GroupPolicyBackdoor is a python utility for Group Policy Objects (GPOs) manipulation and exploitation. GPO attack vectors can very often lead to impactful privilege escalation scenarios in Active Directory environments. And yet, offensive security professionals may...
In October 2025, experts at Kaspersky Lab uncovered a new wave of targeted attacks attributed to the ForumTroll group. Whereas earlier campaigns primarily focused on organizations, this iteration shifted its attention to individuals—political scientists,...
Researchers at Gen have reported a new WhatsApp account-takeover technique dubbed GhostPairing. The attack appears mundane and arouses little suspicion, yet it ultimately grants attackers full access to a victim’s chats, media files, and...
Researchers at Check Point Research have uncovered a large-scale espionage operation conducted by the Chinese APT group Ink Dragon, which repurposes compromised government servers into a distributed command-and-traffic relay network—effectively turning the victims themselves...
Cymulate Research Labs has uncovered a local privilege escalation vulnerability in Microsoft Windows Admin Center (WAC) version 2.4.2.1, affecting all WAC installations up to version 2411. The issue stems not from an obscure logic...
Japanese company Internet Initiative Japan (IIJ) has reported observing a new variant of the malware known as Type 1 Backdoor, which is attributed to the cyber-espionage group DRBControl. Analysis indicates that the attacks employ...
A security researcher has demonstrated how a “booby-trapped” e-book can turn an ordinary Kindle into a gateway to a user’s Amazon account—granting access to payment details and even enabling one-click purchases. Valentino Ricotta crafted...
Researchers at Koi Security have identified a new malicious campaign dubbed GhostPoster, targeting users of the Firefox browser. As part of the operation, attackers distributed extensions that appeared harmless and even amassed tens of...
A covert threat has been uncovered within the .NET ecosystem, stemming from the substitution of a widely used tracing library. For more than five years, a malicious package circulated in the NuGet repository, masquerading...
Microsoft has announced plans to retire the legacy RC4 algorithm from Windows authentication. The company is preparing changes that will affect Kerberos infrastructure and strengthen the resilience of corporate networks against modern threats, including...
By the end of 2025, the internet had become even more tightly bound to cloud infrastructure, mobile traffic, and automation, with protective mechanisms increasingly operating “by default” within large content delivery networks. In its...
A new wave of pressure targeting Israeli professionals linked to the defense sector has moved beyond conventional cyberattacks and into the realm of personal intimidation. A group allegedly connected to Iran has shifted its...
