Cybercriminals have started a campaign of redirecting links placed on gaming sites and social media—and as sponsored ads—that lead to fake websites posing as Booking.com. According to Malwarebytes ...
EXECUTIVE SUMMARY In May 2025, a set of critical zero-day vulnerabilities was disclosed in Versa Concerto, a popular SD-WAN and SASE solution used across enterprises for secure cloud and network o...
Community bank MainStreet Bancshares says thieves stole data belonging to some of its customers during an attack on a third-party provider. Showing how vendors along the supply chain are often the...
Qualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact dozens of chipsets and are actively exploited in targeted a...
Two local information-disclosure vulnerabilities have been identified in popular Linux crash-reporting tools, allowing attackers to access sensitive system data. The vulnerabilities, uncovered by ...
Socket’s Threat Research Team has uncovered an ongoing supply chain attack targeting the RubyGems ecosystem. A threat actor using the aliases Bùi nam, buidanhnam, and si_mobile published two malici...
Source: Splunk Advisory ID: SVD-2025-0602 CVE ID: CVE-2025-20298 Description: In Universal Forwarder for Windows versions below 9.4.2, 9.3.4, 9.2.6, and 9.1.9, a new installation of or an upgrade ...
OpenSSH has become a standard tool for secure remote management on both Linux and Windows systems. Since its inclusion as a default component in Windows 10 version 1803, attackers have increasingl...
New research from Checkmarx Zero has unveiled a unique malicious software campaign that targets Python and NPM users on both Windows and Linux systems. Security researcher Ariel Harush at Checkmar...
Established in 2016, the TrickBot group is believed to have infected millions of computers worldwide, exfiltrating sensitive information such as credentials, banking and credit card details, and pe...
An infostealer strain known as ‘Acreed’ could become the new market leader in credential theft malware, according to ReliaQuest. The cybersecurity company’s threat research team investigated the R...
Mommy, also known as “Miyako” or “Miya,” is an emerging and sophisticated cyber threat actor that has gained attention since 2024 due to their advanced cyber-espionage capabilities and active invol...
I was playing around with HackPad on Hackvertor when I remembered that Safari used to have an XSS issue in the actual TypeError. I’d used it before, but it caught my attention again because I’d rec...
What is the Interlock ransomware? Interlock is a relatively new strain of ransomware, that first emerged in late 2024. Unlike many other ransomware families it not only targets Windows PCs, but al...
The first quarter of 2025 saw the continued publication of vulnerabilities discovered and fixed in 2024, as some researchers were previously unable to disclose the details. This partially shifted t...
During mid-May 2025, eSentire’s Threat Response Unit (TRU) identified active exploitation of a critical security flaw (CVE-2025-4632) within Samsung MagicINFO 9 Server installations. This vulnerabi...
Last week, the US Department of Justice (DOJ) announced the disruption of the LummaC2 infostealing-malware. This was achieved through sweeping domain seizures in coordination with Microsoft, which ...
Introduction As we’ve explored in numerous articles and Malware of the Day posts, there is no shortage of communication protocols threat actors can utilize for C2 communication. And while there is ...
This time it’s a “Smart Device”, or as previously mentioned on this blog an internet connected “adult only toy”. But also it could just as easily have been via the house “Smart Meter”… Any electric...
“Russian-linked hackers targeted U.K. Defense Ministry staff in an espionage operation while posing as journalists, Sky News reported on May 29, citing the British government. The cyber attack was...