MISSION2025 is a Chinese state-sponsored advanced persistent threat (APT) group linked to APT41. Active since at least 2012, the group has conducted cyberespionage and financially motivated campaig...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2018-8373 Microsoft - Internet Ex...

Executive Summary A cluster of 16 open directories containing heavily obfuscated Visual Basic Script (VBS) files was discovered, all of which included a filename of “sostener.vbs”. These VBS file...

Executive Summary Unit 42 researchers have identified a growing threat to cloud security: Linux Executable and Linkage Format (ELF) files that threat actors are developing to target cloud infrastr...

The Telegram messaging app may have ties to Russia’s Federal Security Service (FSB), according to an investigation. Independent Russian investigative outlet IStories said it has uncovered evidence...

The eMagicOne Store Manager for WooCommerce plugin is used in WordPress to simplify and improve store management by providing functionality not found in the normal WooCommerce admin interface. Two...

Google has stepped in to address a security flaw that could have made it possible to brute-force an account’s recovery phone number, potentially exposing them to privacy and security risks. The is...

Security researchers managed to access live feeds of 40,000 internet-connected cameras worldwide, highlighting significant security concerns. Supporting the bulletin issued by the Department of Ho...

While security teams scan for complex malware and zero-day exploits, cybercriminals are building targeted phishing attacks with the same tools sitting in your developers’ GitHub repositories. Our t...

Tracked as CVE-2025-42989 (CVSS score of 9.6), the critical bug is described as a missing authorization check in the NetWeaver application server for ABAP. According to software security firm Onap...

GreyNoise recently observed a coordinated spike in malicious activity against Apache Tomcat Manager interfaces. On June 5, 2025, two GreyNoise tags — Tomcat Manager Brute Force Attempt and Tomcat M...

Key Findings Check Point Research (CPR) discovered a new campaign conducted by the APT group Stealth Falcon. The attack used a .url file that exploited a zero-day vulnerability (CVE-2025-33053) to...

Overview A vulnerability in an Insyde H2O UEFI firmware application allows digital certificate injection through an unprotected NVRAM variable. This issue arises from the unsafe use of an NVRAM var...

Anomalous crashes on iPhones belonging to high-value individuals in the EU and US can potentially be associated with sophisticated zero-click attacks targeting an iMessage vulnerability, mobile EDR...

Source: Akamai\n\nExcerpt:\n\nThe Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of the critical remote code execution (RCE) vulnerability CVE-2025-24016 a...

Introduction Librarian Ghouls, also known as “Rare Werewolf” and “Rezet”, is an APT group that targets entities in Russia and the CIS. Other security vendors are also monitoring this APT and releas...

Vulnerability in Shipping Cost API Enables Account Hijack The flaw, discovered in version 3.8.5, stems from insecure logic in the /payu/v1/get-shipping-cost API route. Attackers can exploit this to...

United Natural Foods (UNFI), North America’s largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack. The Rhode Island-based company oper...

Key Findings Silent Push Threat Analysts have uncovered a massive “fake marketplace” scam campaign we have dubbed “GhostVendors” involving online ads that impersonate dozens of major brands and spo...

Executive Summary In October 2024, SentinelLABS observed and countered a reconnaissance operation targeting SentinelOne, which we track as part of a broader activity cluster named PurpleHaze. At ...