Researchers at Arctic Wolf have reported a new campaign, dubbed GPUGate, in which adversaries exploit Google Ads and fraudulent GitHub commits to distribute malware targeting IT firms and developers across Western Europe. Active since...
An independent researcher named Alexander Popov has unveiled a novel exploitation technique for a critical Linux kernel vulnerability, identified as CVE-2024-50264. This use-after-free flaw in the AF_VSOCK subsystem has existed since kernel version 4.8...
At least eighteen widely used JavaScript packages on NPM—with a combined weekly download volume exceeding two billion—were briefly compromised with malicious code after a phishing attack on one of the maintainers. Although the incident...
Insikt Group has published a comprehensive study on two influence networks that were active during the conflict between India and Pakistan in the spring of 2025. The report highlights Hidden Charkha, which promoted pro-Indian...
A newly disclosed vulnerability in the HTTP/2 protocol, dubbed MadeYouReset (CVE-2025-8671), was revealed on August 13, 2025. The flaw allows an attacker to send specially crafted protocol frames that force the server to repeatedly...
A critical vulnerability has been identified in Apache Jackrabbit, exposing systems to remote code execution and the potential compromise of corporate infrastructure. Tracked as CVE-2025-58782, the flaw impacts two key components — Jackrabbit Core...
In mid-August, researchers encountered a new ransomware strain, Cephalus, in two separate incidents. Following the recent emergence of families such as Crux and KawaLocker, attention was quickly drawn to a ransom note that began...
The Australian Institute of Criminology has unveiled a comprehensive study exposing the inner workings of ransomware syndicates and their impact on Australia and allied nations. Researchers analyzed 865 attacks recorded between 2020 and 2022...
In recent months, specialists at Acronis TRU have observed a surge in attacks where adversaries deploy counterfeit installers of ConnectWise ScreenConnect to gain initial access into the networks of American companies. This strategy reflects...
Penelope is a powerful shell handler built as a modern netcat replacement for RCE exploitation, aiming to simplify, accelerate, and optimize post-exploitation workflows. Features Session Features Description Unix with Python>=2.3 Unix without Python>=2.3 Windows...