API Threats Surge to 40,000 Incidents in 1H 2025
The financial services, telecoms and travel sectors were in the crosshairs of threat actors in the first half of the year, after Thales…
40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials
Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm registry that has affected more than 40 packages…
Microsoft says Windows September updates break SMBv1 shares
Microsoft has confirmed that the September 2025 Windows security updates are causing connection issues to Server Message Block (SMB) v1…
6 Browser-Based Attacks Security Teams Need to Prepare For Right Now
Attacks that target users in their web browsers have seen an unprecedented rise in recent years. In this article, we'll explore what a…
⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More
In a world where threats are persistent, the modern CISO's real job isn't just to secure technology—it's to preserve institutional trust…
PoC Available: FlowiseAI Flaw (CVE-2025-58434) Allows Full Account Takeover (CVSS 9.8)
The open-source generative AI development platform FlowiseAI, widely used for building AI agents and LLM workflows, has been found vulnerable…
Digiever NVR Flaws (CVE-2025-10264, CVE-2025-10265) Let Hackers Steal Credentials & Take Control
The Taiwan Computer Emergency Response Team (TWCERT/CC) has issued a vulnerability note warning of two critical security flaws in…
CVE-2025-9556 (CVSS 9.8):Critical Vulnerability in LangChainGo Puts LLM Apps at Risk
The rise of large language model (LLM) applications has made frameworks like LangChain and its ports foundational for developers worldwide.…
Phishing Wave Hits U.S. Energy Giants: Chevron, ConocoPhillips Targeted
The U.S. energy industry has become a prime target for large-scale phishing operations in 2025, according to new research from Hunt…
Muck Stealer Malware Used Alongside Phishing in New Attack Waves
A new report from Cofense reveals that cybercriminals are blending phishing and malware, including Muck Stealer, Info Stealer, ConnectWise…
Palo Alto Networks User-ID Credential Agent Vulnerability Exposes password In Cleartext
A newly disclosed vulnerability in Palo Alto Networks’ User-ID Credential Agent for Windows, identified as CVE-2025-4235, could…
Chinese APT Actor Compromises Military Firm with Novel Fileless Malware Toolset
A Chinese APT group has compromised a Philippines-based military firm using a novel, sophisticated fileless malware framework dubbed…
Australia Warns of Ransomware Attacks Exploiting SonicWall VPN Flaw CVE-2024-40766
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an urgent alert regarding active exploitation of…
SonicWall SSL VPN Flaw and Misconfigurations Actively Exploited by Akira Ransomware Hackers
Threat actors affiliated with the Akira ransomware group have continued to target SonicWall devices for initial access. Cybersecurity firm…
Chinese APT Hits Philippine Military Firm with New EggStreme Fileless Malware
Bitdefender uncovers EggStreme, a fileless malware by a China-based APT targeting the Philippine military and APAC organisations.…
New Fileless Malware Attack Uses AsyncRAT for Credential Theft
LevelBlue Labs has published new research on a recent attack that used a fileless loader to deliver AsyncRAT, a well-known Remote Access…
Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide
Many people believe that smartphones are somehow less of a target for threat actors. They couldn’t be more wrong.Bitdefender Labs warns…
CVE-2025-52882: WebSocket authentication bypass in Claude Code extensions
A critical vulnerability in Claude Code for Visual Studio Code (VS Code) and other IDE extensions allowed malicious websites to connect to…
Datadog threat roundup: Top insights for Q2 2025
As a leading provider in observability and cloud security, Datadog has unique insight into threat actor behavior that targets cloud…
Backdoors & Breaches gameplay guide
At DASH 2025, we released a Datadog expansion pack of Backdoors & Breaches, a popular incident response card game by Black Hills…
I SPy: Escalating to Entra ID's Global Admin with a first-party app
This research was presented at fwd:cloudsec North America on June 30th, 2025. You can find the talk here. Key points Service principals (SPs)…
The obfuscation game: MUT-9332 targets Solidity developers via malicious VS Code extensions
Key points and observations Datadog Security Research discovered three malicious VS Code extensions that target Solidity developers on…
Tales from the cloud trenches: The Attacker doth persist too much, methinks
As a result of a recent threat hunt, we observed attacker activity originating from a leaked long-term AWS access key (AKIA*). Within a…
RedisRaider: Weaponizing misconfigured Redis to mine cryptocurrency at scale
Key points and observations Datadog Security Research has discovered a new Linux cryptojacking campaign, named RedisRaider, targeting publicly…
Datadog threat roundup: Top insights for Q1 2025
As a leading provider in observability and cloud security, Datadog has unique insight into threat actor behavior that targets cloud…
Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam
Bitdefender Labs warns of an active campaign by the North Korea-linked Lazarus Group, targeting organizations by capturing credentials and…
Unfading Sea Haze: New Espionage Campaign in the South China Sea
Bitdefender researchers investigated a series of incidents at high-level organizations in countries of the South China Sea region, all…