22 Vulnerabilities Under Attack – And Another That Could Be
Cyble researchers detailed 22 vulnerabilities under active attack in a blog post today – and nine of them aren’t in CISA’s…
Third time's the charm? SolarWinds (again) patches critical Web Help Desk RCE
SolarWinds on Tuesday released a hotfix - again - for a critical, 9.8-severity flaw in its Web Help Desk IT ticketing software that could…
Iranian Hacking Group Nimbus Manticore Expands European Targeting
A long-running cyber-espionage campaign tied to Iran has intensified its operations in Europe. The group, known as Nimbus Manticore, has a…
SonicWall Releases Urgent Update to Remove Rootkit Malware ‘OVERSTEP’ from SMA Devices
SonicWall has issued an urgent firmware update, version 10.2.2.2-92sv, for its Secure Mobile Access (SMA) 100 series appliances to detect and…
SpyCloud Report: 2/3 Orgs Extremely Concerned About Identity Attacks Yet Major Blind Spots Persist
Austin, Texas, USA, September 23rd, 2025, CyberNewsWire New SpyCloud 2025 Identity Threat Report reveals dangerous disconnect between…
Attacker Breakout Time Falls to 18 Minutes
Threat actors are accelerating their attacks and adopting innovative new ways to circumvent endpoint detection mechanisms, according to a new…
GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security
GitHub on Monday announced that it will be changing its authentication and publishing options "in the near future" in response to a recent…
BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells
Cybersecurity researchers are calling attention to a search engine optimization (SEO) poisoning campaign likely undertaken by a…
BlockBlasters: When a Steam Game Turns Into a Malware Delivery Vehicle
What began as a promising indie platformer has turned into one of the most alarming cases of malware-laced games on Steam in 2025. According…
Kawa4096: A New Ransomware Group with Akira-Style Branding and Qilin-Like Notes
In June 2025, a new ransomware group known as Kawa4096 surfaced, launching disruptive attacks against multinational organizations in finance,…
Beyond Trust: A New Campaign Is Using a Legitimate Tool to Deliver RATs
A new report from Hunt Intelligence reveals how attackers are abusing ConnectWise ScreenConnect (formerly ConnectWise Control) to deliver…
VMScape attack | Kaspersky official blog
A team of researchers at the Swiss Federal Institute of Technology in Zurich (ETH Zurich) has published a research paper demonstrating how a…
Organizations Must Update Defenses to Scattered Spider Tactics, Experts Urge
Organizations must urgently update their defenses to protect against tactics deployed by the Scattered Spider hacking collective this year,…
ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks
Organizations in Belarus, Kazakhstan, and Russia have emerged as the target of a phishing campaign undertaken by a previously undocumented…
Major Cyber Threat Detection Vendors Pull Out of MITRE Evaluations Test
Three major providers of cybersecurity solutions have decided not to take part in the 2025 edition of MITRE’s annual endpoint detection and…
Chrome Type Confusion 0-Day Vulnerability Code Analysis Released
Google Chrome’s V8 JavaScript engine has been compromised by a critical type confusion zero-day vulnerability, designated…
Countering The Adaptive Playbook of Modern Threat Actors
The cybersecurity landscape has seen a substantial threat vector transformation. While malware and ransomware continue to be relevant threats,…
DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams
Threat actors with ties to the Democratic People's Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style…
Week in review: Chrome 0-day fixed, npm supply chain attack, LinkedIn data used for AI
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Most enterprise AI use is…
Top Zero-Day Vulnerabilities Exploited in the Wild in 2025
The cybersecurity landscape in 2025 has been marked by an unprecedented surge in zero-day vulnerabilities actively exploited by threat actors.…
LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer
LastPass is warning of an ongoing, widespread information stealer campaign targeting Apple macOS users through fake GitHub repositories that…
Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell
Cybersecurity researchers have discovered what they say is the earliest example known to date of a malware with that bakes in Large Language…
WannaCry Ransomware: A DFIR & SOC Monitoring Lab Walkthrough
Hello fellow defenders, I hope you are having a great day. In this article, I’m going to show you how you can make a cybersecurity home…
Ivanti EPMM holes let miscreants plant shady listeners, CISA says
An unknown attacker has abused a couple of flaws in Ivanti Endpoint Manager Mobile (EPMM) and deployed two sets of malware against an unnamed…
The Good, the Bad and the Ugly in Cybersecurity – Week 38
The Good | Federal Courts Crack Down on BreachForums & UNC3944 Cybercrime Operators Conor Brian Fitzpatrick, the 22-year-old operator of…
CISA Warns of Hackers Exploiting Ivanti Endpoint Manager Mobile Vulnerabilities to Deploy Malware
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding sophisticated malware campaigns targeting…
Russian State Hackers Collaborate in Attacks Against Ukraine
Two Russian state-linked threat actors, Gamaredon and Turla, are working together to compromise high-value defense targets in Ukraine,…
Russian Hackers Gamaredon and Turla Collaborate to Deploy Kazuar Backdoor in Ukraine
Cybersecurity researchers have discerned evidence of two Russian hacking groups Gamaredon and Turla collaborating together to target and…
CISA Warns of New Malware Campaign Exploiting Ivanti EPMM Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR), highlighting a new attack trend…
CVE-2025-59340: Critical HubSpot’s Jinjava Engine Flaw Exposes Thousands of Websites to RCE
HubSpot has issued a security advisory regarding a critical flaw in its Jinjava template engine, which powers thousands of websites and…
CISA Warns of Malicious Listener Malware Exploiting Ivanti Endpoint Manager Mobile
The Cybersecurity and Infrastructure Security Agency (CISA) has published a new Malware Analysis Report (MAR) detailing how threat actors are…
MuddyWater APT Shifts Tactics to Custom Malware
Group-IB analysts have released new intelligence on MuddyWater, the Iranian state-sponsored APT linked to Tehran’s Ministry of…
Google pushes emergency patch for Chrome 0-day – check your browser version now
Google pushed an emergency patch for a high-severity Chrome flaw, already under active exploitation. So it's time to make sure you're running…
1 in 3 Android Apps Leak Sensitive Data
A significant share of mobile applications are exposing sensitive information through insecure APIs, leaving users and businesses vulnerable…
CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader
Cybersecurity researchers have discovered a new malware loader codenamed CountLoader that has been put to use by Russian ransomware gangs to…
SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers
Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to…
Vane Viper Malvertising Network Posed as Legit Adtech in Global Scams
Cybersecurity firm Infoblox says it has discovered “Vane Viper,” a massive online ad network that posed as a legitimate business…
Critical Vulnerabilities Discovered in Planet Technology Industrial Cellular Gateways
The Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) has issued a security advisory warning of two critical…
TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks
The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT…
New Raven Stealer Malware Hits Browsers for Passwords and Payment Data
A new sneaky type of malware, known as Raven Stealer, has been identified by the Lat61 Threat Intelligence Team at Point Wild. The research…
FileFix Campaign Using Steganography and Multistage Payloads
A rare in-the-wild FileFix campaign has been observed by cybersecurity researchers, which hides a second-stage PowerShell script and encrypted…
Deepfakes at the Gate: How Fake Job Applicants Are Becoming a Serious Cyber Threat
In recent months, the hiring process has become a new attack surface. Cybercriminals are no longer just spoofing emails or exploiting software…