MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months
Ddos August 30, 2025 XLab has identified a previously unknown and stealthy backdoor dubbed MystRodX, capable of operating undetected in…
The Good, the Bad and the Ugly in Cybersecurity – Week 35
The Good | Interpol Cracks Down on Cybercrime as U.S. Sanctions North Korean IT Scheme Interpol announced the arrest of over 1200 suspects in…
North Korean Hackers Weaponize Seoul Intelligence Files to Target South Koreans
A large-scale spear-phishing campaign targeting South Korean government and intelligence staff has exploited a national intelligence…
State-Sponsored Hackers Behind Majority of Vulnerability Exploits
The majority (53%) of attributed vulnerability exploits in the first half 2025 were conducted by state-sponsored actors for strategic,…
Innovator Spotlight: ManageEngine
Unifying IT Management and Security with ManageEngine In today’s digital landscape, IT can feel like juggling flaming torches, one…
BadSuccessor Post-Patch: Leveraging dMSAs for Credential Acquisition and Lateral Movement in Active Directory
Microsoft’s recent patch for the BadSuccessor vulnerability (CVE-2025-53779) has successfully closed the direct privilege escalation…
Fake IT Support Attacks Hit Microsoft Teams
A new wave of phishing attacks abusing Microsoft Teams to deliver malware has been uncovered by security researchers. The campaigns, observed…
ShadowSilk Leveraging Penetration-Testing Tools, Public Exploits to Attack Organizations
ShadowSilk first surfaced in late 2023 as a sophisticated threat cluster targeting government entities across Central Asia and the broader…
Malicious VS Code Extensions Exploit Name Reuse Loophole
A new campaign involving malicious Visual Studio Code (VS Code) extensions has exposed a loophole in the VS Code Marketplace that allows…
Google Big Sleep AI Tool Finds Critical Chrome Vulnerability
Google has patched a critical graphics library vulnerability in the Chrome browser, discovered by its AI-powered detection tool, Google Big…
When Best Practices Aren’t Enough: UK Breaches Underscore the Importance of Compromise Assessments
Despite extensive guidance from national authorities, several prominent UK organizations have recently suffered significant cyber attacks.…
Ransomware Actor Deletes Data and Backups Post-Exfiltration on Azure
A threat actor has destroyed data and backups following exfiltration in a victim’s Microsoft Azure environment in a novel cloud-based…
Researchers Discover First Reported AI-Powered Ransomware
In what is reportedly a world-first, ESET researchers have discovered PrompLock, a generative AI-powered ransomware implant currently in…
Emulating the Expedited Warlock Ransomware
Introduction Warlock is a ransomware strain operating under the Ransomware-as-a-Service (RaaS) model that emerged in June 2025, following an…
NVIDIA NeMo AI Curator Enables Code Execution and Privilege Escalation
NVIDIA has issued a critical security bulletin addressing a high-severity vulnerability in its NeMo Curator platform that could allow…
New Zip Slip Vulnerability Allows Attackers to Manipulate ZIP Files During Decompression
A newly observed variant of the Zip Slip vulnerability has emerged, enabling threat actors to exploit path traversal flaws in widely used…
Docker Desktop Vulnerability Allowed Host Takeover on Windows, macOS
A critical vulnerability (CVE-2025-9074) in Docker Desktop for Windows and macOS was fixed. The flaw allowed a malicious container to escape…
300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158
Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which…
HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands
Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay…
Black Hat Ignites Under Vegas Lights
Driving through the quiet, endless beauty of the Nevada desert, I let the raspy voice of Jim Morrison carry me forward. “The End”…
Ten Years of Resilience, Innovation & Community-Driven Defense
The world of cybersecurity has been a wild ride over the last decade. As attackers stepped up their game year over year, the security…
Tech Manufacturer Data I/O Hit by Ransomware
A leading data and security programming specialist is scrambling to restore operations after a ransomware incident, a new regulatory filing…
Chinese APT Hackers Using Proxy and VPN Service to Anonymize Infrastructure
In recent months, cybersecurity researchers have observed a surge in targeted campaigns by a sophisticated Chinese APT group leveraging…
Microst Restricts MAPP with China
The summer of 2025 brought a seismic shift in the way Microsoft engages with the global cybersecurity community. At the heart of the story: a…
Onderzoeker: ransomware-aanval op telecombedrijf Colt via SharePoint-server
De ransomware-aanval op het Britse telecombedrijf Colt heeft plaatsgevonden via een gecompromitteerde SharePoint-server, zo stelt…
Critical Tableau Server Vulnerability Let Attackers Upload Malicious Files
A critical security flaw in Tableau Server could enable attackers to upload and execute malicious files, potentially leading to complete…
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary…
August 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 13 Critical Vulnerabilities Among 107 CVEs
Microsoft has addressed 107 vulnerabilities in its August 2025 security update release. This month’s patches include fixes for one…
Weekly Cybersecurity News Recap : Apple 0-day, Chrome, Copilot Vulnerabilities and Cyber Attacks
This past week was packed with high-severity disclosures and active exploitation reports across the global threat landscape. At the forefront,…
Datadog threat roundup: Top insights for Q2 2025
As a leading provider in observability and cloud security, Datadog has unique insight into threat actor behavior that targets cloud…
CVE-2025-48384: Git vulnerable to arbitrary file write on non-Windows systems
Update - July 11, 2025: We are making a correction to the Git CLI versions vulnerable to this based on updates to the GitHub advisory around…
The obfuscation game: MUT-9332 targets Solidity developers via malicious VS Code extensions
Key points and observations Datadog Security Research discovered three malicious VS Code extensions that target Solidity developers on…