-
A new backdoor dubbed Dohdoor is actively targeting schools and health care organizations in the United States through a stealthy multi-stage attack chain. UAT-10027 focuses on education and health care entities in the U.S., sectors that handle highly …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Trend Micro has disclosed eight security vulnerabilities in its Apex One endpoint protection platform, including two critical-severity flaws that allow unauthenticated remote attackers to upload malicious code and execute commands on affected systems. …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Malicious actors are abusing Go’s open-source ecosystem by deploying a backdoored crypto module that steals passwords and installs a Rekoobe Linux backdoor on developer and CI environments. The package imitates Go’s trusted cryptography library to turn…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cybersecurity community is witnessing a rise in credential‑stuffing attacks targeting corporate Single Sign‑On (SSO) systems, with recent campaigns focusing on F5 BIG‑IP devices. To understand the source of the stolen logins, Defused Cyber analyzed…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Dutch telecommunications company Odido suffered a massive data breach that exposed the personal information of nearly 700,000 customers. The incident, which included an extortion attempt, has raised serious concerns about customer privacy and data …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The FreeBSD Project has disclosed a critical security vulnerability, tracked as CVE-2025-15576, which allows attackers to escape jail environments and gain unauthorized access to the full host filesystem. This flaw impacts FreeBSD versions 14.3 and 13….
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A Go‑based remote administration tool known as Vshell is emerging as a favored alternative to Cobalt Strike among both red teams and threat actors. Though marketed as a legitimate network administration and security testing platform, recent analyses in…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is expanding its threat detection capabilities by extending Microsoft Defender for Office 365 (MDO) URL click alerting into Microsoft Teams. This critical update allows security teams to detect, investigate, and respond to potentially malicio…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft Defender researchers have uncovered a new campaign that abuses trojanized gaming utilities to deliver multi‑stage malware with remote access, data theft, and payload delivery capabilities. Attackers are masquerading as popular tools such as X…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Juniper Networks has issued an out-of-cycle critical security bulletin addressing a severe vulnerability affecting its PTX Series routers running Junos OS Evolved. The flaw allows an unauthenticated, network-based attacker to execute malicious code wit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
