French law enforcement authorities have arrested a 22-year-old man suspected of orchestrating a recent cyberattack against the country’s Ministry of the Interior. The incident occurred in mid-December and affected the ministry’s internal email servers....
Researchers at iVerify have identified a new Android remote access trojan dubbed Cellik, which blends the capabilities of full-fledged spyware with the ability to masquerade as legitimate applications from Google Play. The malware is...
The Kimwolf botnet has drawn intense scrutiny after researchers at QiAnXin XLab reported that it had infected more than 1.8 million Android-based devices. The compromised army includes smart TVs, set-top boxes, and tablets, all...
Since early December 2025, SOC teams in Japan have been observing a wave of attacks exploiting React2Shell (CVE-2025-55182)—a remote code execution vulnerability in React/Next.js that already has a public proof of concept and is...
GroupPolicyBackdoor is a python utility for Group Policy Objects (GPOs) manipulation and exploitation. GPO attack vectors can very often lead to impactful privilege escalation scenarios in Active Directory environments. And yet, offensive security professionals may...
In October 2025, experts at Kaspersky Lab uncovered a new wave of targeted attacks attributed to the ForumTroll group. Whereas earlier campaigns primarily focused on organizations, this iteration shifted its attention to individuals—political scientists,...
Researchers at Gen have reported a new WhatsApp account-takeover technique dubbed GhostPairing. The attack appears mundane and arouses little suspicion, yet it ultimately grants attackers full access to a victim’s chats, media files, and...
Researchers at Check Point Research have uncovered a large-scale espionage operation conducted by the Chinese APT group Ink Dragon, which repurposes compromised government servers into a distributed command-and-traffic relay network—effectively turning the victims themselves...
Cymulate Research Labs has uncovered a local privilege escalation vulnerability in Microsoft Windows Admin Center (WAC) version 2.4.2.1, affecting all WAC installations up to version 2411. The issue stems not from an obscure logic...
Japanese company Internet Initiative Japan (IIJ) has reported observing a new variant of the malware known as Type 1 Backdoor, which is attributed to the cyber-espionage group DRBControl. Analysis indicates that the attacks employ...