The recent vulnerability in Apple’s ecosystem — CVE-2025-43300 — has emerged as one of the most dangerous threats to the company’s users. The flaw was identified in the RawCamera.bundle module, responsible for handling Adobe’s...
The Qilin group, notorious for its ruthless methods of digital extortion, has announced the creation of a so-called “legal department.” The very phrase sounds paradoxical: can one truly speak of a legal mechanism within...
Logan Goins, a researcher at SpecterOps, has unveiled a novel technique for exploiting NTLM authentication that enables adversaries to bypass low-level access restrictions in corporate networks and offload tool execution from an infected workstation....
In the Windsurf Cascade development environment, designed for AI-driven code automation and programmer assistance, a vulnerability has been uncovered, dubbed SpAIware. This flaw allows malicious commands to be implanted into the AI system, stored...
PowerDodder is a post-exploitation persistence utility designed to stealthily embed execution commands into existing script files on the host. By leveraging files that are frequently accessed but rarely modified, it targets high-likelihood execution vectors with...
On August 16, the American company Data I/O—one of the world’s largest electronics manufacturers serving clients such as Amazon, Apple, Google, and Microsoft—fell victim to a ransomware attack. The incident proved so severe that...
A massive cryptocurrency theft has once again revealed how vulnerable users remain to the manipulations of social engineering. On August 19, an anonymous Bitcoin holder was stripped of 783 BTC — roughly $89 million...
Researchers at CrowdStrike have identified a new macOS infection campaign deploying a malware strain known as Shamos. This trojan is a variant of Atomic macOS Stealer (AMOS), a notorious Mac infostealer, and is being...
Researchers at Trellix have uncovered an unusual attack scheme targeting Linux systems, where the key element is not a malicious payload hidden within a file, but the file name itself inside an archive. The...
Microsoft has released a new test build of Windows 11, Insider Preview Build 26200.5761 (KB5064093), for participants in the Windows Insider Program on the Dev Channel. The update introduces several notable features and improvements...
A former employee has been convicted of deliberately orchestrating digital sabotage against his own company. The U.S. Department of Justice announced that 55-year-old Davis Lu, a Chinese national residing in Houston, was sentenced to...
Over the past two years, the banking sector across the Middle East, Turkey, and Africa has witnessed a marked evolution in cash-out schemes driven by so-called “money mules.” According to Group-IB, drawing on data...
