Resurgence of Monero-mining Malware Is it the same XMRig threat from the past? What is apparent with the current XMRig threat is its multi-staged approach and use of LOLBAS (Living Off the Land B...

Source: Cybereason Excerpt: Delivery Mechanism Threat actors utilize phishing campaigns to distribute a malicious website link through: Phishing emails PDF attachments Gaming websites Att...

Technical Details We’ll skimp on a bunch of internal background information for NetScaler for the sake of brevity, but if you’re interested in reading further, here are a few good write-ups to get...

Since early March 2025, our systems have recorded an increase in detections of similar files with names like договор-2025-5.vbe, приложение.vbe, and dogovor.vbe (translation: contract, attachment) ...

Key Takeaways BERT (tracked by Trend Micro as Water Pombero) is a newly emerged ransomware group targeting both Windows and Linux platforms, with confirmed victims in Asia, Europe, and the US, par...

On June 17th, 2025, two critical vulnerabilities - CVE-2025-5349 and CVE-2025-5777 - were disclosed in Citrix Netscaler ADC and Netscaler Gateway, enabling unauthorized access to sensitive resource...

Extensions analyzed expose information such as browsing domains, machine IDs, OS details, usage analytics, and more. Many users assume that popular Chrome extensions adhere to strong security prac...

An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. Ingram Micro is one of the world’s l...

Executive Summary CYFIRMA has identified a sophisticated cyber-espionage campaign orchestrated by APT36 (also known as Transparent Tribe), a threat actor based in Pakistan. This campaign specifical...

Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers as a part of a zero-...

Excerpt: “You’ve decided to build a network over the weekend. Why, you ask? Because you can. Saturday morning comes, and you’re sitting there (naturally, Bambi is by your side) building your netwo...

Cybersecurity researchers disclosed two vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit the vulnerabilities to escalate privi...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-52554 n8n-io - n8n n8n...

Software installer packages are a cornerstone of user-friendly software distribution. Tools like Inno Setup, NSIS (Nullsoft Scriptable Install System), and InstallShield help developers bundle thei...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2025-45424 n/a - n/a Incorr...

Executive Summary DPRK threat actors are utilizing Nim-compiled binaries and multiple attack chains in a campaign targeting Web3 and Crypto-related businesses. Unusually for macOS malware, the thr...

Key Findings Silent Push Threat Analysts followed a tip from Mexican journalist Ignacio Gómez Villaseñor about a threat actor targeting “Hot Sale 2025,” an annual sales event similar to “Black Fri...

Qantas, Australia’s largest airline, disclosed a cyberattack after hackers accessed a third-party platform used by a call centre, stealing significant customer data. The breach, linked to ongoing S...

This research uncovers the previously unknown family of Android SMS stealers identified during our previous investigation on Ajina. This family is named Qwizzserial, after the common Java package n...

Key points of this blogpost: Gamaredon refocused exclusively on targeting Ukrainian governmental institutions in 2024, abandoning prior attempts against NATO countries. The group significantl...