-
Cisco Talos has uncovered an active campaign exploiting a zero-day vulnerability in Cisco AsyncOS Software, affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The security flaw enables attackers to execute system-level command…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat researchers have uncovered a sophisticated mobile malware campaign attributed to North Korea-linked threat actor Kimsuky, leveraging weaponized QR codes and fraudulent delivery service impersonations to trick users into installing remote access …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The ForumTroll APT group has resurfaced with a sophisticated phishing campaign targeting Russian academics, marking a significant escalation in their ongoing operations against entities in Russia and Belarus. While the group initially gained notoriety …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Imagine cruising down the highway in your brand-new electric car when suddenly the multimedia display fills with Doom, the iconic 3D shooter game completely replacing your navigation map and vehicle controls. Shockingly, this isn’t science fictio…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated Chinese threat actor tracked as Ink Dragon has been weaponizing a custom ShadowPad IIS Listener module to convert compromised servers into distributed relay nodes, according to research by Check Point Research. The tactic represents a s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Singularity, a stealth-focused Linux Kernel Module (LKM) rootkit targeting modern 6.x kernels, has added a powerful log‐evasion capability that prevents its detection through traditional kernel logging interfaces such as klogctl. Designed as a “final b…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Nagios has released version 2026R1.1 to address a critical privilege escalation vulnerability affecting earlier versions of its monitoring platform. The flaw, tracked as CVE-2025-34288, poses a significant risk to enterprise infrastructure by enabling …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has announced a significant update to its device connectivity policies for Exchange Online, aimed at enhancing security and ensuring users are on modern protocols. Starting March 1, 2026, mobile devices running Exchange ActiveSync (EAS) versi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-59718 to its Known Exploited Vulnerabilities (KEV) catalog, marking the latest Fortinet vulnerability being actively exploited in the wild. The flaw affects multi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malware campaign dubbed “GhostPoster” has compromised approximately 50,000 Firefox users by exploiting browser extension icons. Security researchers at Koi Security discovered that malicious actors are embedding hidden malwa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
