-
Zscaler Threat Hunting has identified a sophisticated espionage campaign targeting Indian entities through fraudulent “Income Tax Department” portals, representing a significant evolution in the SideWinder APT’s operational tradecraft…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has addressed a critical use-after-free vulnerability in its Brokering File System (BFS) driver that could allow attackers to escalate privileges on Windows systems. Tracked as CVE-2025-29970, the security flaw affects the bfs.sys component a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical race condition vulnerability in the Linux kernel’s POSIX CPU timers has been exposed through a detailed proof-of-concept, one of the most sophisticated kernel exploits targeting Android devices. CVE-2025-38352 represents a use-after-fr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical firmware vulnerability affecting motherboards from major manufacturers including Gigabyte, MSI, ASRock, and ASUS has been discovered by Riot Games’ Vanguard anti-cheat team. The vulnerability, dubbed “Sleeping Bouncer,” all…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Docker has released its production-grade hardened container images as a free, open-source offering, marking a significant shift in software supply chain security accessibility. The Docker Hardened Images (DHI), previously a commercial product, are now …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cyber espionage group known as Arcane Werewolf (also tracked as Mythic Likho) has significantly upgraded its offensive capabilities, targeting Russian manufacturing enterprises with a new iteration of its custom malware. According to a report by BI…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Resecurity has identified a dangerous new development in the underground cybercrime market, the rise of DIG AI. This uncensored artificial intelligence platform is rapidly gaining traction among threat actors, enabling them to automate malicious campai…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Group-IB security researchers have uncovered a sophisticated new Android malware family dubbed “Wonderland” that represents a significant evolution in SMS-stealing threats targeting users across Uzbekistan. Unlike previous regional malware …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A 29-year-old Bangladeshi man has been indicted on federal charges for operating online marketplaces that sold fraudulent identity document templates to customers worldwide, U.S. authorities announced. Zahid Hasan of Dhaka, Bangladesh, faces nine feder…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Shadowserver Foundation has identified over 25,000 internet-facing Fortinet devices globally with FortiCloud Single Sign-On (SSO) functionality enabled, raising concerns about potential exposure to critical authentication bypass vulnerabilities. Th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
