Arctic Wolf reports the first confirmed intrusions into customer networks in which attackers logged into FortiGate devices via FortiCloud SSO shortly after the disclosure of two critical authentication-bypass vulnerabilities—CVE-2025-59718 and CVE-2025-59719. According to the...
French law enforcement authorities have arrested a 22-year-old man suspected of orchestrating a recent cyberattack against the country’s Ministry of the Interior. The incident occurred in mid-December and affected the ministry’s internal email servers....
Researchers at iVerify have identified a new Android remote access trojan dubbed Cellik, which blends the capabilities of full-fledged spyware with the ability to masquerade as legitimate applications from Google Play. The malware is...
The Kimwolf botnet has drawn intense scrutiny after researchers at QiAnXin XLab reported that it had infected more than 1.8 million Android-based devices. The compromised army includes smart TVs, set-top boxes, and tablets, all...
Since early December 2025, SOC teams in Japan have been observing a wave of attacks exploiting React2Shell (CVE-2025-55182)—a remote code execution vulnerability in React/Next.js that already has a public proof of concept and is...
In October 2025, experts at Kaspersky Lab uncovered a new wave of targeted attacks attributed to the ForumTroll group. Whereas earlier campaigns primarily focused on organizations, this iteration shifted its attention to individuals—political scientists,...
Researchers at Gen have reported a new WhatsApp account-takeover technique dubbed GhostPairing. The attack appears mundane and arouses little suspicion, yet it ultimately grants attackers full access to a victim’s chats, media files, and...
Researchers at Check Point Research have uncovered a large-scale espionage operation conducted by the Chinese APT group Ink Dragon, which repurposes compromised government servers into a distributed command-and-traffic relay network—effectively turning the victims themselves...
Cymulate Research Labs has uncovered a local privilege escalation vulnerability in Microsoft Windows Admin Center (WAC) version 2.4.2.1, affecting all WAC installations up to version 2411. The issue stems not from an obscure logic...
Japanese company Internet Initiative Japan (IIJ) has reported observing a new variant of the malware known as Type 1 Backdoor, which is attributed to the cyber-espionage group DRBControl. Analysis indicates that the attacks employ...
A security researcher has demonstrated how a “booby-trapped” e-book can turn an ordinary Kindle into a gateway to a user’s Amazon account—granting access to payment details and even enabling one-click purchases. Valentino Ricotta crafted...
Researchers at Koi Security have identified a new malicious campaign dubbed GhostPoster, targeting users of the Firefox browser. As part of the operation, attackers distributed extensions that appeared harmless and even amassed tens of...
