Anatsa Targets North America; Uses Proven Mobile Campaign Process

ThreatFabric researchers have identified a new campaign involving the Anatsa Android banking trojan, which is now targeting users in North America. This marks at least the third instance of Anatsa ...

Jul 8, 2025 MOBILE SECURITY

2025-07-08 Daily Vulns

NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2016-10033 n/a - n/a The ma...

Jul 8, 2025 VULNERABILITIES

NordDragonScan Quiet Data-Harvester on Windows

Affected Platforms: Microsoft Windows Impacted Users: Microsoft Windows Impact: The stolen information can be used for future attacks Severity Level: High FortiGuard Labs recently uncovered an act...

Jul 7, 2025 MALWARE

Hackers abuse leaked Shellter red team tool to deploy infostealers

Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the s...

Jul 7, 2025 SECURITY

Digging Gold with a Spoon – Resurgence of Monero-mining Malware

Resurgence of Monero-mining Malware Is it the same XMRig threat from the past? What is apparent with the current XMRig threat is its multi-staged approach and use of LOLBAS (Living Off the Land B...

Jul 7, 2025 MALWARE

Deploying NetSupport RAT via WordPress & ClickFix

Source: Cybereason Excerpt: Delivery Mechanism Threat actors utilize phishing campaigns to distribute a malicious website link through: Phishing emails PDF attachments Gaming websites Att...

Jul 7, 2025 RESEARCH

CVE-2025-5777 CitrixBleed 2 Write-Up… Maybe?

Technical Details We’ll skimp on a bunch of internal background information for NetScaler for the sake of brevity, but if you’re interested in reading further, here are a few good write-ups to get...

Jul 7, 2025 VULNS

Batavia spyware steals data from Russian organizations

Since early March 2025, our systems have recorded an increase in detections of similar files with names like договор-2025-5.vbe, приложение.vbe, and dogovor.vbe (translation: contract, attachment) ...

Jul 7, 2025 CYBERSECURITY

BERT Ransomware Group Targets Asia and Europe on Multiple Platforms

Key Takeaways BERT (tracked by Trend Micro as Water Pombero) is a newly emerged ransomware group targeting both Windows and Linux platforms, with confirmed victims in Asia, Europe, and the US, par...

Jul 7, 2025 RESEARCH

Critical vulnerabilities in NetScaler ADC exploited in-the-wild everything you need to know

On June 17th, 2025, two critical vulnerabilities - CVE-2025-5349 and CVE-2025-5777 - were disclosed in Citrix Netscaler ADC and Netscaler Gateway, enabling unauthorized access to sensitive resource...

Jul 6, 2025 VULNS

Unmasking Insecure HTTP Data Leaks in Popular Chrome Extensions

Extensions analyzed expose information such as browsing domains, machine IDs, OS details, usage analytics, and more. Many users assume that popular Chrome extensions adhere to strong security prac...

Jul 5, 2025 RESEARCH

Ingram Micro outage caused by SafePay ransomware attack

An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. Ingram Micro is one of the world’s l...

Jul 5, 2025 SECURITY

Phishing Attack Deploying Malware on Indian Defense BOSS Linux

Executive Summary CYFIRMA has identified a sophisticated cyber-espionage campaign orchestrated by APT36 (also known as Transparent Tribe), a threat actor based in Pakistan. This campaign specifical...

Jul 4, 2025 APT

NightEagle APT Exploits Microsoft Exchange Flaw to Target China's Military and Tech Sectors

Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers as a part of a zero-...

Jul 4, 2025 APT

How Much More Must We Bleed? - Citrix NetScaler Memory Disclosure (CitrixBleed 2 CVE-2025-5777)

Excerpt: “You’ve decided to build a network over the weekend. Why, you ask? Because you can. Saturday morning comes, and you’re sitting there (naturally, Bambi is by your side) building your netwo...

Jul 4, 2025 VULNS

Critical Sudo bugs expose major Linux distros to local Root exploits

Cybersecurity researchers disclosed two vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit the vulnerabilities to escalate privi...

Jul 4, 2025 SECURITY

2025-07-04 Daily Vulns

NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2025-52554 n8n-io - n8n n8n...

Jul 4, 2025 VULNERABILITIES

When Installers Turn Evil The Pascal Script Behind Inno Setup Malware Campaign

Software installer packages are a cornerstone of user-friendly software distribution. Tools like Inno Setup, NSIS (Nullsoft Scriptable Install System), and InstallShield help developers bundle thei...

Jul 3, 2025 RESEARCH

2025-07-03 Daily Vulns

NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2025-45424 n/a - n/a Incorr...

Jul 3, 2025 VULNERABILITIES

macOS NimDoor | DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware

Executive Summary DPRK threat actors are utilizing Nim-compiled binaries and multiple attack chains in a campaign targeting Web3 and Crypto-related businesses. Unusually for macOS malware, the thr...

Jul 2, 2025 CYBERSECURITY