Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft’s Direct Send feature to form a “highly…
How External Attack Surface Management helps enterprises manage cyber risk
Every day, businesses spin up new digital services (websites, APIs, and cloud instances) and it can be for security teams to keep track.…
Microsoft: Anti-spam bug blocks links in Exchange Online, Teams
Microsoft is working to resolve a known issue that causes an anti-spam service to mistakenly block Exchange Online and Microsoft Teams…
Axios User Agent Helps Automate Phishing on “Unprecedented Scale”
Security experts have warned of a huge uptick in automated phishing activity abusing the Axios user agent and Microsoft’s Direct Send…
Microsoft testing new AI features in Windows 11 File Explorer
Microsoft is testing new File Explorer AI-powered features that will enable Windows 11 users to work with images and documents without needing…
Chinese Cyber Espionage Campaign Impersonates US Congressman
US lawmakers have accused the Chinese government of being behind a cyber espionage campaign that impersonated a prominent Congressman. The…
From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks
Cybersecurity researchers have disclosed details of a phishing campaign that delivers a stealthy banking malware-turned-remote access trojan…
GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms
Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver…
MostereRAT Targets Windows Users With Stealth Tactics
A phishing campaign delivering a new strain of malware, MostereRAT, has been uncovered by cybersecurity researchers. The Remote Access Trojan…
Remote Access Abuse Biggest Pre-Ransomware Indicator
Abuses of remote access software and services are the most common ‘pre-ransomware’ indicators, according to new research from…
⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More
Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams,…
Noisy Bear Campaign Targeting Kazakhstan Energy Sector Outed as a Planned Phishing Test
A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan. The activity,…
CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation
Federal Civilian Executive Branch (FCEB) agencies are being advised to update their Sitecore instances by September 25, 2025, following the…
Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries
The Russian state-sponsored hacking group tracked as APT28 has been attributed to a new Microsoft Outlook backdoor called NotDoor in attacks…
GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to…
Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats
An Iran-nexus group has been linked to a “coordinated” and “multi-wave” spear-phishing campaign targeting the…
Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware
The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable driver associated with WatchDog…
⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update,…
ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics
Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka…
Another Ryzen 9000 CPU Burnout: What’s Really Going On?
Ddos September 1, 2025 Earlier this year, reports emerged of Asrock motherboards paired with processors such as the 9800X3D suffering…
WhatsApp warns of 'attack against specific targeted users'
Infosec In brief A flaw in Meta’s WhatsApp app “may have been exploited in a sophisticated attack against specific targeted…
Weekly Cybersecurity News Recap : WhatsApp, Chrome 0-Day, AI Ransomware and Cyber Attacks
Welcome to your Weekly Cybersecurity News Recap. This week, the digital world faced a fresh wave of threats, underscoring the relentless…
Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling
Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring…
BadSuccessor (CVE-2025-53779) Technique Persists Despite Microsoft Patch
Ddos August 30, 2025 At DEF CON 2025, Akamai security researcher Yuval Gordon revealed the story of BadSuccessor (CVE-2025-53779), an Active…
MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months
Ddos August 30, 2025 XLab has identified a previously unknown and stealthy backdoor dubbed MystRodX, capable of operating undetected in…
Windows 11 KB5064081 update clears up CPU usage metrics in Task Manager
Microsoft has released the KB5064081 preview cumulative update for Windows 11 24H2, which includes thirty-six new features or…
Microsoft fixes bug behind Windows certificate enrollment errors
Microsoft has resolved a known issue causing false CertificateServicesClient (CertEnroll) error messages after installing the July 2025…
Microsoft to enforce MFA for Azure resource management in October
Starting in October, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect Azure…
The Good, the Bad and the Ugly in Cybersecurity – Week 35
The Good | Interpol Cracks Down on Cybercrime as U.S. Sanctions North Korean IT Scheme Interpol announced the arrest of over 1200 suspects in…
Microsoft says recent Windows update didn't kill your SSD
Microsoft has found no link between the August 2025 KB5063878 security update and customer reports of failure and data corruption issues…
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked…
Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign
An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an…
State-Sponsored Hackers Behind Majority of Vulnerability Exploits
The majority (53%) of attributed vulnerability exploits in the first half 2025 were conducted by state-sponsored actors for strategic,…
Microsoft Word will save your files to the cloud by default
Microsoft says that Word for Windows will soon enable autosave and automatically save all new documents to the cloud by default. The…
BadSuccessor Post-Patch: Leveraging dMSAs for Credential Acquisition and Lateral Movement in Active Directory
Microsoft’s recent patch for the BadSuccessor vulnerability (CVE-2025-53779) has successfully closed the direct privilege escalation…
Fake IT Support Attacks Hit Microsoft Teams
A new wave of phishing attacks abusing Microsoft Teams to deliver malware has been uncovered by security researchers. The campaigns, observed…
ShadowSilk Leveraging Penetration-Testing Tools, Public Exploits to Attack Organizations
ShadowSilk first surfaced in late 2023 as a sophisticated threat cluster targeting government entities across Central Asia and the broader…
Malicious VS Code Extensions Exploit Name Reuse Loophole
A new campaign involving malicious Visual Studio Code (VS Code) extensions has exposed a loophole in the VS Code Marketplace that allows…
When Best Practices Aren’t Enough: UK Breaches Underscore the Importance of Compromise Assessments
Despite extensive guidance from national authorities, several prominent UK organizations have recently suffered significant cyber attacks.…
Hidden Vulnerabilities of Project Management Tools & How FluentPro Backup Secures Them
Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens…
Ransomware Actor Deletes Data and Backups Post-Exfiltration on Azure
A threat actor has destroyed data and backups following exfiltration in a victim’s Microsoft Azure environment in a novel cloud-based…
Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks
The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion…