Tag: Cyber Security News

A critical security vulnerability has been discovered in the widely-used JavaScript form-data library, potentially exposing millions of applications to code execution attacks.  The vulnerability, assigned CVE-2025-7783, stems from the library’s use of the predictable Math.random() function to generate boundary values…

Read more →

A significant privacy protection measure with the Brave browser now blocks Microsoft’s controversial Recall feature by default starting in version 1.81 for Windows users.  The decision reflects growing concerns about user privacy and data security, as Microsoft’s Recall system automatically…

Read more →

Microsoft has unveiled a comprehensive suite of AI-powered enhancements for Windows 11, marking a significant leap forward in personal computing experiences.  With nearly 60% of users now employing generative AI for work purposes and 64% for personal projects, Windows 11…

Read more →

A groundbreaking cybersecurity threat has emerged as researchers document the first confirmed case of malware exploiting Microsoft’s User Interface Automation (UIA) framework in active attacks. The Coyote banking trojan, initially discovered in February 2024, has evolved to incorporate this sophisticated…

Read more →

CISA has issued an urgent alert regarding active exploitation of critical Microsoft SharePoint vulnerabilities by suspected Chinese threat actors.  The attack campaign, dubbed “ToolShell,” leverages a vulnerability chain involving CVE-2025-49706 (network spoofing) and CVE-2025-49704 (remote code execution) to gain unauthorized…

Read more →

The National Nuclear Security Administration (NNSA) has fallen victim to a sophisticated cyber attack exploiting a previously unknown vulnerability in Microsoft SharePoint, marking one of the most significant security breaches targeting critical US defense infrastructure this year.  Chinese government-affiliated hacking…

Read more →

Mozilla has released Firefox 141 to address 17 security vulnerabilities, including several high-impact flaws that could potentially allow arbitrary code execution.  The Mozilla Foundation Security Advisory, announced on July 22, 2025, urges users to update immediately to protect against these…

Read more →

The Clorox Company, a leading household goods manufacturer, has filed a $380 million lawsuit against IT services provider Cognizant Technology Solutions. The lawsuit accuses Cognizant’s help-desk agents of inadvertently providing hackers with access to Clorox’s network during a security breach…

Read more →

Remote Monitoring and Management (RMM) software has long been the silent partner of help-desk engineers, automating patch cycles and troubleshooting sessions across sprawling enterprises. Over the past year, however, the same remote consoles have been quietly repurposed by ransomware gangs…

Read more →

CISA has issued an urgent warning regarding two critical Microsoft SharePoint vulnerabilities that threat actors are actively exploiting in the wild.  The vulnerabilities, designated as CVE-2025-49704 and CVE-2025-49706, pose significant risks to organizations running on-premises SharePoint servers and have been…

Read more →

Microsoft has unveiled significant improvements to Windows 11’s system recovery capabilities, introducing a redesigned Black Screen of Death restart screen alongside an automated Quick Machine Recovery (QMR) tool.  These enhancements are part of the broader Windows Resiliency Initiative (WRI), designed…

Read more →

Microsoft has confirmed that Chinese state-sponsored threat actors are actively exploiting critical zero-day vulnerabilities in on-premises SharePoint servers, prompting urgent security warnings for organizations worldwide.  The tech giant’s Security Response Center reported coordinated attacks targeting internet-facing SharePoint installations using newly…

Read more →

Kali Linux has announced the release of two groundbreaking packages that significantly enhance wireless penetration testing capabilities for Raspberry Pi users. The new brcmfmac-nexmon-dkms and firmware-nexmon packages, introduced in Kali Linux 2025.1, enable the onboard Wi-Fi interface on supported Raspberry…

Read more →

Google has released an urgent security update for its Chrome browser, addressing three critical vulnerabilities that could enable attackers to execute arbitrary code on users’ systems. The Stable channel update to version 138.0.7204.168/.169 for Windows and Mac, and 138.0.7204.168 for…

Read more →

A sophisticated supply chain attack targeting JavaScript developers emerged on Friday, July 18th, 2025, when cybercriminals compromised multiple popular npm packages to distribute the newly identified “Scavenger” malware. The attack primarily focused on eslint-config-prettier, a widely-used code formatting package, along…

Read more →

A groundbreaking investigation has pulled back the curtain on one of Russia’s most clandestine intelligence operations, revealing unprecedented details about the Federal Security Service’s (FSB) 16th Center and its extensive signals intelligence network. The research, conducted by CheckFirst analysts over…

Read more →

Cybersecurity researchers have uncovered a sophisticated attack campaign targeting poorly managed Linux servers through SSH brute force attacks to deploy the SVF Botnet, a Python-based distributed denial-of-service malware. The malware leverages Discord as its command-and-control infrastructure and employs multiple proxy…

Read more →

A sophisticated phishing campaign targeting Web3 developers has emerged, exploiting the growing interest in artificial intelligence platforms to deliver credential-stealing malware. The threat actor LARVA-208, previously known for targeting IT staff through phone-based social engineering, has pivoted to focus on…

Read more →

Secure code review represents a critical security practice that systematically examines software source code to identify and remediate security vulnerabilities before they reach production environments. This comprehensive examination serves as a proactive defense mechanism, enabling development teams to detect security…

Read more →

[London, UK] July 2025 – As cryptocurrency continues its evolution into a mainstream financial asset class, a growing number of investors are turning to new strategies for generating yield—without the risks of high-frequency trading. Addressing this demand, UK-based Quid Miner…

Read more →

Threat intelligence represents a paradigm shift from reactive to proactive cybersecurity, providing organizations with actionable insights to detect, prevent, and respond to cyber threats more effectively. By leveraging structured data about current and emerging threats, security teams can make informed…

Read more →

Hypervisor security represents a critical foundation for protecting virtualized infrastructure, as a single compromise at the hypervisor level can potentially expose all virtual machines running on that host. The security of virtualized environments depends on implementing comprehensive hardening measures across…

Read more →

The OWASP Top 10 2021 represents the most critical web application security risks facing organizations today, with significant shifts reflecting the evolving threat landscape. Broken Access Control has risen to the top position, affecting 94% of tested applications. At the…

Read more →

Quality threat intelligence has traditionally been the domain of enterprise-level budgets and premium subscriptions. The kind of fresh, actionable data that transforms how SOCs operate has remained frustratingly out of reach for many organizations. Until now.  A Game-Changing Opportunity For…

Read more →

The rise of clandestine “travel agencies” on darknet forums has reshaped the cyber-crime landscape, morphing traditional card-skimming into a full-fledged service economy that sells half-priced flights, five-star hotels, and even yacht charters. What unsuspecting buyers see as a bargain is…

Read more →

The UK government has announced comprehensive measures to tackle ransomware attacks, with public sector organizations and critical national infrastructure operators facing an outright ban on paying ransom demands to cyber criminals.  This landmark decision, supported by nearly three-quarters of consultation…

Read more →

Apache Jena has disclosed two significant security vulnerabilities affecting versions through 5.4.0, prompting an immediate upgrade recommendation to version 5.5.0.  Both CVE-2025-49656 and CVE-2025-50151, announced on July 21, 2025, represent important severity flaws that exploit administrative access to compromise server…

Read more →

The breach of Tehran-based security contractor Amnban has ripped the cover off a multi-year espionage program that quietly burrowed into airline reservation systems across Africa, Europe, and the Middle East. Internal documents and screen-captured videos obtained by investigatory journalist Nariman…

Read more →

A threat actor known as “skart7” is allegedly offering a zero-day Local Privilege Escalation (LPE) exploit targeting Apple’s macOS operating system for sale on a prominent hacker forum.  This development represents a significant security concern for macOS users, particularly those…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA), FBI, Department of Health and Human Services, and Multi-State Information Sharing and Analysis Center have issued an urgent joint advisory warning of escalating attacks by the Interlock ransomware group, which has been targeting…

Read more →

Multiple security vulnerabilities affecting Sophos firewall products, with two enabling pre-authentication remote code execution that could allow attackers to compromise systems without valid credentials.  The vulnerabilities, tracked as CVE-2025-6704, CVE-2025-7624, CVE-2025-7382, CVE-2024-13974, and CVE-2024-13973, impact various configurations of Sophos Firewall…

Read more →

A sophisticated new variant of DCHSpy Android surveillanceware, deployed by the Iranian cyber espionage group MuddyWater just one week after escalating tensions in the Israel-Iran conflict.  This malicious tool represents a significant evolution in mobile surveillance capabilities, targeting sensitive communications…

Read more →

The UK Government has imposed sanctions on Russian military intelligence units and 18 individuals following the exposure of a sophisticated cyber espionage campaign targeting Microsoft cloud services.  The National Cyber Security Centre (NCSC) revealed that the Russian Advanced Persistent Threat…

Read more →

Cisco Systems has issued a critical security advisory warning of multiple remote code execution vulnerabilities in its Identity Services Engine (ISE) that are being actively exploited by attackers in the wild. The vulnerabilities, carrying the maximum CVSS severity score of…

Read more →

A fresh wave of malicious Android Package Kit (APK) files is weaving together two of cybercrime’s most reliable revenue streams—click-fraud advertising and credential theft—into a single, adaptable threat that has begun circulating across Southeast Asia, Latin America, and parts of…

Read more →

A critical security vulnerability in ExpressVPN Windows desktop application that could expose users’ real IP addresses when using Remote Desktop Protocol (RDP) connections.  The flaw, discovered through the company’s bug bounty program, affected specific versions of the Windows client and…

Read more →

Wireshark Foundation has announced the availability of Wireshark 4.4.8, the latest maintenance release of the world’s most widely used network-protocol analyzer. Although the update does not introduce brand-new protocols, it delivers a focused package of stability improvements, expanded dissector capabilities,…

Read more →

A sophisticated new ransomware threat has emerged from the cybercriminal underground, targeting organizations across multiple operating systems with advanced cross-platform capabilities. In June 2025, a ransomware actor operating under the alias “Dollar Dollar Dollar” introduced GLOBAL GROUP on the Ramp4u…

Read more →

Thousands of organizations worldwide face active cyberattacks targeting Microsoft SharePoint servers through two critical vulnerabilities, prompting urgent government warnings and emergency patches. Microsoft confirmed over the weekend that threat actors are actively exploiting two zero-day vulnerabilities in on-premises SharePoint servers,…

Read more →

Christian Dior Couture, the luxury fashion house owned by Louis Vuitton, has begun notifying customers of a major cybersecurity incident that exposed sensitive personal information of clients.  The breach, discovered in May 2025, involved unauthorized access to customer databases containing…

Read more →

A financially motivated threat group dubbed Greedy Sponge has been systematically targeting Mexican financial institutions and organizations since 2021 with a heavily modified version of the AllaKore remote access trojan (RAT). The campaign represents a sophisticated evolution of cybercriminal tactics,…

Read more →

A sophisticated new phishing campaign has emerged, delivering the DeerStealer malware through weaponized .LNK shortcut files that exploit legitimate Windows binaries in a technique known as “Living off the Land” (LOLBin). The malware masquerades as a legitimate PDF document named…

Read more →

A sophisticated phishing campaign has emerged targeting Node.js developers through a meticulously crafted attack that impersonates the official npm package registry. The malicious operation utilizes the typosquatted domain npnjs.com, substituting the letter “m” with “n” to create a nearly identical…

Read more →

A sophisticated supply chain attack has compromised several widely-used npm packages, including eslint-config-prettier and eslint-plugin-prettier, after threat actors successfully stole maintainer authentication tokens through a targeted phishing campaign. The attack leveraged a typosquatted domain, npnjs.com, designed to mimic the legitimate…

Read more →

Cybercriminals have escalated their attack sophistication by utilizing legitimate cloud storage services to distribute advanced malware, as demonstrated in a recent campaign targeting a certified public accounting firm in the United States. The attack, discovered in May 2025, showcases how…

Read more →

FortiGuard Labs has discovered a sophisticated new ransomware strain called NailaoLocker that represents a significant departure from conventional encryption malware. This Windows-targeting threat introduces the first documented use of China’s SM2 cryptographic standard in ransomware operations, marking a notable shift…

Read more →

A single compromised password brought down KNP Logistics, putting 730 employees out of work and highlighting the devastating impact of cyber attacks on British businesses. One password is believed to have been all it took for a ransomware gang to…

Read more →

A critical configuration flaw in Microsoft’s AppLocker block list policy has been discovered, revealing how attackers could potentially bypass security restrictions through a subtle versioning error.  The issue centers on an incorrect MaximumFileVersion value that creates an exploitable gap in…

Read more →

A surveillance company has been detected exploiting a sophisticated SS7 bypass technique to track mobile phone users’ locations. The attack leverages previously unknown vulnerabilities in the TCAP (Transaction Capabilities Application Part) layer of SS7 networks to circumvent security protections implemented…

Read more →

CISA has issued an urgent warning about a critical zero-day remote code execution vulnerability affecting Microsoft SharePoint Server on-premises installations that threat actors are actively exploiting in the wild. The vulnerability, tracked as CVE-2025-53770, poses a significant security risk to…

Read more →

Dell Technologies has confirmed a security breach of its Customer Solution Centers platform by the World Leaks extortion group, marking another high-profile attack by the newly rebranded threat actor.  The incident, which occurred earlier this month, targeted Dell’s isolated product…

Read more →

The notorious Chinese-speaking cyberespionage group APT41 has expanded its operations into new territories, launching sophisticated attacks against government IT services across Africa using advanced Windows administration modules. This represents a significant geographical expansion for the group, which has previously concentrated…

Read more →

A sophisticated new ransomware strain named KAWA4096 has emerged in the cybersecurity landscape, showcasing advanced evasion techniques and borrowing design elements from established threat actors. Named after the Japanese word for “river,” this malicious software first surfaced in June 2025…

Read more →

A critical security vulnerability in Laravel’s Livewire framework has been discovered that could expose millions of web applications to remote code execution (RCE) attacks.  The flaw, designated as CVE-2025-54068, affects Livewire v3 versions from 3.0.0-beta.1 through 3.6.3, with a CVSS…

Read more →

A critical remote code execution vulnerability has been discovered in Lighthouse Studio, one of the most widely deployed yet relatively unknown survey software platforms developed by Sawtooth Software. The flaw, designated CVE-2025-34300, affects the Perl CGI scripts that power web-based…

Read more →

A critical vulnerability in Hewlett Packard Enterprise (HPE) Aruba Networking Instant On Access Points could allow attackers to bypass device authentication mechanisms completely.  The vulnerability, tracked as CVE-2025-37103, stems from hardcoded login credentials embedded within the devices’ software, presenting a…

Read more →

India’s second-largest cryptocurrency exchange, CoinDCX, confirmed a sophisticated security breach on July 19, 2025, resulting in approximately $44.2 million being stolen from the platform. This incident marks another significant cyberattack on India’s crypto infrastructure, coming exactly one year after the…

Read more →

Microsoft has issued an urgent security advisory addressing critical zero-day vulnerabilities in on-premises SharePoint Server that attackers are actively exploiting.  The vulnerabilities, assigned as CVE-2025-53770 and CVE-2025-53771, pose immediate risks to organizations running SharePoint infrastructure and require immediate remediation. Key…

Read more →

A critical container escape vulnerability has emerged in the NVIDIA Container Toolkit, threatening the security foundation of AI infrastructure worldwide. Dubbed “NVIDIAScape” and tracked as CVE-2025-23266, this flaw carries a maximum CVSS score of 9.0, representing one of the most…

Read more →

A sophisticated new attack technique compromises Fast IDentity Online (FIDO) key authentication by exploiting cross-device sign-in features.  The PoisonSeed attack group has developed a method to downgrade FIDO key protections through adversary-in-the-middle (AitM) phishing campaigns that trick users into scanning…

Read more →

A critical memory corruption vulnerability in the popular file archiver 7-Zip has been discovered that allows attackers to trigger denial of service conditions by crafting malicious RAR5 archive files. The vulnerability, tracked as CVE-2025-53816 and designated GHSL-2025-058, affects all versions…

Read more →

A critical memory corruption vulnerability in the popular file archiver 7-Zip has been discovered that allows attackers to trigger denial of service conditions by crafting malicious RAR5 archive files. The vulnerability, tracked as CVE-2025-53816 and designated GHSL-2025-058, affects all versions…

Read more →

It’s been a busy seven days for security alerts. Google is addressing another actively exploited zero-day in Chrome, and VMware has rolled out key patches for its own set of vulnerabilities. We’ll also break down the methods behind a new…

Read more →

Two significant Grafana vulnerabilities that could allow attackers to redirect users to malicious websites and execute arbitrary JavaScript code.  The vulnerabilities, identified as CVE-2025-6023 and CVE-2025-6197, affect multiple versions of Grafana, including 12.0.x, 11.6.x, 11.5.x, 11.4.x, and 11.3.x branches.  Both…

Read more →

A sophisticated cyberattack campaign targeting Microsoft SharePoint servers has been discovered exploiting a newly weaponized vulnerability chain dubbed “ToolShell,” enabling attackers to gain complete remote control over vulnerable systems without authentication. Eye Security, a Dutch cybersecurity firm, identified the active…

Read more →

A sophisticated phishing campaign targeting organizations has emerged, exploiting the trusted reputation of Veeam Software through weaponized WAV audio files delivered via email. The attack represents an evolution in social engineering tactics, combining traditional phishing techniques with audio-based deception to…

Read more →

A sophisticated Chinese threat actor campaign has emerged as one of the most persistent malware distribution operations targeting Chinese-speaking communities worldwide. Since June 2023, this ongoing campaign has established an extensive infrastructure comprising more than 2,800 malicious domains specifically designed…

Read more →

A sophisticated phishing campaign targeting Turkish defense and aerospace enterprises has emerged, delivering a highly evasive variant of the Snake Keylogger malware through fraudulent emails impersonating TUSAŞ (Turkish Aerospace Industries). The malicious campaign distributes files disguised as contractual documents, specifically…

Read more →

A sophisticated phishing campaign dubbed “Scanception” has emerged as a significant threat to enterprise security, leveraging QR codes embedded in PDF attachments to bypass traditional email security measures and harvest user credentials. The attack represents a concerning evolution in social…

Read more →

A critical zero-day flaw in the CrushFTP managed file-transfer platform was confirmed after vendor and threat-intelligence sources confirmed active exploitation beginning on 18 July 2025 at 09:00 CST. Tracked as CVE-2025-54309, the bug allows unauthenticated attackers to obtain full administrative…

Read more →

The cybersecurity landscape continues to face significant threats from sophisticated information stealers, with Lumma emerging as one of the most prevalent and dangerous malware families targeting both consumer and enterprise environments. This malicious software systematically harvests enormous volumes of sensitive…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Fortinet FortiWeb vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation of the SQL injection flaw in cyberattacks worldwide. The vulnerability, tracked as CVE-2025-25257, affects Fortinet’s…

Read more →

Google has filed a lawsuit in New York federal court against the operators of the BadBox 2.0 botnet, marking a significant escalation in the tech giant’s fight against cybercriminal networks. The malware campaign represents the largest known botnet of internet-connected…

Read more →

A stealth Monero-mining campaign has quietly compromised more than 3,500 websites by embedding an innocuous-looking JavaScript file called karma.js. The operation leverages WebAssembly, Web Workers, and WebSockets to siphon CPU cycles while keeping resource usage low enough to avoid user…

Read more →

The notorious Russian cyberespionage group Fancy Bear, also known as APT28, has intensified its operations against governments and military entities worldwide using an arsenal of sophisticated new tools and techniques. Active since 2007, this state-sponsored threat actor has established itself…

Read more →

Microsoft today announced the rollout of a revamped customer dashboard in Microsoft Defender for Office 365, designed to deliver unprecedented insights across a broad spectrum of attack vectors.  The new interface gives security teams real-time visibility into threats blocked before…

Read more →

A sophisticated Malware-as-a-Service operation has emerged that exploits the trusted GitHub platform to distribute malicious payloads, representing a significant evolution in cybercriminal tactics. The operation leverages fake GitHub accounts to host an arsenal of malware tools, plugins, and payloads, capitalizing…

Read more →

A critical security vulnerability affecting multiple Ubiquiti UniFi Access devices could allow attackers to execute malicious commands remotely.  The vulnerability, tracked as CVE-2025-27212, stems from improper input validation and has been assigned a maximum CVSS v3.0 base score of 9.8,…

Read more →

Three critical vulnerabilities in the Sophos Intercept X for Windows product family could allow local attackers to achieve arbitrary code execution with system-level privileges. Identified as CVE-2024-13972, CVE-2025-7433, and CVE-2025-7472, the flaws span registry permission misconfigurations, a weakness in the…

Read more →

A sophisticated malware campaign targeting Ivanti Connect Secure VPN devices has been actively exploiting critical vulnerabilities CVE-2025-0282 and CVE-2025-22457 since December 2024. The ongoing attacks demonstrate advanced persistent threat techniques, deploying multiple malware families including MDifyLoader, Cobalt Strike Beacon, vshell,…

Read more →

In mid-2025, a new surge of targeted intrusions, attributed to the threat group known variously as Scattered Spider, Octo Tempest, UNC3944, Muddled Libra, and 0ktapus, began impacting multiple industries. Initially identified by unusual SMS-based phishing campaigns leveraging adversary-in-the-middle (AiTM) domains,…

Read more →

Two critical vulnerabilities in the BIND 9 DNS resolver software are affecting organizations worldwide, with potential cache poisoning and denial-of-service attacks.  The vulnerabilities, identified as CVE-2025-40776 and CVE-2025-40777, pose significant security risks to DNS infrastructure, particularly for resolvers configured with…

Read more →

Emerging in late 2024 and surging throughout the first half of 2025, ClickFix has become a pervasive social-engineering vector in which threat actors trick users into executing malicious commands under the guise of “quick fixes” for common computer issues. Rather…

Read more →

WAFFLED is a recently disclosed technique that evades leading Web Application Firewalls (WAFs) by targeting subtle parsing inconsistencies rather than tampering with the malicious payload itself.  By mutating innocuous elements such as boundary delimiters in multipart/form-data, character sets in application/json,…

Read more →

A critical security vulnerability in TeleMessageTM SGNL, an enterprise messaging system modeled after Signal, has been actively exploited by cybercriminals seeking to extract sensitive user credentials and personal data.  The flaw, designated CVE-2025-48927, affects government agencies and enterprises using this…

Read more →

CISA issued three significant Industrial Control Systems (ICS) advisories on July 17, 2025, addressing critical vulnerabilities affecting energy monitoring, healthcare imaging, and access control systems.  These advisories highlight severe security flaws with CVSS v4 scores ranging from 8.5 to 8.7,…

Read more →

A critical vulnerability in Microsoft Entra ID allows attackers to escalate privileges to the Global Administrator role through the exploitation of first-party applications.  The vulnerability, reported to Microsoft Security Response Center (MSRC) in January 2025, affects organizations using hybrid Active…

Read more →

A sophisticated Chinese state-sponsored cyber espionage campaign has emerged targeting Taiwan’s critical semiconductor industry, employing weaponized Cobalt Strike beacons and advanced social engineering tactics. Between March and June 2025, multiple threat actors launched coordinated attacks against semiconductor manufacturing, design, and…

Read more →

Last week, Ukraine’s Main Intelligence Directorate (GUR) orchestrated a sophisticated cyberattack against Gaskar Integration, a leading Russian drone manufacturer. The operation began with reconnaissance of the company’s public-facing infrastructure, where threat actors identified vulnerable remote desktop services and outdated VPN…

Read more →

The global hacktivist landscape has undergone a dramatic transformation since 2022, evolving from primarily ideologically motivated actors into a complex ecosystem where attention-seeking behavior and monetization strategies drive operational decisions. This shift has fundamentally altered how these groups select targets…

Read more →

Researchers have uncovered critical security vulnerabilities affecting millions of computer servers and routers worldwide, stemming from the insecure implementation of fundamental internet tunneling protocols. The flaws could allow attackers to bypass security controls, spoof their identity, access private networks, and…

Read more →

A sophisticated new attack vector where malicious actors are hiding malware inside DNS records, exploiting a critical blind spot in most organizations’ security infrastructure. This technique transforms the Internet’s Domain Name System into an unconventional file storage system, allowing attackers…

Read more →

The H2Miner botnet, first observed in late 2019, has resurfaced with an expanded arsenal that blurs the line between cryptojacking and ransomware. The latest campaign leverages inexpensive virtual private servers (VPS) and a grab-bag of commodity malware to compromise Linux…

Read more →

Iranian state-sponsored threat actors have significantly escalated their cyber operations, employing sophisticated artificial intelligence-enhanced phishing campaigns to target cybersecurity researchers and academic institutions across Western nations. The campaign, primarily attributed to APT35 (also known as Charming Kitten and Magic Hound),…

Read more →

An Armenian national has been extradited from Ukraine to the United States to face federal charges for his alleged involvement in a series of Ryuk ransomware attacks and an extortion conspiracy that targeted U.S. companies, including a technology firm in…

Read more →

A sophisticated espionage campaign targeting multiple Asian jurisdictions has emerged, utilizing weaponized shortcut files and deceptive social engineering techniques to infiltrate high-value targets across China, Hong Kong, and Pakistan. The threat actor, designated UNG0002 (Unknown Group 0002), has demonstrated remarkable…

Read more →

Emerging in mid-2023 as an apparent successor to Meiya Pico’s notorious MFSocket, the newly identified Android application Massistant has begun surfacing on confiscated handsets at Chinese border checkpoints and police stations. Unlike conventional spyware that relies on covert remote delivery,…

Read more →

A critical Remote Code Execution (RCE) vulnerability in Oracle Cloud Infrastructure (OCI) Code Editor that allowed attackers to silently hijack victim Cloud Shell environments through a single click.  The vulnerability, now remediated, affected Code Editor’s integrated services, including Resource Manager,…

Read more →

NVIDIA has released critical security updates addressing two significant vulnerabilities in its Container Toolkit and GPU Operator that could allow attackers to execute arbitrary code with elevated permissions.  The vulnerabilities, identified as CVE-2025-23266 and CVE-2025-23267, affect all platforms running NVIDIA…

Read more →

The Python Package Index (PyPI) has implemented an immediate ban on inbox.ru email domain registrations following a sophisticated spam campaign that resulted in over 1,500 fake project uploads across a month-long period. The attack, which began on June 9, 2025,…

Read more →