North Korean–linked attackers exploited a critical React2Shell vulnerability (CVE-2025-55182) to deploy a new smart-contract based RAT named EtherRAT. The malware uses Ethereum smart-contracts for C2 resolution, hides payloads through obfuscation, and employs multiple persistence mechanisms — a serious threat to Web3 and developer environments.
SAP has released fixes for three SAP critical vulnerabilities affecting Solution Manager, Commerce Cloud, and the jConnect SDK. These flaws enable remote code execution and unsafe deserialization, posing significant risk to enterprise systems. This article breaks down technical details and offers mitigation guidance.
Japanese organizations continue facing ransomware incidents that cause months of operational disruption. This investigative analysis explores how long-tail damage unfolds, why attackers target Japan’s supply chain ecosystem, and how companies can strengthen long-term resilience.
Microsoft’s December 2025 Patch Tuesday delivers critical security updates — 56 vulnerabilities across Windows, Office, Exchange and more including three zero-day flaws. Attackers exploited at least one, making immediate patching vital for enterprise and personal systems alike.
GrayBravo’s modular loader, CastleLoader, now powers four distinct threat clusters targeting logistics, travel, and enterprise users a clear sign of rapid MaaS expansion and rising risk for global organizations.
A chilling evolution: Storm-0249 has shifted from selling access to enabling full-blown ransomware campaigns. Their new combination of ClickFix social-engineering, fileless PowerShell and DLL sideloading dramatically increases stealth and persistence across enterprise environments.
A critical Ivanti Endpoint Manager code execution flaw, tracked as CVE-2025-10573, allows unauthenticated attackers to plant malicious JavaScript in the EPM dashboard and hijack admin sessions. This article explains how the bug works, which versions are affected, and how to patch and harden EPM cores.
A misconfiguration in Cursor’s integration with AWS Bedrock allows non-admin users or attackers with minimal access to raise spending caps and drain cloud budgets rapidly. Here’s what happened, why it matters, and how to secure your AI-cloud environment.
JSSmuggler uses JavaScript-based smuggling to hide and reassemble Windows malware at runtime, bypassing security tools and enabling advanced payload delivery. This analysis explains how it works and how defenders can counter it.
Two Ukrainian nationals were arrested in Poland while carrying advanced hacking equipment capable of probing sensitive wireless networks. Their actions raised concerns about espionage operations targeting critical infrastructure, prompting a wider investigation into cross-border surveillance activities.