-
A sophisticated phishing campaign utilizing a weaponized PDF document named “NEW Purchase Order # 52177236.pdf” has been identified, employing legitimate cloud infrastructure and encrypted messaging apps to steal corporate credentials. The attack vecto…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Iranian cyber unit Charming Kitten, officially designated APT35, has long been dismissed as a noisy but relatively unsophisticated threat actor a politically motivated collective known for recycled phishing templates and credential-harvesting pages. Ep…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A severe security vulnerability has been discovered in Hewlett Packard Enterprise OneView software, threatening enterprise infrastructure across data centers and hybrid cloud environments. The flaw, tracked as CVE-2025-37164, carries a maximum CVSS 3.1…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The United States Attorney’s Office for the Eastern District of Michigan announced a coordinated international enforcement action targeting E-Note, a cryptocurrency exchange allegedly used by transnational cybercriminals to launder money stolen f…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ReversingLabs (RL) researchers have uncovered a sophisticated malware campaign targeting the .NET developer ecosystem via the NuGet package manager. The campaign, which began in July 2025, involves 14 malicious packages designed to mimic legitimate cry…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Check Point Research has uncovered a sophisticated malware distribution campaign leveraging the YouTube Ghost Network to deploy GachiLoader, a novel, heavily obfuscated Node.js-based loader designed to deliver the Rhadamanthys infostealer to unsuspecti…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical ASUS vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. CVE-2025-59374 affects ASUS Live Update software and st…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
TEL AVIV, Israel, Dec. 17, 2025 Miggo Security has released a comprehensive benchmark study revealing critical gaps in Web Application Firewall (WAF) protection, with the discovery of React2Shell (CVE-2025-55182) serving as a stark real-world validatio…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SonicWall has issued an urgent security advisory warning of active exploitation of a local privilege escalation vulnerability affecting its SMA1000 appliances. The flaw, tracked as CVE-2025-40602, enables attackers with management console access to gai…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ink Dragon, a Chinese espionage group, has significantly expanded its operational reach from Southeast Asia and South America into European government networks, according to ongoing research by Check Point Research. The threat actor employs a methodica…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
