Latest Feed
All articles and clusters in chronological order from newest to oldest
From Friction to Function: Optimising Onboarding in an Age of AML, AI and Rising Risk
Finextra Security
From Friction to Function: Optimising Onboarding in an Age of AML, AI and Rising Risk Join this webinar, hosted in association with nCino, to the challenges of commercial onboarding, particularly...
7 obsolete security practices that should be terminated immediately
Cluster: APT41 - Zero-Day - Ransomware
Bad habits can be hard to break. Yet when it comes to security, an outdated practice is not only useless, but potentially dangerous. Breaking bad habits and building better ones is a journey that...
7 obsolete security practices that should be terminated immediately
CSO Online
Bad habits can be hard to break. Yet when it comes to security, an outdated practice is not only useless, but potentially dangerous. Breaking bad habits and building better ones is a journey that...
Chrome Update Patches Fifth Zero-Day of 2025 Developing +1
Cluster: CVE-2025-6558 - CVE-2025-7656 - Zero-Day
Google on Tuesday announced a fresh set of Chrome security updates that resolve six vulnerabilities, including one exploited in the wild.The zero-day bug, tracked as CVE-2025-6558, is described as...
Chrome Update Patches Fifth Zero-Day of 2025
SecurityWeek
Google on Tuesday announced a fresh set of Chrome security updates that resolve six vulnerabilities, including one exploited in the wild.The zero-day bug, tracked as CVE-2025-6558, is described as...
NCSC Expands Vulnerability Research to Tackle Evolving Cyber Threats
The Cyber Express
The UK’s National Cyber Security Centre (NCSC) has taken proactive steps to deepen its understanding of security vulnerabilities and improve national cyber resilience. A central pillar of this...
Former U.S. Army Member Pleads Guilty in Telecom Hacking Case Developing +1
Cluster: WannaCryptor - DDoS - XSS
Former U.S. Army Member Pleads Guilty in Telecom Hacking Case A 21-year-old former U.S. Army soldier has pleaded guilty to participating in a sophisticated cybercrime operation that targeted...
Former U.S. Army Member Pleads Guilty in Telecom Hacking Case
GB Hackers
Former U.S. Army Member Pleads Guilty in Telecom Hacking Case A 21-year-old former U.S. Army soldier has pleaded guilty to participating in a sophisticated cybercrime operation that targeted...
Iranian Threat Actors Attacking U.S. Critical Infrastructure Including Water Systems Developing +1
Cluster: DDoS - DoS - Ransomware
Iranian cyber operatives have intensified their assault on American critical infrastructure, with Intelligence Group 13 emerging as a primary threat actor targeting water treatment facilities,...
Iranian Threat Actors Attacking U.S. Critical Infrastructure Including Water Systems
Cybersecurity News
Iranian cyber operatives have intensified their assault on American critical infrastructure, with Intelligence Group 13 emerging as a primary threat actor targeting water treatment facilities,...
VMware ESXi and Workstation Vulnerabilities Let Attackers Execute Malicious Code on Host
Cluster: APT41 - CVE-2025-41236 - CVE-2025-41237
Multiple severe vulnerabilities have been addressed affectingVMware ESXi, Workstation, Fusion, and Tools that could allow attackers to execute malicious code on host systems. The vulnerabilities,...
VMware ESXi and Workstation Vulnerabilities Let Attackers Execute Malicious Code on Host
Cybersecurity News
Multiple severe vulnerabilities have been addressed affectingVMware ESXi, Workstation, Fusion, and Tools that could allow attackers to execute malicious code on host systems. The vulnerabilities,...
F5 unveils AI Assistant to automate iRules & simplify app security
Security Brief UK
F5 unveils AI Assistant to automate iRules & simplify app security F5 has introduced new AI-powered capabilities to its Application Delivery and Security Platform with the addition of the F5 AI...
Rubrik boosts AWS database security with DynamoDB, RDS tools
Security Brief UK
Rubrik boosts AWS database security with DynamoDB, RDS tools Rubrik has announced new support for Amazon DynamoDB and released a cyber resilience solution for relational databases, initially...
Octalyn Stealer Steals VPN Configurations, Passwords and Cookies in Structured Folders
Cluster: DDoS - DoS - Ransomware
A sophisticated new credential stealer disguised as a legitimate forensic toolkit has emerged on GitHub, targeting sensitive user data including VPN configurations, browser credentials, and...
Octalyn Stealer Steals VPN Configurations, Passwords and Cookies in Structured Folders
Cybersecurity News
A sophisticated new credential stealer disguised as a legitimate forensic toolkit has emerged on GitHub, targeting sensitive user data including VPN configurations, browser credentials, and...
Node.js Vulnerabilities Leave Windows Apps Vulnerable to Path Traversal and HashDoS
GB Hackers
Node.js Vulnerabilities Leave Windows Apps Vulnerable to Path Traversal and HashDoS The Node.js project has released critical security updates across multiple release lines to address two...
VMware ESXi and Workstation Vulnerabilities Allow Host-Level Code Execution
GB Hackers
VMware ESXi and Workstation Vulnerabilities Allow Host-Level Code Execution Broadcom disclosed four critical vulnerabilities in VMware’s virtualization suite on July 15, 2025, enabling attackers...
Google Chrome 0-Day Vulnerability Under Active Exploitation
GB Hackers
Google Chrome 0-Day Vulnerability Under Active Exploitation Google has released an emergency security update for Chrome 138 to address a critical zero-day vulnerability that is actively being...
North Korean Hackers Weaponized 67 Malicious npm Packages to Deliver XORIndex Malware Developing +2
Cluster: APT41 - WageMole - DDoS
North Korean threat actors have escalated their software supply chain attacks with the deployment of 67 malicious npm packages that collectively garnered over 17,000 downloads before...
North Korean Hackers Weaponized 67 Malicious npm Packages to Deliver XORIndex Malware
Cybersecurity News
North Korean threat actors have escalated their software supply chain attacks with the deployment of 67 malicious npm packages that collectively garnered over 17,000 downloads before...
Ransomware, AI & vendor risks drive billions in 2025 breaches Developing +5
Cluster: APT41 - BlackCat - Zero-Day
Ransomware, AI & vendor risks drive billions in 2025 breaches New research from Secureframe has identified ransomware, artificial intelligence-powered attacks, and social engineering as the...
Mobile app breaches cost firms USD $7 million despite confidence
Security Brief UK
Mobile app breaches cost firms USD $7 million despite confidence More than 60% of organisations have experienced at least one mobile app security incident over the past year, despite high...
Ransomware, AI & vendor risks drive billions in 2025 breaches
Security Brief UK
Ransomware, AI & vendor risks drive billions in 2025 breaches New research from Secureframe has identified ransomware, artificial intelligence-powered attacks, and social engineering as the...
DevOps platforms see surge in outages & downtime in 2024 report
Security Brief UK
DevOps platforms see surge in outages & downtime in 2024 report GitProtect.io has released a report detailing a significant increase in outages and security incidents across key DevOps platforms,...
Google Gemini vulnerability enables hidden phishing attacks Developing +1
Cluster: Turla - Phishing - Supply Chain Attack
A bug in Google Gemini allows attackers to hijack email summaries and launch phishing attacks. Google Gemini for Workspace can be abused to generate email summaries that appear legitimate but...
Google Gemini vulnerability enables hidden phishing attacks
CSO Online
A bug in Google Gemini allows attackers to hijack email summaries and launch phishing attacks. Google Gemini for Workspace can be abused to generate email summaries that appear legitimate but...
UK universities & insurers launch GBP £2 million AI risk project
Security Brief UK
UK universities & insurers launch GBP £2 million AI risk project A partnership has been launched between academic institutions and the insurance sector to develop insurance products addressing the...
Hacktivist Groups Attacks on Critical ICS Systems to Steal Sensitive Data
Cybersecurity News
The cybersecurity landscape has witnessed an alarming evolution in hacktivist operations, with threat actors increasingly shifting their focus from traditional DDoS attacks and website defacements...
7 fundamentale Cloud-Bedrohungen
CSO Online
Cloud-Sicherheitsrisiken zu ignorieren, geht nicht gut aus. Ganz besonders in diesen sieben Fällen. Dieser Artikel hilft, Unsicherheiten in Cloud-Umgebungen vorzubeugen. Foto: Roman Samborskyi |...
Google Chrome 0-day Vulnerability Actively Exploited in the Wild
Cybersecurity News
Google has released an emergency security update for Chrome, addressing a critical zero-day vulnerability that attackers are actively exploiting in real-world attacks. The tech giant confirmed...
Google's Big Sleep security AI agent foils bug exploitation
IT News Security
News Technology Security Google's Big Sleep security AI agent foils bug exploitation AI applied in more vulnerability detection scenarios. Google has used a security-specific AI agent to detect a...
Wing FTP Remote Code Execution Vulnerability Developing +4
Cluster: APT41 - Turla - Cobalt Strike
Threat Signal Report Wing FTP Remote Code Execution Vulnerability Description What is the Vulnerability? CVE-2025-47812 is a recently disclosed Remote Code Execution (RCE) vulnerability impacting...
Wing FTP Remote Code Execution Vulnerability
FortiGuard Threat Signal
Threat Signal Report Wing FTP Remote Code Execution Vulnerability Description What is the Vulnerability? CVE-2025-47812 is a recently disclosed Remote Code Execution (RCE) vulnerability impacting...
Alert: Nvidia GPUs are vulnerable to Rowhammer attacks Developing +2
Cluster: APT41 - Turla - Privilege Escalation
IT leaders need to ensure that error correction code in GPUs is turned on to avoid data compromise. Nvidia has issued a security reminder to application developers, computer manufacturers, and IT...
Alert: Nvidia GPUs are vulnerable to Rowhammer attacks
CSO Online
IT leaders need to ensure that error correction code in GPUs is turned on to avoid data compromise. Nvidia has issued a security reminder to application developers, computer manufacturers, and IT...
Netskope named Leader in Gartner SASE Magic Quadrant again
Security Brief UK
Netskope named Leader in Gartner SASE Magic Quadrant again Netskope has been named as a Leader in the Gartner Magic Quadrant for Secure Access Service Edge (SASE) Platforms for the second...
RedShield launches Third Horizon to combat rising DDoS threats
Security Brief UK
RedShield launches Third Horizon to combat rising DDoS threats RedShield has launched a new cybersecurity feature named 'Third Horizon' to provide additional protection against Distributed...
2025-07-16 - Cluster AI Daily Threat Brief
ThreatCluster
# Daily Threat Intelligence Brief - July 16, 2025 ## Executive Summary The cybersecurity landscape continues to evolve, with a significant uptick in sophisticated threats, particularly from...
France Says Russia Is Top Threat, Warns of 'Open Warfare'
Data Breach Today UK
Cyberwarfare / Nation-State Attacks,Fraud Management & Cybercrime,Government France Says Russia Is Top Threat, Warns of 'Open Warfare' Credit Eligible Get Permission France has identified Russia...
Cloudflare records largest DDoS attack at 7.3 Tbps in Q2 2025 Developing +2
Cluster: DDoS - Ransomware - DDoS Attack
Cloudflare records largest DDoS attack at 7.3 Tbps in Q2 2025 Cloudflare's latest DDoS Threat Report for Q2 2025 highlights a year-on-year increase in both the scale and complexity of distributed...
Cloudflare records largest DDoS attack at 7.3 Tbps in Q2 2025
Security Brief UK
Cloudflare records largest DDoS attack at 7.3 Tbps in Q2 2025 Cloudflare's latest DDoS Threat Report for Q2 2025 highlights a year-on-year increase in both the scale and complexity of distributed...
Trump Lifts Nvidia Chip Restrictions to China, Raising Concerns
Data Breach Today UK
Artificial Intelligence & Machine Learning,Government,Industry Specific Trump Lifts Nvidia Chip Restrictions to China, Raising Concerns Credit Eligible Get Permission President Donald Trump's...
Former Army soldier pleads guilty to widespread attack spree linked to AT&T, Snowflake and others
CyberScoop
A 21-year-oldformer Army soldier pleaded guiltyTuesday to charges stemming from a series of attacks and extortion attempts last year on telecommunications companies, including AT&T. Cameron John...
Ex-US soldier who Googled 'can hacking be treason' pleads guilty to extortion
The Register Security
Cyber-crime Ex-US soldier who Googled 'can hacking be treason' pleads guilty to extortion File this one under what not to if you've committed a crime A former US Army soldier, who reportedly...
Trump Announces Pennsylvania Will Receive $90B+ in AI and Energy Investments
TechRepublic Security
Tech companies and investors will devote more than $90 billion to AI and energy infrastructure investments in Pennsylvania, President Donald Trump and Sen. Dave McCormick (R-Pa.) announced today...
Why 'AI Fatigue' Is Risky to Cyber Leaders and Their Teams Developing +3
Cluster: APT41 - Ransomware - Advanced Persistent Threat
Artificial Intelligence & Machine Learning,Healthcare,Industry Specific Why 'AI Fatigue' Is Risky to Cyber Leaders and Their Teams Credit Eligible Get Permission The flood of new artificial...
AI transforms security, safety & efficiency in global industries
Security Brief UK
AI transforms security, safety & efficiency in global industries Artificial Intelligence Appreciation Day marks a moment to reflect on the transformative effect artificial intelligence is having...
Why 'AI Fatigue' Is Risky to Cyber Leaders and Their Teams
Data Breach Today UK
Artificial Intelligence & Machine Learning,Healthcare,Industry Specific Why 'AI Fatigue' Is Risky to Cyber Leaders and Their Teams Credit Eligible Get Permission The flood of new artificial...
'Ghost in the Machine' Exploits Spotted in Gigabyte Firmware Developing +1
Cluster: APT41 - CVE-2025-7029 - CVE-2025-7028
Endpoint Security,Governance & Risk Management,Hardware / Chip-level Security 'Ghost in the Machine' Exploits Spotted in Gigabyte Firmware Credit Eligible Get Permission Multiple high-severity...
'Ghost in the Machine' Exploits Spotted in Gigabyte Firmware
Data Breach Today UK
Endpoint Security,Governance & Risk Management,Hardware / Chip-level Security 'Ghost in the Machine' Exploits Spotted in Gigabyte Firmware Credit Eligible Get Permission Multiple high-severity...
Ransomware Gangs Actively Expanding to Attack VMware and Linux Systems
Cluster: DoS - DDoS - Ransomware
The cybersecurity landscape has experienced a dramatic shift as ransomware operators increasingly target Linux and VMware environments, abandoning their traditional focus on Windows...
Ransomware Gangs Actively Expanding to Attack VMware and Linux Systems
Cybersecurity News
The cybersecurity landscape has experienced a dramatic shift as ransomware operators increasingly target Linux and VMware environments, abandoning their traditional focus on Windows...
Fake Telegram Apps Spread via 607 Domains in New Android Malware Attack
Hackread
Fake Telegram apps are being spread through 607 malicious domains to deliver Android malware, using blog-style pages and phishing tactics to trick users.
CVE-2025-48795: Apache CXF: Denial of Service and sensitive data exposure in logs
OSS Security
oss-secmailing list archives CVE-2025-48795: Apache CXF: Denial of Service and sensitive data exposure in logs Current thread: CVE-2025-48795: Apache CXF: Denial of Service and sensitive data...
![[vim-security]: path traversal issue with zip.vim and special crafted zip archives in Vim < v9.1.1551](https://seclists.org/images/oss-sec-img.png)
[vim-security]: path traversal issue with zip.vim and special crafted zip archives in Vim < v9.1.1551
Cluster: Path Traversal - Security - Issue
oss-secmailing list archives [vim-security]: path traversal issue with zip.vim and special crafted zip archives in Vim < v9.1.1551 Current thread: [vim-security]: path traversal issue with zip.vim...
[vim-security]: path traversal issue with zip.vim and special crafted zip archives in Vim < v9.1.1551
OSS Security
oss-secmailing list archives [vim-security]: path traversal issue with zip.vim and special crafted zip archives in Vim < v9.1.1551 Current thread: [vim-security]: path traversal issue with zip.vim...
North Korean Hackers Using Fake Zoom Invites to Attack Crypto Startups
Cybersecurity News
North Korean threat actors have escalated their sophisticated cyber operations against cryptocurrency startups, deploying an evolved malware campaign that leverages fraudulent Zoom meeting...
[vim-security] path traversal issue with tar.vim and special crafted tar archives in Vim < 9.1.1552
OSS Security
oss-secmailing list archives [vim-security] path traversal issue with tar.vim and special crafted tar archives in Vim < 9.1.1552 Current thread: [vim-security] path traversal issue with tar.vim...
Seychelles Commercial Bank Confirms Customer Data Breach
Data Breach Today UK
Data Breach Notification,Data Security,Fraud Management & Cybercrime Seychelles Commercial Bank Confirms Customer Data Breach Credit Eligible Get Permission A hacker claims to have stolen and sold...
AsyncRAT Spawns Concerning Labyrinth of Forks
Dark Reading
Since surfacing on GitHub in 2019, AsyncRAT has become a poster child for how open source malware can democratize cybercrime, with a mazelike footprint of variants available across the spectrum of...
Apache Tomcat Coyote Vulnerability Let Attackers Trigger DoS Attack Developing +2
Cluster: CVE-2025-53506 - CVE-2025-52434 - DoS
A newly disclosed flaw in Apache Tomcat’s Coyote engine—tracked as CVE-2025-53506—has surfaced in the latest round of HTTP/2 security advisories. First noted in the National Vulnerability Database...
Apache Tomcat Coyote Vulnerability Let Attackers Trigger DoS Attack
Cybersecurity News
A newly disclosed flaw in Apache Tomcat’s Coyote engine—tracked as CVE-2025-53506—has surfaced in the latest round of HTTP/2 security advisories. First noted in the National Vulnerability Database...
Waltz brushes off SignalGate questions, points finger at CISA
CyberScoop
Former White House national security adviser Mike Waltz brushed aside criticisms Tuesday that he put sensitive military operations at risk by holding discussions military strikes in a Signal group...
Hidden AI Prompts Trick Academics Into Giving Research Papers Only Positive Comments
TechRepublic Security
Researchers from 14 academic institutions in eight countries hid AI prompts in their research papers to fool reviewers who use AI tools into providing positive feedback, Nikkei reported in July....
NCSC Urges Organizations to Upgrade Microsoft Windows 11 to Defend Cyberattacks Developing +1
Cluster: Sea Turtle - RCE - Zero-Day
The National Cyber Security Centre (NCSC) has issued a critical advisory urging organizations to prioritize upgrading to Windows 11 before the October 14, 2025 end-of-life deadline for Windows...
NCSC Urges Organizations to Upgrade Microsoft Windows 11 to Defend Cyberattacks
Cybersecurity News
The National Cyber Security Centre (NCSC) has issued a critical advisory urging organizations to prioritize upgrading to Windows 11 before the October 14, 2025 end-of-life deadline for Windows...
AsyncRAT seeds family of more than 30 remote access trojans Developing +1
Cluster: DDoS - DoS - Ransomware
AsyncRAT, the most prevalent remote access trojan observed in the wild, hasspawned more than 30 forks and variantsthat increase the impact of the open-source malware, making it a popular and...
AsyncRAT seeds family of more than 30 remote access trojans
CyberScoop
AsyncRAT, the most prevalent remote access trojan observed in the wild, hasspawned more than 30 forks and variantsthat increase the impact of the open-source malware, making it a popular and...
KnowBe4 launches AI-powered Prevent to tackle email risk Developing +2
Cluster: Phishing - Social Engineering - Microsoft
KnowBe4 launches AI-powered Prevent to tackle email risk KnowBe4 has launched KnowBe4 Prevent, an artificial intelligence-powered email security solution targeted at small to medium-sized...
Oracle July 2025 Critical Patch Update Addresses 165 CVEs Developing +1
Cluster: Earth Lusca - CVE-2025-47981 - CVE-2025-49719
Oracle July 2025 Critical Patch Update Addresses 165 CVEs Oracle addresses 165 CVEs in its third quarterly update of 2025 with 309 patches, including nine critical updates. Background On July 15,...
Threat Actors Mimic CNN, BBC, and CNBC Websites to Promote Investment Scams
Cluster: RCE - DDoS - Data Exfiltration
Cybersecurity researchers have identified a sophisticated international fraud campaign that leverages impersonated news websites from major outlets including CNN, BBC, CNBC, News24, and ABC News...
Risk management, legacy tech pose major threats to healthcare firms, report finds Developing +1
Cluster: Ransomware - Microsoft - Google
Risk management, legacy tech pose major threats to healthcare firms, report finds Companies have improved their recovery processes and user controls but still lag in risk preparedness, according...
Konfety Android Malware on Google Play Uses ZIP Manipulation to Imitate Legitimate Apps
Cluster: Google - Apple - Android
Sophisticated Android malware variant exploits ZIP-level manipulation and dynamic code loading to evade detection while conducting ad fraud operations targeting mobile users globally. Zimperium’s...
Virtual Event Preview: Cloud & Data Security Summit 2025 – Tackling Exposed Attack Surfaces in the Cloud Developing +5
Cluster: APT41 - Phishing - Intel
Virtual Event | Wednesday, June 16, 2025–RegisterAs organizations double down on digital transformation and cloud-first strategies, securing dynamic and complex cloud environments has become one...
DragonForce hackers claim responsibility for Belk data breach
Cluster: Scattered Spider - Ransomware - Sophos
DragonForce hackers claim responsibility for Belk data breach The North Carolina-based retailer is the latest known victim in a spree of attacks in the U.K. and U.S. DragonForce, a cyber criminal...
Threat Actors Use SVG Smuggling for Browser-Native Redirection
Cluster: Phishing - Social Engineering - Microsoft
Ontinue warns of a newly observed phishing campaign leveraging Scalable Vector Graphics (SVG) files in redirect attacks that evade traditional detection.While considered harmless image formats,...
Grok 4 mit Jailbreak-Angriff geknackt
Cluster: APT41 - Phishing - Microsoft
Sicherheitsforscher haben herausgefunden, wie sich die Sicherheitsfilter von Musks neuem Chatbot aushebeln lassen. Svet foto – shutterstock.com Erst vor wenigen Tagen präsentierte Elon Musk sein...
No Data on Devices: How Virtual Mobile Infrastructure Changes the Game
Cluster: Virtual - Data
No Data on Devices: How Virtual Mobile Infrastructure Changes the Game Credit Eligible Get Permission Today’s ISOs face relentless challenges: hybrid workforces, advanced persistent threats, and...
Digital Transformation Demands Zero Trust: How SASE is Changing EU Security
Cluster: APT41 - Gozi - Lateral Movement
Digital Transformation Demands Zero Trust: How SASE is Changing EU Security Credit Eligible Get Permission Zero Trust, SASE, and SSE are at the core of a new network security paradigm in EMEA. As...
GLOBAL GROUP RaaS Operators Enable AI-powered Negotiation Functionality
Cluster: DDoS - DoS - Ransomware
A sophisticated new ransomware-as-a-service operation has emerged with advanced AI-powered negotiation capabilities and mobile management features, targeting organizations across healthcare,...
14 Hackers Arrested in Massive Tax Fraud Scheme, Authorities Confirm Developing +1
Cluster: APT41 - Turla - DDoS
14 Hackers Arrested in Massive Tax Fraud Scheme, Authorities Confirm The arrests demonstrate the growing collaboration between UK and Romanian law enforcement agencies in combating cross-border...
2.3 Million Times Downloaded LaRecipe Tool Vulnerability Let Attackers Take Full Control Of Servers
Cluster: APT41 - CVE-2025-53833 - Remote Code Execution
A critical security vulnerability has been discovered in LaRecipe, a popular documentation generator tool that has been downloaded over 2.3 million times. The vulnerability, identified...
CISA Releases Six Industrial Control Systems Advisories Developing +1
Cluster: Siemens - ICS - Industrial Control Systems
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on July 15, 2025. These advisories provide timely information current security...
PoC Exploit Released for High-Severity Git CLI Arbitrary File Write Vulnerability
Cluster: CVE-2025-48384 - Remote Code Execution - RCE
A critical vulnerability in Git CLI enables arbitrary file writes on Linux and macOS systems, with working proof-of-concept exploits now publicly available. CVE-2025-48384, assigned a CVSS...
NCSC sets up Vulnerability Research Initiative
Cluster: QuantumLocker - Zero-Day - Ransomware
SolisImages - stock.adobe.com this item with your network: Alex Scroxton,Security Editor The UK’sNational Cyber Security Centre(NCSC) has lifted the lid on a Vulnerability Research Initiative...
Government Organizations Targeted via AWS Lambda URL Endpoint Exploits Developing +1
Cluster: Broomstick - RCE - DDoS
Government Organizations Targeted via AWS Lambda URL Endpoint Exploits Unit 42 researchers from Palo Alto Networks have been monitoring a sophisticated threat cluster designated CL-STA-1020, which...
MITRE Launches AADAPT Framework to Counter Real-World Attacks on Digital Asset Systems
Cluster: QuantumLocker - Privilege Escalation - RCE
MITRE Launches AADAPT Framework to Counter Real-World Attacks on Digital Asset Systems The MITRE Corporation has unveiled its comprehensive AADAPT™ framework (Adversarial Actions in Digital Asset...
Sesame Workshop Regains Control of Elmo’s Hacked X Account After Racist Posts Developing +2
Cluster: Phishing - X - Twitter
Sesame Workshop regained control of its Elmo account on the X platform Monday after a hacker gained access and posted a string of racist and antisemitic messages. “Elmo’s X account was compromised...
Symantec Endpoint Management Suite Vulnerability Allows Malicious Code Execution Remotely
Cluster: CVE-2025-5333 - Remote Code Execution - RCE
A critical security vulnerability has been discovered in Broadcom’s Symantec Endpoint Management Suite that enables unauthenticated remote code execution, posing significant risks to enterprise IT...
Red Bull-Themed Phishing Attacks Target Job Seekers’ Credentials
Cluster: RCE - DDoS - Phishing
Red Bull-Themed Phishing Attacks Target Job Seekers’ Credentials A few significant investments in email filtering, authentication procedures, and endpoint protection, attackers are constantly...
8 tough trade-offs every CISO must navigate Developing +1
Cluster: APT41 - Turla - Phishing
Increasing responsibilities and greater need to align with business objectives have security leaders facing greater risks — and more frequent and challenging security strategy compromises. One key...
Why Scattered Spider Persists as Major Threat to Insurers
Cluster: Scattered Spider - Data Exfiltration - Ransomware
Cybercrime as-a-service,Fraud Management & Cybercrime,Healthcare Why Scattered Spider Persists as Major Threat to Insurers Credit Eligible Get Permission Cybercrime gang Scattered Spider is the...
French cops cuff Russian pro basketball player on ransomware charges
Cluster: APT41 - WannaCryptor - Ransomware
Cyber-crime French cops cuff Russian pro basketball player on ransomware charges 'He's useless with computers and can't even install an application' says lawyer A Russian professional basketball...
CISA Flags Remote Linking Protocol Flaws Allowing Attackers to Hijack Train Brake Systems
Cluster: APT41 - CVE-2025-1727 - DoS
CISA Flags Remote Linking Protocol Flaws Allowing Attackers to Hijack Train Brake Systems The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority security alert...
CitrixBleed 2 beckons sweeping alarm as exploits spread across the globe
Cluster: APT41 - CVE-2025-5777 - CVE-2023-4966
Authorities and researchers are intensifying warnings active exploitation and pervasive scanning of a critical vulnerability affecting multiple versions of Citrix NetScaler products. There is now...
Interlock ransomware adopts FileFix method to deliver malware Developing +1
Cluster: Command and Control - Social Engineering - Windows
Interlock ransomware adopts FileFix method to deliver malware Bill Toulas July 14, 2025 02:36 PM 0 Hackers have adopted the new technique called 'FileFix' in Interlock ransomware attacks to drop...
Threat Actors Attacking Gen Z Gamers With Weaponized Versions of Popular Games
Cluster: RCE - DDoS - Phishing
A sophisticated malware campaign targeting Generation Z gamers has emerged, leveraging weaponized versions of popular games to infiltrate gaming communities and steal sensitive information. The...
New Forensic Technique Uncovers Hidden Trails Left by Hackers Exploiting Remote Desktop Protocol
Cluster: Broomstick - RCE - DDoS
Cybersecurity researchers have developed innovativeforensicmethods to track sophisticated attackers who exploit Remote Desktop Protocol (RDP) for lateral movement within enterprise networks. This...
RenderShock 0-Click Vulnerability Executes Payloads via Background Process Without User Interaction
Cluster: Remote Code Execution - RCE - Remote Code Execution
A sophisticated zero-click attack methodology called RenderShock that exploits passive file preview and indexing behaviors in modern operating systems to execute malicious payloads without...