A North Korean–linked group has, for the first time, adopted EtherHiding — a technique that conceals malicious code inside smart contracts on public blockchains and swaps payloads on the fly. Google’s Threat Intelligence Team...
In October 2025, researchers at Kaspersky Lab uncovered a malicious package on the popular npm registry named https-proxy-utils, masquerading as a legitimate proxy utility. The trojanized module was engineered to deploy AdaptixC2 on compromised...
Researchers at VUSec have unveiled Training Solo, a study that calls into question the very foundations of defenses against Spectre-v2 attacks. Where isolation of prediction domains was long believed to eliminate the possibility of...
Gladinet has released a security update for its enterprise CentreStack solution that remedies a local file inclusion (LFI) vulnerability, CVE-2025-11371 (CVSS 6.2). Attackers have been actively exploiting this flaw as a zero-day since late...
Microsoft has revoked more than two hundred digital certificates that had been exploited in attacks involving the Rhysida ransomware. These signatures were used to distribute malicious builds disguised as legitimate Microsoft Teams installers, within...
An advertisement has surfaced on the dark web offering three terabytes of data allegedly stolen from two major Russian SMS aggregators. The individual behind the post, using the pseudonym ByteToBreach, claims that the leak...
In recent weeks, a surge of phishing campaigns has emerged in which attackers impersonate popular password managers — LastPass, Bitwarden, and 1Password. Their objective is to deceive users into revealing their master password, the...
Microsoft has released its Digital Defense Report 2025, documenting a sharp surge in attacks targeting digital identities, the misuse of artificial intelligence in cybercrime, and the heightened activity of state-sponsored threat groups. According to...
The U.S. cybersecurity agency CISA has added a critical, actively exploited flaw in Adobe Experience Manager to its Known Exploited Vulnerabilities catalog: a configuration vulnerability, CVE-2025-54253, rated as a CVSS 10, which permits arbitrary...
Synacktiv researchers have documented a novel GNU/Linux rootkit, LinkPro, uncovered during an investigation into an AWS infrastructure compromise. The intrusion began with exploitation of a vulnerable Jenkins server, after which the threat actors deployed...
Researchers at Trend Micro have documented a large-scale operation codenamed ZeroDisco, in which attackers weaponized a critical flaw in Cisco’s SNMP implementation (CVE-2025-20352, CVSS 9.0) to implant rootkits and execute arbitrary code on network...
The internal announcement system at Harrisburg International Airport in Pennsylvania was temporarily disabled after unidentified individuals gained unauthorized access on the evening of October 14, broadcasting a political message calling for “Freedom for Palestine.”...
