PoC Released for WSUS RCE CVE-2025-59287 Patch Now
A public PoC for CVE-2025-59287 exploits an unsafe deserialization flaw in WSUS. Administrators must deploy Microsoft’s October 2025 updates and hunt for indicators of compromise immediately.
Category: Malware
Read More
Europol Raid Ends Multi-Nation SIM-Farm Used for SMS Phishing
Europol has shut down a cross-border SIM-farm network used to automate smishing and VoIP fraud, seizing equipment, servers, and arresting dozens of operators.
Google Ads Abused to Install Hidden macOS Malware
A new malvertising campaign is using deceptive Google Ads mimicking trusted macOS software brands like Homebrew and LogMeIn to deliver potent infostealers such as AMOS and Odyssey. Mac developers and advanced users are being targeted with copy-and-paste terminal commands that install malware under the guise of legitimate apps. This expert breakdown shows how the attack works, what to watch for and how to defend your environment.
Net-CAPI: The Stealth Backdoor Hidden in Windows CryptoAPI
A newly discovered backdoor, dubbed Net-CAPI, has infiltrated multiple Russian government networks by hijacking Windows cryptographic services. Analysts believe the tool, developed by a sophisticated threat group, uses advanced evasion and persistence methods to hide within legitimate system operations—making detection nearly impossible.
NSO Group Loses U.S. Court Case on WhatsApp Hacking Claims
A U.S. court ordered Israeli spyware maker NSO Group to halt operations targeting WhatsApp and reduced damages in Meta’s lawsuit. The decision reinforces accountability for private surveillance firms accused of breaching digital privacy.
Silver Fox Winos 4.0 Malware Now Strikes in Japan and Malaysia
The Silver Fox group, long known for precision-targeted malware operations, has extended its Winos 4.0 campaign into Japan and Malaysia. Security experts now observe the deployment of HoldingHands RAT through malicious PDF attachments and deceptive software installers.
How EtherHiding Lets Hackers Hide Malware on BSC & Ethereum
North Korea–linked hackers now embed JavaScript malware in blockchain smart contracts via EtherHiding. This stealthy method turns public blockchains into resilient drop zones. The multi-stage campaign includes JADESNOW and InvisibleFerret backdoors, demanding new defense strategies.
Global Malware Campaign Abuses Fake Court Communications
Cybercriminals are distributing malware through fake judicial notification emails, posing as court summons or legal notices.
The campaign aims to deceive users into opening malicious attachments or clicking links that trigger trojan infections and data theft.
TA585’s MonsterV2 Malware Hits Finance and Enterprise Networks
Researchers have uncovered a new global campaign linked to the TA585 threat group, deploying a malware strain called MonsterV2. The campaign targets enterprise, finance, and industrial sectors, leveraging advanced persistence and evasion techniques to steal data and compromise corporate networks
RondoDox Botnet Exploits Routers to Create Global Proxy Army
Cybersecurity researchers have uncovered a massive router-based botnet, dubbed RondoDox, that converts compromised devices into nodes within a global proxy network. The botnet enables cybercriminals to route attacks, anonymize traffic, and monetize access to infected routers worldwide.