Tracked as CVE-2025-42989 (CVSS score of 9.6), the critical bug is described as a missing authorization check in the NetWeaver application server for ABAP. According to software security firm Onap...

GreyNoise recently observed a coordinated spike in malicious activity against Apache Tomcat Manager interfaces. On June 5, 2025, two GreyNoise tags — Tomcat Manager Brute Force Attempt and Tomcat M...

Key Findings Check Point Research (CPR) discovered a new campaign conducted by the APT group Stealth Falcon. The attack used a .url file that exploited a zero-day vulnerability (CVE-2025-33053) to...

Overview A vulnerability in an Insyde H2O UEFI firmware application allows digital certificate injection through an unprotected NVRAM variable. This issue arises from the unsafe use of an NVRAM var...

Anomalous crashes on iPhones belonging to high-value individuals in the EU and US can potentially be associated with sophisticated zero-click attacks targeting an iMessage vulnerability, mobile EDR...

Source: Akamai\n\nExcerpt:\n\nThe Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of the critical remote code execution (RCE) vulnerability CVE-2025-24016 a...

Introduction Librarian Ghouls, also known as “Rare Werewolf” and “Rezet”, is an APT group that targets entities in Russia and the CIS. Other security vendors are also monitoring this APT and releas...

Vulnerability in Shipping Cost API Enables Account Hijack The flaw, discovered in version 3.8.5, stems from insecure logic in the /payu/v1/get-shipping-cost API route. Attackers can exploit this to...

United Natural Foods (UNFI), North America’s largest publicly traded wholesale distributor, was forced to shut down some systems following a recent cyberattack. The Rhode Island-based company oper...

Key Findings Silent Push Threat Analysts have uncovered a massive “fake marketplace” scam campaign we have dubbed “GhostVendors” involving online ads that impersonate dozens of major brands and spo...

Executive Summary In October 2024, SentinelLABS observed and countered a reconnaissance operation targeting SentinelOne, which we track as part of a broader activity cluster named PurpleHaze. At ...

Skeleton Spider, also known as FIN6, is a long-running financially motivated cybercrime group that has continually evolved its tactics to maximize impact and profit. While the group initially gaine...

Key Takeaways DanaBot is a Malware-as-a-Service platform that emerged in 2018 with numerous capabilities to facilitate banking fraud, information theft, and provide remote access. The platform has ...

◈ Executive Summary Deployed a covert infiltration strategy using a three-stage communication channel: Facebook, email, and Telegram. Lured targets with seemingly credible content related to Nort...

Overview APT41 is a highly sophisticated Chinese state-sponsored threat actor known for conducting both espionage and financially motivated cyberattacks. This group targets a wide range of sectors,...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2023-38674 PaddlePaddle - PaddleP...

The FBI has issued a warning that BADBOX 2.0 malware is surging through residential consumer electronics, infecting millions of internet-connected devices. The malware, often preloaded onto inexpen...

Introduction Seqrite Labs APT-Team has recently found a campaign targeting the Chinese Telecom Industry. The campaign is aimed at targeting China Mobile Tietong Co., Ltd., which is a well-known su...

Understanding the landscape of cyber threats, particularly Russian-affiliated ransomware, is a complex and evolving challenge. The traditional model of tracking distinct, unified ransomware groups ...

In 2024, we discovered new Windows-based malware called Blitz. This article provides an in-depth analysis of the malware, examines its distribution, and reviews Blitz malware’s command and control ...