Wiz Research has uncovered an active cryptomining campaign, dubbed Soco404, that exploits misconfigurations in PostgreSQL databases and other cloud services to deploy platform-specific malware on…
Jul 25, 2025Ravie LakshmananCybercrime / Insider Threat The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned a North Korean front company…
The State Department announced Thursday it will pay up to $15 million for information leading to the arrest of seven North Korean nationals accused of…
Two critical vulnerabilities in the VMware Guest Authentication Service (VGAuth) component of VMware Tools allow local attackers to escalate privileges from any user account to…
CloudSEK’s TRIAD team uncovered an active development site deploying Clickfix-themed malware linked to the Epsilon Red ransomware. This variant deviates from traditional clipboard-based command injection…
On July 19, 2025, a critical remote code execution (RCE) vulnerability (CVE-2025-53770, also referred to as ToolShell) was publicly disclosed, impacting on-premises Microsoft SharePoint Server…
A critical security vulnerability has been discovered in Microsoft Copilot Enterprise, allowing unauthorized users to gain root access to its backend container. This vulnerability poses…
A malicious Android application has been uncovered, impersonating legitimate Indian banking apps to orchestrate credential theft, surveillance, and unauthorized financial transactions. This malware employs a…
Jul 25, 2025Ravie LakshmananCyber Espionage / Malware Russian aerospace and defense industries have become the target of a cyber espionage campaign that delivers a backdoor…
Back in January 2025 the UK government took an important step towards dismantling the ransomware economy by proposing a ban on ransom payments across the…
Researchers identified 13 critical vulnerabilities in Tridium’s widely-deployed Niagara Framework that could allow attackers to compromise building automation systems and collect sensitive network data. The…
Cybersecurity firm Sygnia has been tracking and mitigating a sophisticated espionage operation dubbed Fire Ant, which zeroes in on virtualization and networking infrastructure, particularly VMware…
