New China-Aligned Hackers Hit State and Telecom Sectors
A newly identified cyber espionage group has been targeting government and telecommunications organizations across Africa, the Middle East and…
New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones
A previously undocumented Android banking trojan called Klopatra has compromised over 3,000 devices, with a majority of the infections…
Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new targeted cyber attacks in the country using a backdoor called…
Backdoor Disguised as SOCKS5 Proxy: Malicious PyPI Package SoopSocks Grants Root Access
The of the open-source software supply chain was once again tested when JFrog’s research team uncovered a malicious package on PyPI. The…
Chinese APT Phantom Taurus Targeted MS Exchange Servers Over 3 Years
Researchers at Palo Alto Networks say a Chinese-linked cyberespionage group has been targeting foreign ministries, embassies, and…
Hack of US Surveillance Provider RemoteCOM Exposes Court Data
A major data breach has compromised the personal records of nearly 14,000 individuals under court supervision, alongside contact information…
Warnings about Cisco vulns under active exploit are falling on deaf ears
Nearly 50,000 Cisco ASA/FTD instances vulnerable to two bugs that are actively being exploited by "advanced" attackers remain exposed to the…
Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware
Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously…
New Android RAT Klopatra Targets Financial Data
A previously unknown Android Remote Access Trojan (RAT) has been identified by security researchers, marking a significant advancement in the…
China-linked RedNovember Campaign Shows Importance of Patching Edge Devices
A long-running threat campaign linked to a Chinese state-sponsored cyber-espionage group highlights the importance of patching and protecting…
You name it, VMware elevates it (CVE-2025-41244)
On September 29th, 2025, Broadcom disclosed a local privilege escalation vulnerability, CVE-2025-41244, impacting VMware’s guest service…
EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
Threat actors have been observed using seemingly legitimate artificial intelligence (AI) tools and software to sneakily slip malware for…
Inside the Mind of a Threat Actor: What CISOs Must Learn Before the Next Breach
Cybersecurity isn’t a game of defense—it’s a game of anticipation. Yet too many CISOs and security leaders still think in…
New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data
A sophisticated malware campaign has emerged that weaponizes seemingly legitimate productivity tools to infiltrate systems and steal sensitive…
WhatsApp 0-Click Vulnerability Exploited Using Malicious DNG File
WhatsApp 0-click remote code execution (RCE) vulnerability affecting Apple’s iOS, macOS, and iPadOS platforms, detailed with a proof of…
Two-Thirds of Organizations Have Unfilled Cybersecurity Positions
Organizations continue to experience significant cybersecurity skills shortages, with 65% of firms reporting unfilled cyber positions, a new…
Lesson From Cisco ASA 0-Day RCE Vulnerability That Actively Exploited In The Wild
The cybersecurity landscape experienced a significant escalation in September 2025, when Cisco disclosed multiple critical zero-day…
Notepad++ DLL Hijacking Vulnerability Let Attackers Execute Malicious Code
A newly discovered DLL hijacking vulnerability in Notepad++, the popular source code editor, could allow attackers to execute arbitrary code…
TamperedChef Malware Rises: Deceptive Apps Use Signed Binaries and SEO Poisoning to Hijack Browsers
Field Effect’s Threat Intelligence team has uncovered a new wave of the TamperedChef malware campaign, leveraging digitally signed…
RedNovember: Chinese APT Expands Global Espionage to U.S. Defense, Aerospace, and Tech Firms
A new report from Recorded Future’s Insikt Group reveals that the Chinese state-sponsored threat group RedNovember has significantly…
Morte Botnet Unveiled: A Rapidly Growing Loader-as-a-Service Campaign Exploiting Routers and Enterprise Apps
Researchers at CloudSEK Threat Intelligence (TRIAD) have exposed a sophisticated botnet operation that systematically compromises SOHO…
DLL Hijacking Flaw (CVE-2025-56383) Found in Notepad++, Allowing Arbitrary Code Execution, PoC Available
A newly disclosed in Notepad++ v8.8.3 has been assigned CVE-2025-56383. The , rated CVSS 6.5, allows attackers to hijack Notepad++’s DLL…
Prompt Injection and Model Poisoning: The New Plagues of AI Security
You wake up. Your AI wakes up. Somewhere, a stranger types a sentence, and your AI listens. This is not science fiction. This is the…
AsyncRAT Malware Campaign Found Targeting South American Hotels
A new AsyncRAT malware campaign from threat actor TA558 is targeting the South American hospitality industry, demanding the attention of…
Week in review: Cisco ASA zero-day vulnerabilities exploited, Fortra GoAnywhere instances at risk
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How Juventus protects fans,…
China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks
Telecommunications and manufacturing sectors in Central and South Asian countries have emerged as the target of an ongoing campaign…
Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign
RedNovember, a Chinese state-sponsored cyberspy group, targeted government and critical private-sector networks around the globe between June…
New Botnet Loader-as-a-Service Exploiting Routers and IoT Devices to Deploy Mirai Payloads
A sophisticated botnet operation has emerged, employing a Loader-as-a-Service model to systematically weaponize internet-connected devices…
ChatGPT Pulse Arrives: The Proactive AI Assistant That Reshapes Your Morning Routine
OpenAI has introduced a new feature within ChatGPT called “ChatGPT Pulse”, a service designed to deliver personalized daily…
Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam
A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to deliver CountLoader, which is then used to…
Google Ads Used to Spread Trojan Disguised as TradingView Premium
A malicious advertising campaign that has been tricking content creators and unsuspecting users into downloading harmful software by offering…
Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035)
CVE-2025-10035, a perfect CVSS 10.0 vulnerability in the Fortra GoAnywhere managed file transfer solution, has apparently been exploited in…
‘An attacker's playground:’ Crims exploit GoAnywhere perfect-10 bug
Security researchers have confirmed that threat actors have exploited the maximum-severity vulnerability affecting Fortra's GoAnywhere managed…
Fake Ukraine Police Notices Spread New Amatera Stealer and PureMiner
Hackers are distributing malicious emails that imitate official notices from the National Police of Ukraine. This phishing campaign,…
Critical Cisco SSL VPN Vulnerabilities
The cybersecurity world is on alert after multiple critical vulnerabilities were discovered in Cisco SSL VPN solutions, specifically affecting…
Fortra GoAnywhere Vulnerability Exploited as 0-Day Before Patch
A critical, perfect 10.0 CVSS score vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) solution was actively exploited as…
Agencies Around the Globe Urge Patching of Cisco ASA Bug Under Active Exploit
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive 25-03 in response to an ongoing and severe…
New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks
The Russian advanced persistent threat (APT) group known as COLDRIVER has been attributed to a fresh round of ClickFix-style attacks designed…
Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks
A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been…
ArcaneDoor Threat Actor Resurfaces in Continued Attacks Against Cisco Firewalls
A newly identified cyber-attack campaign has exploited Cisco Adaptive Security Appliance (ASA) devices in a sophisticated operation linked to…
CISA Warns of Cisco Firewall 0-Day Vulnerabilities Actively Exploited in the Wild
CISA has issued an Emergency Directive mandating immediate action to mitigate two critical zero-day…
Chinese State-Sponsored Hackers Attacking Telecommunications Infrastructure to Harvest Sensitive Data
In late 2024, a new wave of cyber espionage emerged targeting global telecommunications infrastructure. Operating under the moniker Salt…