Category: Cyber Security News

A critical supply chain vulnerability dubbed “GerriScary” (CVE-2025-1568) that could have allowed attackers to inject malicious code into at least 18 major Google projects, including ChromiumOS, Chromium, Dart, and Bazel. The vulnerability uncovered by Tenable security researcher Liv Matan exploits…

Read more →

Critical security vulnerabilities have been discovered in Veeam’s backup software solutions that could allow attackers to execute malicious code remotely on backup servers, posing significant risks to enterprise data protection systems. The vulnerabilities, assigned CVE numbers 2025-23121, 2025-24286, and 2025-24287,…

Read more →

Security Operations Center (SOC) teams are now facing an increasingly complex challenge: identifying and responding to security incidents before they can cause significant damage. The key to effective incident response is not just detecting threats quickly. It is understanding the…

Read more →

Microsoft has announced a significant security update that could disrupt data workflows for organizations heavily reliant on Excel’s Power Query functionality. The Microsoft Entra Conditional Access Token Protection feature, currently in Public Preview, introduces enhanced security measures that may prevent…

Read more →

Two critical security vulnerabilities have been discovered in NetScaler ADC and NetScaler Gateway products, formerly known as Citrix ADC and Gateway, potentially allowing attackers to access sensitive data and compromise network security. Cloud Software Group, the company behind these networking…

Read more →

A major security breach at email hosting provider Cock[.]li has compromised personal data from over one million users, the company announced in an official statement. The incident specifically targeted the service’s Roundcube webmail platform, affecting approximately 1,023,800 users who had…

Read more →

Meta has announced a significant expansion of WhatsApp’s monetization strategy with the introduction of advertising capabilities within the platform’s Updates tab.  The company is implementing three key features: channel subscriptions, promoted channels, and status advertisements, targeting the 1.5 billion daily…

Read more →

Critical vulnerabilities in Sitecore Experience Platform, one of the most widely deployed enterprise content management systems, potentially expose over 22,000 instances worldwide to complete system compromise.  The vulnerabilities, discovered by watchTowr researchers, allow attackers to gain full control of Sitecore…

Read more →

European organizations are facing a sophisticated cyber threat as the Sorillus Remote Access Trojan (RAT) emerges as a prominent weapon in a multi-language phishing campaign targeting businesses across Spain, Portugal, Italy, France, Belgium, and the Netherlands. The malware, which has…

Read more →

A high-severity remote code execution vulnerability has been identified in BeyondTrust’s Remote Support and Privileged Remote Access platforms, potentially allowing attackers to execute arbitrary code on affected systems.  The vulnerability, tracked as CVE-2025-5309, carries a CVSSv4 score of 8.6 and…

Read more →

Cybersecurity researchers have identified sophisticated new variants of Chaos RAT, a remote administration tool that has evolved from an open-source project into a formidable cross-platform malware threat targeting both Windows and Linux systems. Originally documented in 2022, this malware has…

Read more →

A critical authorization bypass vulnerability in ASUS Armoury Crate enables attackers to gain system-level privileges on Windows machines through a sophisticated hard link manipulation technique.  The vulnerability, tracked as CVE-2025-3464 with a CVSS score of 8.8, affects the popular gaming…

Read more →

A sophisticated evolution of the KimJongRAT malware family has emerged, demonstrating advanced techniques for credential theft and system compromise through weaponized Windows shortcut files and PowerShell-based payloads. This latest campaign represents a significant advancement from previous variants, incorporating both Portable…

Read more →

A sophisticated attack campaign exploiting a Google Chrome zero-day vulnerability tracked as CVE-2025-2783, marking yet another instance of advanced persistent threat (APT) groups leveraging previously unknown security flaws to compromise high-value targets.  The vulnerability, which enables sandbox escape capabilities, has…

Read more →

Two critical vulnerabilities in sslh, a popular protocol demultiplexer that allows multiple services to share the same network port.  The flaws tracked as CVE-2025-46807 and CVE-2025-46806 could be exploited remotely to trigger denial-of-service (DoS) attacks.  The vulnerabilities affect sslh versions prior…

Read more →

North Korean state-sponsored advanced persistent threat (APT) groups Kimsuky and Konni have emerged as the most prolific cyber threat actors targeting East Asian nations, according to the latest threat intelligence findings. In April 2025, these groups orchestrated the highest number…

Read more →

A newly identified malware campaign orchestrated by the notorious Kimsuky group has been leveraging password-protected research documents to infiltrate academic networks and compromise sensitive systems. This sophisticated attack represents a significant evolution in social engineering tactics, exploiting the academic community’s…

Read more →

Security researchers have uncovered a sophisticated malware campaign utilizing heavily obfuscated Visual Basic Script (VBS) files to deploy multiple types of remote access trojans (RATs). The campaign, discovered in June 2025, involves a cluster of 16 open directories containing obfuscated…

Read more →

A sophisticated fileless malware campaign targeting German-speaking users has emerged, employing deceptive verification prompts to distribute AsyncRAT through the increasingly popular Clickfix technique. The malware masquerades as a legitimate “I’m not a robot” CAPTCHA verification, tricking victims into executing malicious…

Read more →

A sophisticated cyber espionage campaign attributed to the XDSpy threat actor has recently been discovered exploiting a zero-day vulnerability in Windows shortcut files. This threat actor, which has operated largely undetected from 2011 until its initial discovery in 2020, has…

Read more →

A significant spike was observed in exploitation attempts targeting CVE-2023-28771, a critical remote code execution vulnerability affecting Zyxel Internet Key Exchange (IKE) packet decoders.  The coordinated attack campaign, observed on June 16, 2025, represents a concentrated burst of malicious activity…

Read more →

Android users face a sophisticated security threat as malicious actors increasingly leverage legitimate system features to gain unauthorized access to devices. A concerning trend has emerged where attackers exploit Original Equipment Manufacturer (OEM) permissions to perform privilege escalation attacks, creating…

Read more →

CISA has added a critical iOS zero-click vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw has been actively exploited by sophisticated mercenary spyware in targeted attacks against journalists.  The vulnerability, tracked as CVE-2025-43200, affects multiple Apple…

Read more →

A malicious loan application masquerading as a legitimate financial service has infected over 150,000 iOS and Android devices before being removed from official app stores. The app, identified as “RapiPlata,” achieved a Top 20 ranking in the finance category on…

Read more →

A sophisticated threat actor known as Water Curse has exploited the inherent trust in open-source software by weaponizing at least 76 GitHub accounts to distribute malicious repositories containing multistage malware. The campaign represents a significant supply chain risk, targeting cybersecurity…

Read more →

Cybersecurity researchers have uncovered a sophisticated malware campaign that exploits Windows’ built-in Run prompt to deliver DeerStealer, a powerful information stealer designed to harvest cryptocurrency wallets, browser credentials, and sensitive personal data. The malicious operation represents a concerning evolution in…

Read more →

Multiple critical security vulnerabilities affecting Apache Tomcat web servers, including two high-severity flaws enabling denial-of-service (DoS) attacks and one moderate-severity vulnerability allowing authentication bypass.  These vulnerabilities, identified as CVE-2025-48976, CVE-2025-48988, CVE-2025-49124, and CVE-2025-49125, impact millions of web applications worldwide running…

Read more →

Security researchers have uncovered an active cyberattack campaign targeting Langflow servers through CVE-2025-3248, a critical remote code execution vulnerability that allows threat actors to deploy the sophisticated Flodrix botnet malware. The attacks demonstrate how cybercriminals are rapidly weaponizing newly disclosed…

Read more →

Microsoft experienced a significant service disruption affecting multiple Microsoft 365 services, including Teams and Exchange Online, impacting users globally whose requests were routed through the affected infrastructure. The company has confirmed that all services have now recovered following swift mitigative…

Read more →

The Gunra ransomware group escalated its attack on American Hospital Dubai (AHD), a premier healthcare facility in Dubai, UAE, by releasing new evidence of a major cyberattack. The group claims to have leaked 40 terabytes of sensitive data, including personal…

Read more →

The Washington Post is conducting a comprehensive investigation into a sophisticated cyberattack that compromised the email accounts of multiple journalists, with security experts and federal authorities examining evidence that suggests the involvement of a foreign government. The intrusion, discovered late…

Read more →

The Washington Post is conducting a comprehensive investigation into a sophisticated cyberattack that compromised the email accounts of multiple journalists, with security experts and federal authorities examining evidence that suggests the involvement of a foreign government. The intrusion, discovered late…

Read more →

Enterprise users of classic Microsoft Outlook are experiencing application crashes when attempting to create or open new emails, according to a technical advisory released by Microsoft today. The issue, which primarily affects virtual desktop infrastructure (VDI) environments, has been escalated…

Read more →

International law enforcement agencies have successfully dismantled one of the world’s largest darknet marketplaces, “Archetyp Market,” in a coordinated operation that resulted in multiple arrests across Europe and the seizure of millions in criminal assets.  The operation, led by German…

Read more →

A former GCHQ intern has been sentenced to seven-and-a-half years in prison after copying top secret data files onto his mobile phone and taking them to his home computer, creating what prosecutors described as a significant risk to national security.…

Read more →

A sophisticated new information-stealing malware known as Katz Stealer has emerged in 2025, demonstrating advanced credential theft capabilities combined with innovative persistence mechanisms that target popular applications like Discord. The malware-as-a-service (MaaS) platform represents a significant evolution in cybercriminal toolkits,…

Read more →

Microsoft has announced a significant enhancement to its data protection capabilities with the introduction of a new Data Loss Prevention (DLP) feature that will prevent Microsoft 365 Copilot from processing emails containing sensitivity labels.  This development represents a crucial step…

Read more →

Car-sharing giant Zoomcar Holdings, Inc. has disclosed a significant cybersecurity incident that compromised sensitive personal information of approximately 8.4 million users.  The breach, discovered on June 9, 2025, represents one of the largest data exposures in the mobility sector, highlighting…

Read more →

Your passwords are more than just logins – they’re the gateway to your identity, finances, work, and private life. But here’s the truth: storing them in a password manager is no longer enough. Why?  Because traditional password managers protect credentials…

Read more →

In a sophisticated cybersecurity incident discovered on June 16, 2025, security researchers identified a malicious payload cleverly hidden within a JPEG image using a combination of steganography and modified Base64 encoding techniques. The malware, embedded after the file’s End Of…

Read more →

A critical vulnerability affecting over 46,000 publicly accessible Grafana instances worldwide, with 36% of all public-facing deployments vulnerable to complete account takeover attacks.  The newly discovered flaw, designated CVE-2025-4123 and dubbed “The Grafana Ghost,” represents a significant threat to organizations…

Read more →

A sophisticated phishing operation involving more than 20 malicious applications distributed through the Google Play Store, specifically designed to steal cryptocurrency wallet credentials from unsuspecting users.  The discovery, made by Cyble Research and Intelligence Labs (CRIL), reveals a coordinated campaign…

Read more →

A sophisticated malware campaign has emerged targeting the Python Package Index (PyPI) repository, with cybercriminals deploying weaponized packages designed to steal sensitive cloud infrastructure credentials and corporate data. The malicious package, identified as “chimera-sandbox-extensions,” represents a new breed of supply…

Read more →

A novel method has emerged that demonstrates how digital images can be seamlessly embedded within DNS TXT records, effectively transforming domain name infrastructure into an unconventional image storage system.  This innovative technique, dubbed “dnsimg,” represents a novel approach to data…

Read more →

North Korean advanced persistent threat (APT) groups have launched a sophisticated cyber campaign against Ukrainian government agencies, marking a significant departure from their traditional targeting patterns. This shift in focus represents a potentially strategic alignment with Russian interests, as North…

Read more →

A sophisticated cybercrime campaign has emerged targeting holiday travelers through meticulously crafted fake travel booking websites designed to mimic legitimate platforms like Booking.com. The operation, which gained significant momentum in the first quarter of 2025, represents an alarming evolution in…

Read more →

Cybercriminals have developed a sophisticated attack campaign that exploits Discord’s invite system to distribute dangerous malware, including AsyncRAT remote access trojans and cryptocurrency-stealing software. The campaign leverages expired Discord invite codes and social engineering tactics to redirect unsuspecting users to…

Read more →

A novel method has emerged that demonstrates how digital images can be seamlessly embedded within DNS TXT records, effectively transforming domain name infrastructure into an unconventional image storage system.  This innovative technique, dubbed “dnsimg,” represents a novel approach to data…

Read more →

Google Cloud experienced one of its most significant outages in recent history on June 12, 2025, when a critical failure in its API management system brought down dozens of services worldwide for up to seven hours.  The incident affected millions…

Read more →

A new ransomware-as-a-service operation has emerged in the cyberthreat landscape, introducing a devastating capability that sets it apart from conventional ransomware families. Anubis ransomware combines traditional file encryption with a destructive “wipe mode” feature that permanently erases file contents, making…

Read more →

A critical security vulnerability in IBM Backup, Recovery, and Media Services for the i platform that could allow attackers to gain elevated privileges and execute malicious code with component-level access to the host operating system.  The vulnerability, tracked as CVE-2025-33108,…

Read more →

Cybersecurity researchers have uncovered a sophisticated campaign by the GrayAlpha threat actor group that leverages fake browser update pages to deploy advanced malware, including a newly identified custom PowerShell loader dubbed PowerNet. The operation, which has been active since at…

Read more →

A significant security vulnerability has been discovered in KIA vehicles sold in Ecuador, potentially affecting thousands of cars and exposing them to sophisticated theft techniques. Independent hardware security researcher Danilo Erazo has identified that KIA-branded aftermarket keyless entry systems used…

Read more →

The cybersecurity world witnessed an unprecedented breach on May 7, 2025 when an anonymous threat actor known as “xoxo from Prague” successfully infiltrated LockBit’s administrative panel, replacing their Tor website with the message “Don’t do crime CRIME IS BAD xoxo…

Read more →

Cybersecurity researchers have achieved a significant breakthrough in automated vulnerability detection by successfully leveraging Claude AI to identify zero-day exploits in .NET assemblies. This innovative approach combines artificial intelligence with reverse engineering techniques to discover previously unknown security flaws in…

Read more →

A sophisticated cybercriminal enterprise known as VexTrio has orchestrated one of the most extensive WordPress compromise campaigns ever documented, hijacking hundreds of thousands of websites globally to operate massive traffic distribution systems (TDS) that funnel victims into elaborate scam networks.…

Read more →

A security researcher has published a detailed analysis demonstrating how Kernel Address Space Layout Randomization (KASLR) protections can be circumvented on Windows 11 24H2 systems through exploitation of an HVCI-compatible driver with physical memory access capabilities. The research, published by…

Read more →

The National Institute of Standards and Technology (NIST) has published a new resource to aid organizations in implementing zero trust architectures (ZTAs), a cybersecurity approach that assumes no user or device is inherently trustworthy. The guidance, titled Implementing a Zero…

Read more →

Tenable, a prominent cybersecurity provider, has released version 10.8.5 of its Agent software to address three critical security vulnerabilities affecting Windows hosts running versions prior to 10.8.5. These flaws, identified as CVE-2025-36631, CVE-2025-36632, and CVE-2025-36633, could allow non-administrative users to…

Read more →

A sophisticated new variant of the AMOS macOS stealer has emerged, demonstrating unprecedented levels of technical sophistication in its distribution and obfuscation methods. The malware leverages GitHub repositories as distribution platforms, exploiting the platform’s legitimacy to bypass security measures and…

Read more →

The cryptocurrency and blockchain development ecosystem is facing an unprecedented surge in sophisticated malware campaigns targeting the open source supply chain. Over the past year, threat actors have significantly escalated their attacks against Web3 developers by publishing malicious packages to…

Read more →

Cross-strait tensions have escalated into a new domain as China and Taiwan engage in unprecedented mutual accusations of cyberwarfare targeting critical infrastructure systems. The diplomatic dispute has intensified following Taiwan President Lai Ching-te’s first year in office, during which both…

Read more →

The penetration testing community has received a significant upgrade with the release of Kali Linux 2025.2, marking another milestone in the evolution of this essential cybersecurity platform. This latest version introduces groundbreaking smartwatch capabilities, a completely redesigned menu system, and…

Read more →

Microsoft 365 users across Asia Pacific, Europe, the Middle East, and Africa are experiencing significant authentication disruptions that are preventing administrators from adding multifactor authentication (MFA) sign-in methods to user accounts. The service degradation, which began affecting users on Friday,…

Read more →

Despite sustained international pressure, sanctions, and public exposures over the past two years, the sophisticated Predator mobile spyware has demonstrated remarkable resilience, continuing to evolve and adapt its infrastructure to evade detection while maintaining operations across multiple continents. The mercenary…

Read more →

Cybersecurity researchers have identified a sophisticated new phishing campaign that exploits GitHub’s OAuth2 device authorization flow to compromise developer accounts and steal authentication tokens. This emerging threat represents a significant evolution in social engineering tactics, leveraging legitimate GitHub functionality to…

Read more →

A severe security vulnerability has been discovered in the Acer Control Center software, which could allow attackers to execute arbitrary code with system-level privileges.  The vulnerability, identified in the ACCSvc.exe process, involves misconfigured Windows Named Pipe permissions that enable unauthenticated…

Read more →

A sophisticated new attack method called “SmartAttack” that can breach supposedly secure air-gapped computer systems using smartwatches as covert data receivers.  The groundbreaking research demonstrates how attackers can exploit ultrasonic frequencies to exfiltrate sensitive information from isolated networks, challenging traditional…

Read more →

A critical spoofing vulnerability in Microsoft Defender for Identity (MDI) allows unauthenticated attackers to escalate privileges and gain unauthorized access to Active Directory environments.  The vulnerability, designated as CVE-2025-26685, exploits the Lateral Movement Paths (LMPs) feature in the MDI sensor,…

Read more →

A proof-of-concept exploit published for CVE-2025-21420, a newly discovered elevation of privilege vulnerability affecting the Windows Disk Cleanup Tool (cleanmgr.exe).  The vulnerability allows attackers to escalate privileges to SYSTEM level by exploiting improper link resolution mechanisms within the SilentCleanup scheduled…

Read more →

A critical vulnerability that allows attackers to bypass AI-powered content moderation systems using minimal text modifications.  The “TokenBreak” attack demonstrates how adding a single character to specific words can fool protective models while preserving the malicious intent for target systems,…

Read more →

A significant security vulnerability in HashiCorp Nomad workload orchestrator that allows attackers to escalate privileges by exploiting the Access Control List (ACL) policy lookup mechanism.  The vulnerability, tracked as CVE-2025-4922, affects both Community and Enterprise editions of Nomad across multiple…

Read more →

The Fog ransomware group has evolved beyond conventional attack methods, deploying an unprecedented arsenal of legitimate pentesting tools in a sophisticated May 2025 campaign targeting a financial institution in Asia. This latest operation marks a significant departure from typical ransomware…

Read more →

Cybersecurity researchers have uncovered a sophisticated ransomware campaign targeting utility billing software providers through unpatched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) systems. The attack represents a concerning evolution in ransomware tactics, where threat actors are leveraging trusted remote…

Read more →

The advanced Graphite mercenary spyware, developed by Paragon, targets journalists through a sophisticated zero-click vulnerability in Apple’s iOS. At least three European journalists have been confirmed as targets, with two cases forensically verified. The spyware exploited a zero-day vulnerability in iOS…

Read more →

A critical zero-day vulnerability in WebDAV implementations that enables remote code execution, with proof-of-concept exploit code now publicly available on GitHub.  The vulnerability, tracked as CVE-2025-33053, has reportedly been actively exploited by advanced persistent threat (APT) groups in targeted campaigns…

Read more →

Cybersecurity researchers have uncovered a sophisticated malware campaign that leveraged an advanced JavaScript obfuscation technique to compromise hundreds of legitimate websites and redirect unsuspecting visitors to malicious content. The campaign, which infected over 269,000 webpages between March and April 2025,…

Read more →

Two of the internet’s most critical infrastructure providers experienced significant service outages yesterday, disrupting millions of users worldwide as both Cloudflare and Google services suffered widespread failures within hours of each other. Cloudflare’s extensive service disruption began at approximately 18:19…

Read more →

The cybersecurity landscape has witnessed the emergence of increasingly sophisticated ransomware operations, with DragonForce standing out as a particularly concerning threat actor that has evolved from politically motivated attacks to large-scale financial extortion campaigns. DragonForce ransomware group launched in 2023…

Read more →

Cybersecurity firm Cloudflare has issued a stark warning about the escalating threat landscape facing independent media organizations worldwide, revealing that journalists and news outlets have become the primary targets of sophisticated distributed denial-of-service (DDoS) attacks. The company’s latest Project Galileo…

Read more →

Cybercriminals have discovered a sophisticated new attack vector that exploits a critical flaw in Discord’s invitation system, allowing them to hijack expired invite links and redirect unsuspecting users to malicious servers hosting advanced malware campaigns. This emerging threat leverages the…

Read more →

A critical command injection vulnerability in Palo Alto Networks PAN-OS operating system enables authenticated administrative users to escalate privileges and execute commands as the root user.  Designated as CVE-2025-4231, this medium-severity vulnerability affects multiple versions of the company’s firewall operating…

Read more →

A critical vulnerability in the widely-used OpenPGP.js library has been discovered that allows attackers to forge digital signatures and deceive users into believing malicious content was legitimately signed by trusted sources. The flaw, designated CVE-2025-47934, represents a fundamental breach of…

Read more →

Cybercriminals have begun exploiting the surge in popularity of DeepSeek-R1, one of the most sought-after large language models currently available, to distribute a sophisticated new malware strain targeting Windows users. The malicious campaign uses the artificial intelligence chatbot’s growing demand…

Read more →

Microsoft is set to launch a significant security enhancement for Outlook users across multiple platforms. Starting April 2025, the company will roll out a new two-click verification feature for encrypted emails, requiring users to confirm their intent to access sensitive…

Read more →

SoftBank Corporation, an investment holding company, disclosed a significant data breach affecting 137,156 mobile subscribers through compromised third-party infrastructure.  The incident, which occurred in December 2024 but was only discovered in March 2025, represents a critical failure in vendor security…

Read more →

A sophisticated new Remote Access Trojan known as CyberEYE has emerged as a significant threat to Windows systems, demonstrating advanced capabilities to completely disable Windows Defender through a combination of PowerShell commands and registry manipulations. This modular, .NET-based malware leverages…

Read more →

Microsoft has resolved a critical bug in Windows Server 2025 that caused Active Directory Domain Controllers to improperly manage network traffic after system restarts, resulting in service disconnections and application failures.  The comprehensive patch, identified as KB5060842, was deployed on…

Read more →

A sophisticated cyber threat campaign leveraging malicious unsubscribe links has emerged as a significant security concern, targeting unsuspecting email users across the globe. This deceptive attack vector exploits users’ natural desire to clean up their inboxes, transforming what appears to…

Read more →

A series of critical security vulnerabilities across GitLab Community Edition (CE) and Enterprise Edition (EE) platforms that could enable attackers to achieve complete account takeover and compromise entire development infrastructures. The company released emergency patch versions 18.0.2, 17.11.4, and 17.10.8…

Read more →

A comprehensive security investigation has revealed critical vulnerabilities in OneLogin’s Active Directory (AD) Connector service that exposed authentication credentials and enabled attackers to impersonate legitimate users across enterprise environments. The vulnerabilities, which affect OneLogin’s widely-used identity and access management platform,…

Read more →

A newly disclosed command injection vulnerability in Palo Alto Networks’ PAN-OS operating system poses significant security risks to enterprise firewall infrastructures worldwide.  The vulnerability, catalogued as CVE-2025-4230, enables authenticated administrators with command-line interface (CLI) access to execute arbitrary commands with…

Read more →

Threat actors are allegedly offering the complete source code of a sophisticated Malware-as-a-Service (MaaS) botnet for sale.  This advanced malicious framework represents a significant escalation in cybercriminal capabilities, leveraging legitimate enterprise-grade technologies and blockchain integration to create a highly resilient…

Read more →

Multiple critical security vulnerabilities in the Trend Micro Apex One enterprise security platform could enable attackers to inject malicious code and escalate privileges on affected systems.  The company released emergency patches on June 9, 2025, to address five distinct vulnerabilities tracked under…

Read more →

A sophisticated account takeover campaign has emerged, exploiting a legitimate penetration testing framework to compromise Microsoft Entra ID environments across hundreds of organizations worldwide. The malicious activity, which began intensifying in December 2024, demonstrates how cybercriminals are increasingly weaponizing security…

Read more →

Cybersecurity researchers have identified a sophisticated new campaign where threat actors are leveraging Windows batch files to deliver the notorious Quasar Remote Access Trojan (RAT). This attack vector represents a concerning evolution in malware distribution tactics, as attackers continue to…

Read more →

A critical zero-day vulnerability affecting Windows systems that allows attackers to achieve privilege escalation through a novel Reflective Kerberos Relay Attack.  The vulnerability, designated CVE-2025-33073, was patched by Microsoft on June 10, 2025, as part of their monthly Patch Tuesday…

Read more →

A significant coordinated attack campaign targeting Apache Tomcat Manager interfaces, with threat actors leveraging approximately 400 unique IP addresses in a concentrated attack that peaked on June 5, 2025.  The attack represents a substantial increase in malicious activity, with observed…

Read more →

A sophisticated new threat platform, Nytheon AI, has emerged, which combines multiple uncensored large language models (LLMs) built specifically for malicious activities. The platform, discovered by Cato CTRL, is being actively promoted on popular hacking forums, including XSS and various…

Read more →

CISA and international cybersecurity partners have released a comprehensive suite of guidance documents aimed at protecting critical network edge devices from increasingly sophisticated cyberattacks.  This coordinated effort, involving cybersecurity authorities from nine countries, including Australia, Canada, the United Kingdom, and…

Read more →