The ClayRat espionage campaign is evolving rapidly and increasingly targeting Android users. According to Zimperium, the malware is spreading actively among Russian users via fake websites and Telegram channels, disguising itself as popular applications...
Attackers have begun abusing the DFIR tool Velociraptor to stage ransomware deployments of LockBit and Babuk. Cisco Talos attributes these campaigns to a cluster known as Storm-2603, believed to operate from China. Analysts report...
According to a new report from Microsoft Threat Intelligence, the financially motivated group Storm-2657 is conducting large-scale attacks against universities and private companies, using stolen employee credentials to redirect payroll funds into their own...
Researchers at FireTail have discovered the resurrection of an old-class flaw — ASCII Smuggling — now resurfacing in a modern guise capable of subverting contemporary artificial-intelligence systems. In September 2025, the team evaluated a...
Two critical vulnerabilities discovered in the 7-Zip archiver allowed remote execution of arbitrary code when processing ZIP files. The flaws stemmed from how the program handled symbolic links within archives, enabling attackers to traverse...
In June 2025, a researcher operating under the pseudonym rick disclosed a critical vulnerability in GitHub Copilot dubbed CamoLeak, rated CVSS 9.6. The flaw enabled an attacker to surreptitiously exfiltrate sensitive information and source...
Wiz researchers have recently disclosed a critical vulnerability in Redis affecting version 8.2.1 and earlier releases. Tracked as CVE-2025-49844 with a CVSS score of 10, the flaw stems from unsafe memory handling during the...
Researchers have identified a large-scale wave of attacks orchestrated by the RondoDox botnet, which employs the so-called “exploit shotgun” technique—literally “firing at everything that moves.” This method involves automatically testing dozens of exploits in...
Forescout specialists recorded a targeted intrusion in September against a honeypot simulating the control system of a water-treatment facility. A newly emerged hacktivist collective calling itself TwoNet claimed responsibility; the group operates within an...
A new vulnerability has been discovered in OpenSSH — CVE-2025-61984 — which permits remote code execution (RCE) by abusing the ProxyCommand parameter and peculiarities in shell character handling. Exploitation is possible even in the...
A new wave of phishing attacks has laid bare just how sophisticated social-engineering techniques have become. Researchers have identified an evolved variant of the FileFix attack that exploits a cache-smuggling technique to clandestinely deposit...
The Microsoft Teams messenger, widely used for corporate communication, has increasingly become a convenient arena for cyberattacks. According to the Microsoft Threat Intelligence team, malicious actors are actively exploiting the platform for a broad...
