A critical vulnerability has been discovered in the Windows Desktop Window Manager (DWM) that could allow attackers to escalate privileges to system level. The flaw, tracked as CVE-2025-55681, resides in the dwmcore.dll component and was disclosed during the TyphoonPWN Windows security competition, where…
Category: EN
ForumTrol Operation Uses Chrome Zero-Day in Fresh Phishing Attacks
The ForumTroll APT group has resurfaced with a sophisticated phishing campaign targeting Russian academics, marking a significant escalation in their ongoing operations against entities in Russia and Belarus. While the group initially gained notoriety for exploiting CVE-2025-2783, a zero-day vulnerability…
Kimsuky Hackers Use Weaponized QR Codes to Distribute Malicious Mobile Apps
Threat researchers have uncovered a sophisticated mobile malware campaign attributed to North Korea-linked threat actor Kimsuky, leveraging weaponized QR codes and fraudulent delivery service impersonations to trick users into installing remote access trojans on their smartphones. The ENKI WhiteHat Threat…
Operation ForumTrol Known for Exploiting Chrome 0-Day Attacking Users With New Phishing Campaign
Operation ForumTrol, an advanced persistent threat group, has launched a new targeted phishing campaign against Russian political scientists and researchers. This sophisticated operation continues the group’s pattern of cyberattacks that began in March 2025 with the exploitation of CVE-2025-2783, a…
Cisco email security appliances rooted and backdoored via still unpatched zero-day
A suspected Chinese-nexus threat group has been compromising Cisco email security devices and planting backdoors and log-purging tools on them since at least late November 2025, Cisco Talos researchers have shared. “Our analysis indicates that appliances with non-standard configurations (…)…
Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks
A new distributed denial-of-service (DDoS) botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, and may be associated with another botnet known as AISURU, according…
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances
SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-40602 (CVSS score: 6.6), concerns a case of…
Cisco says Chinese hackers are exploiting its customers with a new zero-day
Cisco said it discovered a Chinese hacking campaign targeting its customers by exploiting a zero-day in some of the company’s most popular products. This article has been indexed from Security News | TechCrunch Read the original article: Cisco says Chinese…
Askul Discloses Scope of Customer Data Theft Following October Ransomware Incident
Japanese e-commerce firm Askul Corporation has officially confirmed that a ransomware attack earlier this year led to the unauthorized access and theft of data belonging to nearly 740,000 individuals. The company made the disclosure after completing a detailed investigation…
14 Malicious NuGet Packages Found Stealing Crypto Wallets and Ad Data
ReversingLabs discovers 14 malicious NuGet packages, including Netherеum.All, using homoglyphs and fake downloads to steal crypto wallets and Google Ads data. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article:…
Moonwalk++ Bypasses EDR by Spoofing Windows Call Stacks
A new Moonwalk++ proof-of-concept (PoC) shows how malware can spoof Windows call stacks while staying encrypted in memory, bypassing modern EDR detection. The research highlights blind spots in stack-based telemetry increasingly relied on by enterprise defenders. “Public detection tools fail…
Border Patrol Bets on Small Drones to Expand US Surveillance Reach
Federal records show CBP is moving from testing small drones to making them standard surveillance tools, expanding a network that can follow activity in real time and extend well beyond the border. This article has been indexed from Security Latest…
5 SOC Analyst Tips for Super-Fast Triage
Every extra minute spent guessing during triage puts your SOC at risk. When it’s unclear what a file does, whether it’s malicious, or how urgent it is, real threats slip through while time is wasted on noise. Fast triage depends on removing uncertainty early,…
Access Fabric: A modern approach to identity and network access
An Access Fabric is a unified access security solution that continuously decides who can access what, from where, and under what conditions—in real time. The post Access Fabric: A modern approach to identity and network access appeared first on Microsoft…
Peak Season Isn’t a Season. It’s the World You Operate In.
Peak season isn’t seasonal anymore. Learn why modern surges stem from security risks, not traffic, and how Akamai keeps businesses resilient every day. This article has been indexed from Blog Read the original article: Peak Season Isn’t a Season. It’s…
Maybe a Little Bit More Interesting React2Shell Exploit, (Wed, Dec 17th)
I have already talked about various React2Shell exploit attempts we have observed in the last weeks. But new varieties of the exploit are popping up, and the most recent one is using this particular version of the exploit: This article…
GhostPoster Malware Hit 50K Users via Firefox Extension Icons
The GhostPoster campaign hid malware inside Firefox extension icons, infecting tens of thousands of users through trusted add-ons. The post GhostPoster Malware Hit 50K Users via Firefox Extension Icons appeared first on eSecurity Planet. This article has been indexed from…
New deepfake training from KnowBe4 – see it in action!
KnowBe4, the world-renowned platform that comprehensively addresses human and agentic AI risk management, has announced a new custom deepfake training experience to defend against advanced cybersecurity threats from deepfakes such as fraudulent video conferences and AI-generated phishing attacks. Deepfakes…
Microsoft Desktop Windows Manager Out-Of-Bounds Vulnerability Let Attackers Escalate Privileges
Microsoft has confirmed a critical out-of-bounds vulnerability in the Desktop Window Manager (DWM) that allows local attackers to escalate privileges to SYSTEM on affected Windows systems. The vulnerability, identified as CVE-2025-55681, resides in the dwmcore.dll component and impacts Windows 10, Windows…
Hackers Could Take Control of Car Dashboard by Hacking Its Modem
Modern vehicles are increasingly defined by their connectivity, transforming them into sophisticated IoT devices on wheels. While this digital evolution enhances the driving experience, it introduces severe security risks. A hypothetical scenario where a car dashboard is remotely hijacked to…