The Zero-Click Vulnerability: Akamai Uncovers Incomplete Patch for APT28 Exploit
Conceptual flow of the original CVE-2026-21510 exploitation | Image: Akamai Researchers at Akamai have discovered that a previous fix for a…
Vidar Infostealer Spreads via Fake CAPTCHAs, Hides in JPEG and TXT Files
New research from the Lat61 Threat Intelligence Team at Point Wild reveals that hackers are now hiding malicious code inside everyday files…
Researchers Identify Fast16 Sabotage Malware That Pre-Dates Stuxnet
Security researchers have identified malware dating back to 2005 that appears to have been designed to disrupt Iran’s nuclear program…
New ClickFix attack Hides in Native Windows Tools to Reduce Detection Risk
A new ClickFix attack campaign uses fake CAPTCHA pages to trick users into running malicious commands. Learn how hackers use cmdkey and…
Microsoft beefs up Remote Desktop security with … hard-to-read messages
Microsoft's update to harden Remote Desktop against phishing attacks has arrived. When users open a Remote Desktop (.rdp) file, they should…
Python Vulnerability Allows Out-of-Bounds Write on Windows Systems
A security vulnerability has been discovered in Python’s Windows asyncio implementation, allowing attackers to trigger out-of-bounds…
Hackers Can Exploit Ollama Model Uploads to Leak Sensitive Server Data
A critical, unpatched vulnerability has been discovered in Ollama, a widely used open-source platform for running Large Language Models…
NCSC Backs Passkeys, Hailing a New Era of Sign-in
The UK’s National Cyber Security Centre (NSCS) has fully backed passkeys, stating that it should be “should now be…
MacOS Native Tools Enable Stealthy Enterprise Attacks
A growing range of native macOS features are being repurposed by attackers to execute code, move laterally and evade detection, according to…
Compromised axios npm package delivers cross-platform RAT
Key points and observations On March 31, 2026, an attacker hijacked an axios npm maintainer account and published two malicious releases:…
Uncovering agent logging gaps in Copilot Studio
Key points From at least August 29, 2025 to September 25, 2025, Microsoft Copilot Studio did not log certain administrative actions related to…
Tech impersonators: ClickFix and MacOS infostealers
Key points and observations Datadog identified an active campaign employing fake GitHub repositories impersonating software companies and…
Introducing IDE-SHEPHERD: Your shield against threat actors lurking in your IDE
In recent years, Integrated Development Environments (IDEs) have become a pivotal component in modern software development, providing…
Decoding the GitHub recommendations for npm maintainers
The open source package distribution ecosystem in general has seen an increase in both velocity and severity of targeted attacks (both…
Investigating an adversary-in-the-middle phishing campaign targeting Microsoft 365 and Okta users
Datadog has identified an active phishing campaign that targets organizations that use Microsoft 365 and Okta for their single sign-on (SSO)…
CVE-2025-55182 (React2Shell): Remote code execution in React Server Components and Next.js
Key points and observations On December 3, a remote code code execution (RCE) vulnerability was identified in React Server Components and…
Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed
Cybersecurity researchers have disclosed details of four security flaws in Microsoft Teams that could have exposed users to serious…
Critical Samba RCE Vulnerability Enables Arbitrary Code Execution
Samba has disclosed a severe remote code execution (RCE) flaw that could allow attackers to hijack Active Directory domain controllers.…
October 2025 Patch Tuesday: Two Publicly Disclosed, Three Zero-Days, and Eight Critical Vulnerabilities Among 172 CVEs
Microsoft has addressed 172 vulnerabilities in its October 2025 security update release, marking the highest number of vulnerabilities patched…
Windows BitLocker Vulnerabilities Let Attackers Bypass Security Feature
Microsoft has disclosed two critical vulnerabilities in its Windows BitLocker encryption feature, allowing attackers with physical access to…
Broadcom Shifts VMware Workstation/Fusion to Year-Based Versioning with New 25H2 Release
Broadcom has recently announced a change to the versioning system of its virtualization software, VMware Workstation Pro and Fusion Pro.…
Operation Zero Disco: Critical Cisco SNMP Flaw (CVE-2025-20352) Used to Implant Linux Rootkits on Switches
researchers from Trend Research have uncovered a sophisticated campaign — dubbed “Operation Zero Disco” — in which…
Whisper 2FA Behind One Million Phishing Attempts Since July
The phishing platform “Whisper 2FA” has rapidly become one of the most active tools used in large-scale credential theft…
Last Windows 10 Patch Tuesday Features Six Zero Days
It’s set to be a busy October for system administrators after Microsoft issued security updates to fix 172 vulnerabilities including six…
Windows Remote Access Connection Manager 0-Day Vulnerability Exploited in Attacks
Microsoft has confirmed active exploitation of a critical zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan)…
Critical RCE Flaws CVE-2025-48983 & CVE-2025-48984 (CVSS 9.9) Found in Veeam Backup & Replication
Veeam Software has released patches addressing three newly disclosed , including two critical Remote Code Execution (RCE) in Veeam Backup…
Chrome Fix: New Use-After-Free Flaw (CVE-2025-11756) in Safe Browsing Component Poses High Risk
Google has released a new Stable Channel Update for Desktop, rolling out gradually to Windows, macOS, and Linux systems over the coming days…
October Patch Tuesday: Microsoft Fixes 6 Zero-Days, Including 4 Actively Exploited Flaws, as Windows 10 Reaches End-of-Life
Microsoft’s October 2025 Patch Tuesday has arrived with one of the largest updates of the year—193 patched, including six…
Rockwell Automation Patches Privilege Escalation and Denial-of-Service Flaws Across FactoryTalk and ArmorStart Systems
Rockwell Automation has released a series of advisories addressing in several of its FactoryTalk and ArmorStart product lines. These ,…
Patch Tuesday, October 2025 ‘End of 10’ Edition
Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least two…
Frightful Patch Tuesday gives admins a scare with 175+ Microsoft CVEs, 3 under attack
Spooky season is in full swing, and this extends to Microsoft's October Patch Tuesday with security updates for a frightful 175 Microsoft…
Patch Tuesday October 2025: Three Zero-days Under Attack
Microsoft’s Patch Tuesday October 2025 included fixes for 175 vulnerabilities, including three exploited zero-days and 13 additional…
UEFI Shell Vulnerabilities Could Let Hackers Bypass Secure Boot on 200,000+ Laptops
Hackers can exploit vulnerabilities in signed UEFI shells to bypass Secure Boot protections on over 200,000 Framework laptops and desktops.…
Legacy Windows Protocols Still Expose Networks to Credential Theft
A new cybersecurity study has found that legacy Windows communication protocols continue to expose organizations to credential theft, even…
New Pixnapping Attack Steals 2FA Codes From Google Authenticator Within 30 Seconds
Pixnapping, a novel class of side-channel attacks targeting Android devices that can covertly extract sensitive screen data, including…
Microsoft Patches Edge IE Mode After Hackers Exploited Chakra Zero-Day for Device Takeover
After discovering that hackers were exploiting a zero-day in the Chakra JavaScript engine used by Internet Explorer versions 9, 10, and 11,…
Hackers Target ScreenConnect Features For Network Intrusions
A rise in cyber-attacks exploiting remote monitoring and management (RMM) tools for initial access via phishing has been observed by…
New Stealit Malware Campaign Spreads via VPN and Game Installer Apps
Threat actors are conducting a new malicious campaign deploying the Stealit malware via disguised applications, according to Fortinet. The…
Ransomware crims that exploited SharePoint 0-days add Velociraptor to their arsenal
The ransomware gang caught exploiting Microsoft SharePoint zero-days over the summer has added a new tool to its arsenal: Velociraptor, an…
Threat Actors Exploiting SonicWall SSL VPN Devices in Wild to Deploy Akira Ransomware
Threat actors have reemerged in mid-2025 leveraging previously disclosed vulnerabilities in SonicWall SSL VPN appliances to deploy Akira…
‘Payroll Pirate’ Attacks Target U.S. Universities, Diverting Employee Salaries
Microsoft Threat Intelligence has revealed a spate of financially motivated cyberattacks against universities across the United States. The…
October 2025 Patch Tuesday forecast: The end of a decade with Microsoft
A lot of classic software is reaching end-of-life (EOL) this month. Windows 10, Office 2016 and Exchange Server 2016 have survived after…