, tracked by Google’s Threat Intelligence Group as UNC6148, has been observed targeting patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances.
These attacks, Google determines with ‘high confidence’, are using credentials and one-time passwords (OTP) seeds that were obtained through previous instructions, which has allowed them to re-access even after organizations have updated their security.
A zero-day remote code execution vulnerability, Google says with ‘moderate confidence’, was used to deploy OVERSTEP on the targeted SonicWall SMA appliances. The threat intelligence group also “assesses with moderate confidence that UNC6148's operations, dating back to at least October 2024, may be to enable data theft and extortion operations, and possibly ransomware deployment.”
UNC6148
The previously unknown persistent backdoor/user-mode rootkit, OVERSTEP, was deployed by the actor. This malware modifies the appliance’s boot process to allow persistent access, steal sensitive credentials, and then hide its own components;
“An organization targeted by UNC6148 in May 2025 was posted to the "World Leaks" data leak site (DLS) in June 2025, and UNC6148 activity overlaps with publicly reported SonicWall exploitation from late 2023 and early 2024 that has been publicly linked to the deployment of Abyss-branded ransomware (tracked by GTIG as VSOCIETY),” Google continued.
Earlier in 2025, SonicWall firewalls were hit by a worrying cyberattack, in which a vulnerability was leveraged by threat actors to gain access to target endpoints, interfere with the VPN, and further disrupt the target further.
These attacks highlight the importance of updating software as soon as patches become available. Organizations which fail to keep on top of system updates can be left vulnerable to known-exploits. If it’s too daunting of a task, take a look at our choices for the best patch management software for a helping hand.
It’s hard to overestimate just how incredible the Samsung Galaxy Z Fold 7 is in the glass and metal. It’s not your average folding phone, and the in-hand wow factor far outweighs that of most flagship phones over the past few years, including many of the best folding phones.
Over the past week, I’ve shown Samsung’s new folding phone to several people, and the response has been nearly uniform: 'wow, that’s light'. Then I ask them to unfold it, and the response is even more surprising.
The Galaxy Z Fold 7 nails this on the head, and most people are incredibly surprised when they first unfold it. I’ve used every major Samsung Galaxy flagship launched since the first Galaxy S-series handset in 2010, and this is why the Galaxy Z Fold 7 is one of Samsung’s best phones.
Three design changes make all the difference
(Image credit: Lance Ulanoff / Future)
Samsung is widely credited with launching the foldable phone market, at least in most global markets; however, sales of folding phones have somewhat stagnated as they faced a series of challenges that needed to be overcome.
The biggest of these was the size, and despite Samsung making its folding phones thinner and lighter each year, even the Galaxy Z Fold 6 was considerably thicker, bulkier, and heavier than Samsung’s non-folding phones.
(Image credit: Lance Ulanoff / Future)
The Galaxy Z Fold 7 immediately rectifies this: it’s 4.2mm thick when unfolded, which allows it to be 8.9mm thick when folded. That’s 0.7mm thicker than the Galaxy S25 Ultra, yet the Galaxy Z Fold 7 feels better, as it’s 3.8mm narrower and three grams lighter. It’s the sleekest Samsung phone ever made, and the nicest folding phone I’ve ever felt in the hand.
One of the biggest challenges for previous Samsung folding phones was the narrow front screen, but the Galaxy Z Fold 7 cover display feels very similar to the regular Galaxy S25. It’s significantly better than the Fold 6, and it makes the Fold 7 feel just like a normal phone that unfolds into a tablet.
And create a genuine wow factor
(Image credit: Lance Ulanoff / Future)
All of this combines to create something that feels magical. I’ve long wondered what it would take to persuade smartphone users to upgrade to a folding phone, and the Galaxy Z Fold 7 could be the device that finally prompts people to make the switch. It packs a ton of wow factor, and unlike its chief rivals, it’ll be widely available globally.
Rivals like the Oppo Find N5 and Honor Magic V5 have a limited release, and although the latter is expected to launch globally in the coming months, it will still have fewer carrier and retail partnerships than the Galaxy Z Fold 7. This is a crucial fact, as it adds even more credence to the significant differences between the Galaxy Z Fold 7 and the Galaxy Z Fold 6; thankfully, Samsung has this covered.
Smartphones don’t change that often, and most years, we suggest that it’s not worth upgrading from the most recent previous generation. This year, the Galaxy Z Fold 7 feels like a completely new phone that I think every phone user — folding or otherwise — should consider switching to. I don’t think we’ve seen Samsung achieve this level of wow factor in years.
All the right big numbers
(Image credit: Lance Ulanoff / Future)
During the early part of my career, I spent almost a decade working for carriers in the UK, and one thing is clear: big numbers sell, or specifically, the right big numbers.
The Galaxy Z Fold 7 doesn’t have the absolute best specs on a folding phone, but it has enough large numbers to persuade customers to buy it. Between advertising, Samsung’s other marketing efforts, and word of mouth, it’s arguably inevitable that many non-folding phone users will want to experience the Galaxy Z Fold 7 at least once.
Galaxy Z Fold 7 front screen (left) vs Galaxy S25 Ultra (right)(Image credit: Lance Ulanoff / Future)
When they do, they’ll likely ask about the key numbers involved, and the Galaxy Z Fold 7 hits most of these, even though it lags behind the competition in many areas. A triple camera with a headline 200-megapixel sensor — that’s ostensibly the same as the one found in the lauded Galaxy S25 Ultra — will get any customer’s attention. The camera is better than I expected, and should prove to be good enough for most people, as long as they don’t want to capture photos at long focal lengths.
The 4,400mAh battery and 25W charging aren’t world-beating — in fact, they’re lower than all the key rivals — but sound big enough for someone switching from a Galaxy S25 Plus or iPhone 16 Pro. In actual practice, it’s a full day of usage with very little to spare, but considering most people sit at a desk, or plug in to charge while in the car, I think it’ll be passable, but barely.
Z Fold 7 thickness (left) vs the Galaxy Z Fold 6 (right)(Image credit: Lance Ulanoff / Future)
Even the chip hits the right note, albeit with one big caveat. It’s the same Snapdragon 8 Elite for Galaxy chipset used in Samsung’s other flagship phones this year, at least on paper. In actual practice, the silicon feels throttled compared to Samsung’s other flagships, and performs similarly to the also ultra-thin Galaxy S25 Edge.
There will undoubtedly be doubts about the longevity of the Galaxy Z Fold 7's battery, which is understandable, but I suspect that the design and wow factor are special enough for customers to accept certain shortcomings. It doesn’t have the best battery life, but I’ve found that it’s sufficient for most people, even if it falls short of rival folding phones.
The ultra-thin foldable we’ve been waiting for
(Image credit: Lance Ulanoff / Future)
The Galaxy Z Fold 7 is an engineering marvel simply for how fantastic it feels. When I first held it at a Galaxy Unpacked preview event, I was blown away by how thin, light, and sleek it felt. I had my reservations, but I’ve wondered if my initial reaction was reflective of an average user or someone who has a passion for folding phones.
To answer this, I’ve shown the Galaxy Z Fold 7 to many different people, and it’s reaffirmed what I thought at first: this is one of the most special folding phones ever made — a case in point is my mother. She won’t consider the Galaxy S25 Ultra because it’s too big, but she wants a great camera. She uses a Galaxy S22 Plus and refuses to switch to an iPhone.
(Image credit: Lance Ulanoff / Future)
I showed my mother the Galaxy Z Fold 7 and she was floored by its design. She’s so impressed that she’s heavily considering buying it. This was the biggest surprise, as I had shown her other folding phones — like the Find N5 and the Magic V3 — and this was the first folding phone she was willing to consider.
If it can appeal to someone resistant to technology change, like my mother, the Galaxy Z Fold 7 will surely appeal to the masses more than any other folding phone before it. Could this finally be the folding phone industry’s iPhone moment, or will that need to wait for next year’s rumored iPhone Fold or this year's rumored Samsung tri-fold? Either way, the Galaxy Z Fold 7 is shaping up to be the best foldable yet.
Only 2% of enterprises are highly ready for AI, report claims
Fewer than one-third have deployed AI firewalls to date
Another one in three could do with diversifying their AI models
Although more and more applications are getting AI overhauls, new F5 research had claimed only 2% of enterprises are highly ready for AI.
More than one in five (21%) fall into the low-readiness category, and while three-quarters (77%) are considered moderately ready, they continue to face security and governance hurdles.
This comes as one in four applications use AI, with many organizations splitting their AI usage across multiple models including paid models like GPT-4 and open-source models like Llama, Mistral and Gemma.
Enterprises aren't benefitting from the AI they have access to
Although 71% of the State of AI Application Strategy Report respondents said they use AI to enhance security, F5 highlighted ongoing challenges with security and governance. Fewer than one in three (31%) have deployed AI firewalls, and only 24% perform continuous data labelling, potentially increasing risks.
Looking ahead, one in two (47%) say they plan on deploying AI firewalls in the next year. F5 also recommends that enterprises diversify AI models across paid and open-source opens, scale AI usage to operations, analytics and security, and deploy AI-specific protections like firewalls and data governance strategies.
At the moment, it's estimated that two-thirds (65%) use two or more paid models and at least one open-source model, demonstrating considerable room for improvement.
"As AI becomes core to business strategy, readiness requires more than experimentation—it demands security, scalability, and alignment," F5 CPO and CMO John Maddison explained.
The report highlights how enterprises that lack of maturity can stifle growth, introduce operational bottlenecks and present compliance challenges.
"AI is already transforming security operations, but without mature governance and purpose-built protections, enterprises risk amplifying threats," Maddison added.
Save some money by knowing the best time to use electricity. Here's what you need to know about peak, and off-peak usage, and how to time your electricity usage to lower your bills.
The ONE Monitor eliminates clutter, but also eliminates most of what makes a monitor flexible
A sleek, zero-clutter display that’s perfect for minimalist desks and clean, modern workspaces
No HDMI, no buttons, no fallback - just hope your laptop supports the right USB-C mode
The ONE Monitor presents itself as a sleek, sustainable response to modern display needs - but while its aesthetic and environmentally conscious features are drawing praise, a closer look raises important questions, especially around how it’s being positioned.
At first glance, the ONE Monitor stands out for its minimalist industrial form and lightweight build, but its real departure from convention lies in how it functions.
This device ditches the usual circuit boards and power bricks, relying entirely on a single USB-C connection to draw both power and display signal from a connected device.
Stripping down for sustainability
This reduction in components allows the display to enter a zero-consumption state when idle, an appealing trait in a world grappling with energy efficiency.
However, if your laptop lacks USB-C PD and DisplayPort Alt Mode support, this monitor won’t function at all.
More than 90% of its construction comes from recyclable materials, and its production process favors lower-impact methods.
These sustainability claims are commendable, especially in a product category where e-waste and power draw remain major concerns.
Yet, the design choices behind this display aren’t merely about the environment, they reflect a specific vision for how monitors will be used in shared and possibly transient workspaces.
Although lightweight and cable-efficient, this device isn't a portable monitor and appears to be a full-sized desktop monitor with a solid stand, which is designed for stationary use on a desk.
The minimalist aesthetic and build of this device seem to be optimized for a clean office environment, not mobility.
Unlike conventional displays, there are no onboard settings, no HDMI fallback, and no real way to customize performance.
The ONE Monitor clearly isn’t chasing feature parity, it carves out a niche where minimal energy use and clean design outweigh technical flexibility.
For programmers and minimalists alike, this might be a compelling monitor for programming setups, especially in shared workspaces where plug-and-play simplicity is a benefit.
But even then, expectations should be managed because this is not a high-refresh, color-accurate tool aimed at developers working in GPU-heavy environments or doing visual work on the side.
That said, while the ONE Monitor does achieve a rare fusion of design purity and eco-consciousness, its minimalist philosophy brings trade-offs.
MaxSun’s Mini Station fuses dual GPUs and mobile silicon into a compact desktop unit
With 48GB of VRAM, it’s clearly built for demanding creative and AI inference tasks
Dual Thunderbolt 5 ports and SlimSAS slots push bandwidth to a theoretical 192Gbps
MaxSun has introduced what it claims is the industry's first compact workstation built around Intel’s Core Ultra 9 285HX processor, a chip based on the Arrow Lake-HX architecture.
The MaxSun Mini Station is a compact system intended for professionals handling AI inference, model deployment, or resource-heavy creative work.
The system includes two Arc Pro B60 GPUs from MaxSun, specifically the Milestone 24G model, each equipped with 24GB of video memory - together, they provide a total of 48GB VRAM, designed to support demanding workloads like large language model interactions and long-context scenarios such as Qwen3-32B.
Dual Arc GPUs push VRAM to 48GB
There are some questions over its practical compatibility and whether such GPU arrangements can scale efficiently across different software stacks, especially those outside of AI labs.
On the CPU front, MaxSun opted for the Core Ultra 9 285HX, a 24-core processor with 8 performance cores and 16 efficient cores.
This mobile-class chip, recontextualized for desktop through the MoDT (Mobile on Desktop) strategy, forms the foundation of the Mini Station.
The processor is not removable or upgradable, which imposes a fixed ceiling on long-term flexibility.
Although the hardware choice makes sense from a manufacturing standpoint, it may raise doubts for buyers.
In terms of connectivity, the Mini Station supports one M.2 PCIe 5.0 x4, two M.2 PCIe 4.0 x4, and two SlimSAS SFF-8654 4i PCIe 4.0 x4 interfaces - combined with dual Thunderbolt 5 and dual Thunderbolt 4 ports, the system delivers a theoretical throughput of 192Gbps.
These specs suggest real potential for external GPU setups or ultra-fast local storage, important factors for those looking for the best PC for video editing or complex simulations.
The MaxSun GPUs incorporate dual fans, composite heat pipes, and a metal backplate, which should ensure thermal stability.
However, this does not eliminate concerns over performance throttling in such a compact case.
