Recent cyber threats highlight a sharp rise in stealth malware loaders and AI-assisted attack techniques, signaling a shift toward quieter, more adaptive initial access strategies that challenge traditional detection models.
Five facilitators admitted to helping North Korean remote IT workers infiltrate 136 US companies through stolen identities and “laptop farms,” sending more than $2.2 million back to the regime and exposing hidden risks in everyday hiring pipelines.
Japanese brewing giant Asahi has fallen victim to a Qilin ransomware attack that reportedly stole 27 GB of corporate and employee data. Operations remain partially disrupted, with supply chain strain visible across Japan. The attack underscores ransomware’s growing focus on consumer-goods manufacturers and double-extortion tactics.
Gemini’s Deep Research now taps Gmail, Drive, and Chat when users allow it. Because the agent can fuse internal messages and files with web context, output quality rises along with privacy risk. This guide shows how to roll out safely: set consent norms, restrict high-risk teams, validate audit coverage, and keep DLP and labels active so Deep Research never reads more than policy permits.
A targeted malvertising campaign redirected users from Bing to a fake Teams download site, where a signed MSTeamsSetup.exe installed the Oyster backdoor — blocked just in time by Microsoft Defender ASR.
Microsoft’s December 2025 Patch Tuesday delivers critical security updates — 56 vulnerabilities across Windows, Office, Exchange and more including three zero-day flaws. Attackers exploited at least one, making immediate patching vital for enterprise and personal systems alike.
A public PoC exploit tool for CVE-2025-64446 now turns FortiWeb WAF appliances into high-value RCE targets. The bug uses a relative path traversal flaw to execute administrative commands over HTTP or HTTPS, and active exploitation in the wild, CISA KEV inclusion, and GitHub tooling mean security teams must urgently patch, lock down management access, and fold FortiWeb into their broader Fortinet and perimeter compromise playbooks.
Zoom delivered security fixes for Windows clients after investigators identified CVE-2025-49457, an untrusted DLL search path that can enable local privilege escalation and broader compromise. Because attackers chain DLL hijacking with lateral movement, admins should update Windows endpoints to version 6.3.10 and validate explicit path loading. This analysis explains affected apps, exploitation flow, high-signal detection, and quick remediation steps so defenders can reduce risk without adding noise.
Multiple vulnerabilities in TeamViewer DEX expose risks in enterprise endpoint monitoring platforms, raising concerns about unauthorized access, telemetry abuse, and internal reconnaissance within corporate environments.
Researchers have uncovered a new global campaign linked to the TA585 threat group, deploying a malware strain called MonsterV2. The campaign targets enterprise, finance, and industrial sectors, leveraging advanced persistence and evasion techniques to steal data and compromise corporate networks