Shadowserver has identified over 266,000 F5 BIG-IP devices exposed to remote attack after a breach revealed undisclosed vulnerabilities. Organizations must act now to mitigate potential exploitation.
A major rat campaign disguised as the Minecraft mod “Nursultan Client” is compromising gamers via a Python-based Trojan using Telegram bot infrastructure. This tool steals browser tokens, captures webcams, and uses a gamified lure to breach systems and security teams need to view gaming endpoints as serious risk zones.
WireTap shows how a passive DDR4 interposer can recover Intel SGX attestation keys under physical access. The attack reframes trust in SGX-based services and demands stronger physical and cryptographic safeguards.
A China-linked cyber espionage malware campaign demonstrates how attackers abuse DNS traffic to maintain stealthy, long-term command-and-control access.
Threat actors are abusing Microsoft Entra tenant invitations to run TOAD (Telephone-Oriented Attack Delivery) phishing campaigns that look like legitimate Microsoft 365 billing notifications. Instead of pushing links or attachments, they convince users to call attacker-controlled “support” numbers, where credentials and remote-access authorizations are harvested. This analysis explains how the attack chain works, which guest invitation properties are being misused, and how security teams can hunt for and mitigate these callbacks.
Aardvark is OpenAI’s GPT-5–powered security agent that reads repositories like a human, validates exploitability in a sandbox, and proposes precise patches. Consequently, teams can cut detection and remediation time without slowing delivery.
Investigators suspect Russian-linked cyber actors may be behind the recent attack on Jaguar Land Rover (JLR) that disrupted operations and compromised corporate data. The findings align with a growing pattern of state-aligned cyber interference targeting the automotive sector in Europe.
The recently disclosed flaw in LANSCOPE Endpoint Manager (CVE-2025-61932) enables unauthenticated attackers to send malicious packets, execute arbitrary code and compromise systems. Organisations must patch affected versions, apply network controls and monitor for unusual traffic to avoid full network takeover.
Ludwigshafen detected suspicious activity and took city IT offline to contain risk. Teams isolate systems, assess scope, and plan a safe, phased restoration while core services continue with workarounds.
Within four weeks, AWS, Azure and Cloudflare all suffered major outages triggered by internal configuration and metadata failures rather than attacks. This article unpacks the Cloudflare–Azure–AWS outage pattern, examines how cloud centralisation amplifies these incidents and outlines realistic resilience moves for IT, SRE and security teams.