Researchers at StrikeReady uncovered a targeted campaign exploiting a zero-day in the Zimbra Collaboration Suite (ZCS) — a widely used open-source mail platform deployed by numerous governments and enterprises. Tracked as CVE-2025-27915, the flaw...
A hacker collective known as UAT-8099 is presently conducting an active campaign to promote malicious content in search results by compromising Microsoft IIS servers across multiple countries. Cisco Talos researchers found that this Mandarin-language...
A cybercriminal group known as Lunar Spider executed a sprawling operation that began with a single click on a bogus file and culminated in weeks of sustained control over the victim’s infrastructure. According to...
Experts at Microsoft Threat Intelligence have documented an attack in which adversaries, for the first time, employed artificial intelligence to disguise phishing code, with the aim of stealing corporate credentials from U.S.-based companies. The...
Researchers at Stripe OLT’s SOC have uncovered a large-scale, targeted phishing campaign aimed at senior executives and top managers across multiple industries. The attackers distribute emails disguised as internal correspondence from HR departments, inviting...
Cybercriminals have discovered a way to weaponize Cisco’s own security mechanisms against its users. Researchers at Raven have documented a credential theft campaign in which attackers learned to exploit Cisco’s Safe Links technology—a tool...
Cyberattacks in the first half of 2025 have accelerated to a terrifying new pace. From credential theft and ransomware assaults to leaks of sensitive information and mass session hijackings, nearly every metric in Flashpoint’s...
Researchers at CYFIRMA have issued a warning about a new wave of cyberattacks leveraging malicious Android applications disguised as legitimate banking clients. These apps are designed to steal user credentials, intercept messages, and execute...
Amid the growing popularity of Android smartphones in developing regions and the increasing accessibility of third-party app stores, cybercriminals have launched a large-scale campaign that combines two highly dangerous tactics—credential theft and click fraud—for...
Unknown threat actors have begun disseminating a counterfeit version of the SonicWall application, designed to steal credentials used to access VPNs. The campaign was uncovered by experts at SonicWall and Microsoft, who detected attempts...
The Pakistani cyber-espionage group APT36, also known as Transparent Tribe, has launched a sophisticated new phishing campaign targeting personnel within India’s defense sector. Experts at CYFIRMA have uncovered that the threat actors are employing...
