Trending Threats

AkiraAkira RansomwareCyberattackRansomware

Apache OpenOffice Denies Akira Ransomware Breach Claims

5h ago • Msn

• 100% similarity

Akira ransomware has claimed to have breached Apache OpenOffice, alleging the theft of 23GB of sensitive corporate data. However, Apache has denied these claims, asserting that OpenOffice's open-source nature protects it from such breaches.

Threat Score 63.5

GOLD BladeINCQWCrypt LockerCyber AttackData Exfiltration

3 New Articles

GOLD BLADE Ransomware Campaign Using QWCrypt Locker Identified

7h ago • Cyberpress

• 95% similarity

Between February 2024 and August 2025, Sophos threat analysts identified nearly 40 intrusions linked to the GOLD BLADE ransomware campaign. This campaign utilizes a custom QWCrypt locker for data exfiltration and ransomware deployment, affecting various organizations during this period.

Threat Score 60.7

14h ago • Api.Msrc.Microsoft

HOT 3 New Articles

Multiple Vulnerabilities in Windows RRAS Allow Remote Code Execution and Information Disclosure

• 93% similarity

Three vulnerabilities have been identified in the Windows Routing and Remote Access Service (RRAS). CVE-2025-62549 and CVE-2025-64678 allow unauthorized remote code execution, while CVE-2025-62473 enables information disclosure. These vulnerabilities affect systems utilizing RRAS, potentially exposing them to attacks over a network.

Information DisclosureRemote Code ExecutionBuffer overflowCVE-2025-62473CVE-2025-62549

Threat Score 58.1

APT 3INCDenial of ServiceDenial Of ServiceDoS

Critical DoS Vulnerability in python-apt Affects Multiple Ubuntu Releases

10h ago • Linuxsecurity

• 84% similarity

A critical denial of service vulnerability has been identified in python-apt, affecting multiple Ubuntu versions including 25.10, 25.04, and several LTS releases. Discovered by Julian Andres Klode, the flaw allows attackers to crash python-apt by exploiting improperly handled deb822 configuration files.

Threat Score 57.4

Code InjectionCVE-2025-42880

Critical Code Injection Vulnerability in SAP Solution Manager Disclosed

7h ago • Cyberpress

• 78% similarity

SAP has released critical security patches addressing a code injection vulnerability in SAP Solution Manager (ST 720), tracked as CVE-2025-42880. This vulnerability is rated Critical and affects users of the affected SAP solutions, necessitating immediate attention to apply the patches.

Threat Score 54.6

ExploitShields UpIdaIDAping

CISA Adds Two Exploited Vulnerabilities to Catalog

10h ago • Cisa

• 55% similarity

The Cybersecurity and Infrastructure Security Agency (CISA) has added two known exploited vulnerabilities to its catalog. These vulnerabilities affect various systems and could potentially allow unauthorized access or control. Organizations are advised to take immediate action to mitigate these risks.

Threat Score 53.4

ContiINCCyber AttackExploitHacking

Burp Suite Enhances Scanner for React2Shell Vulnerabilities

12h ago • Gbhackers

• 79% similarity

Burp Suite has upgraded its scanning capabilities to detect critical React2Shell vulnerabilities in JavaScript applications. Both editions of Burp Suite now include the latest detection logic, allowing users to validate their exposure and perform automated scans effectively.

Threat Score 50.9

Ruby SAML Vulnerability Allows Authentication Bypass

7h ago • Cyberpress

• 85% similarity

A critical vulnerability in the Ruby SAML library enables attackers to perform signature wrapping attacks, allowing them to bypass SAML authentication entirely. This flaw affects systems relying on the Ruby SAML library for secure authentication processes. Organizations using this library are urged to assess their security measures and apply necessary updates.

Cyber AttackHackingping

Threat Score 50.2

5h ago • Infosecurity-Magazine

Malicious VS Code Extensions Distribute Infostealers to Developers

• 88% similarity

Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, were found on the VS Code marketplace, capable of stealing screenshots, browser sessions, and stored credentials. The extensions were reported by Koi Security and utilized social engineering tactics to deliver a DLL-based infostealer to developers' machines.

ContiHiveINCMalwareSocial Engineering

Threat Score 50.1

PythonCVE-2025-12817CVE-2025-12818

openSUSE Leap 15.6 Addresses PostgreSQL 13 Critical Vulnerabilities

13h ago • Linuxsecurity

• 95% similarity

openSUSE Leap 15.6 has released an update for PostgreSQL 13 to address critical vulnerabilities, specifically CVE-2025-12817 and CVE-2025-12818. These vulnerabilities include a missing privilege check in CREATE STATISTICS and an integer overflow in libpq, affecting users of PostgreSQL 13.23.

Threat Score 48.9

Data Breach at Western Wayne Discovered on January 30, 2025

6h ago • Finance.Yahoo

• 89% similarity

Western Wayne reported unauthorized activity on January 30, 2025, leading to a data breach. The company has since taken steps to enhance security and is collaborating with a cybersecurity firm to investigate the incident.

Data Breach

Threat Score 48.2

21h ago • Api.Msrc.Microsoft

Multiple Bluetooth Vulnerabilities Addressed in Recent Microsoft Updates

• 82% similarity

Microsoft has published information on two critical Bluetooth vulnerabilities: CVE-2025-40309 and CVE-2025-39981. The first vulnerability involves a use-after-free (UAF) issue in the SCO connection handling, while the second addresses possible UAFs in the MGMT protocol. Affected systems include those utilizing Bluetooth technology.

UAFCVE-2025-39981CVE-2025-40309

Threat Score 47.7

13h ago • Cybersecuritynews

Operation FrostBeacon Targets Finance and Legal Sectors with Cobalt Strike Malware

• 92% similarity

Operation FrostBeacon is a cybercrime campaign identified by Seqrite Labs, focusing on finance and legal departments. The campaign employs Cobalt Strike malware to compromise organizations, indicating a sophisticated attack strategy. Details on the specific vulnerabilities exploited or the timeline of attacks remain limited.

Cyber AttackHackingMalwareOperation FrostBeaconCobalt Strike

Threat Score 46.6

10h ago • Cybersecuritynews

3 New Articles

MetaRAT Malware Deployed via Ivanti Connect Secure Vulnerabilities

• 95% similarity

A China-based advanced persistent threat (APT) group has exploited vulnerabilities in Ivanti Connect Secure to deploy MetaRAT malware. Japan's cybersecurity firm LAC has confirmed the targeted nature of this attack, affecting organizations using the Ivanti platform.

CARRINCCyber AttackExploitHacking

Threat Score 45.2

8h ago • Cybersecuritynews

HOT 3 New Articles

CTERA Ransom Protect Achieves 100% Detection Against Ransomware

9h ago • Finance.Yahoo

• 82% similarity

CTERA announced that its Ransom Protect feature has achieved 100% detection rates across leading ransomware families. This AI-driven ransomware prevention solution significantly reduces file encryption and operational impact for users. The CTERA Intelligent Data Platform is now also available in the AWS Marketplace.

Vishing Attack Uses Microsoft Teams and QuickAssist to Spread .NET Malware

• 92% similarity

A new vishing attack has been identified that exploits Microsoft Teams and QuickAssist to deploy .NET malware. This attack targets users through social engineering tactics, potentially affecting organizations that utilize these platforms. The malware is designed to compromise systems and steal sensitive information.

INCCyber AttackExploitHackingMalware

Threat Score 43.2

INCCyber AttackExploitHackingMalware

3 New Articles

Malicious VS Code Extensions Exploit Microsoft Registry to Steal WiFi Passwords

8h ago • Gbhackers

• 87% similarity

A series of malicious Visual Studio Code extensions have been identified, exploiting vulnerabilities in the Microsoft Registry to steal WiFi passwords and capture screens. Users of Windows systems are particularly affected due to weak registry and process controls that allow these extensions to operate undetected.

Threat Score 42.5

8h ago • Cybersecuritynews

Prompt Injection Attack via Malicious MCP Servers Drains System Resources

• 79% similarity

A new prompt injection attack has been identified, leveraging malicious MCP servers to drain system resources. This attack targets various systems, potentially affecting numerous organizations and users reliant on these technologies. The exploit allows attackers to manipulate prompts and deplete resources stealthily.

INCCyber AttackHackingMalwarePrompt Injection

Threat Score 41.7

11h ago • Cybersecuritynews

New Mirai Botnet Variant ‘Broadside’ Targets Users with Active Attacks

• 92% similarity

A new variant of the Mirai botnet, named 'Broadside', has been identified actively attacking users. This variant exploits vulnerabilities in IoT devices, putting a wide range of users at risk. Cybersecurity experts are urging affected individuals to secure their devices against these attacks.

INCBotnetCyber AttackHackingMalware

Threat Score 39.7

St. Bonaventure University Opens New Cyber Operations Center

6h ago • Sbu.Edu

• 100% similarity

St. Bonaventure University officially opened its Cyber Operations Center on December 1, 2025. The center, funded by a $450,000 federal earmark from U.S. Rep. Nick Langworthy, aims to provide a state-of-the-art training facility for students entering the cybersecurity field. This initiative is seen as a significant investment in both the university and the regional economy.

PlayIATRaySCA

Threat Score 37.7