A sophisticated cyber campaign used DLL side‑loading to deliver a hybrid PlugX variant and the Bookworm backdoor to telecom and ASEAN networks, revealing renewed tactics by China‑linked threat actors.
A new attack variant against Cisco Secure Firewall ASA/FTD can force unexpected reloads, dropping VPNs and disrupting edge traffic. Reduce exposure, apply fixed releases, and harden management access. Validate HA under load and stream telemetry off-box to preserve evidence while you monitor for recurrence.
Ukraine’s CERT-UA has warned that CabinetRAT backdoor malware is being actively deployed in cyber espionage campaigns targeting government and critical networks.
The Brazilian-origin Caminho Loader uses least significant bit (LSB) steganography to hide .NET payloads inside image files, enabling fileless malware delivery across South America, Africa and Eastern Europe. This advanced threat demands immediate action from security teams.
EvilAI operators are hiding malware in legitimate-looking AI tools that appear functional and signed, enabling reconnaissance, browser data exfiltration, and encrypted C2 communication across global targets.
Garden, a fast BTC bridge, was drained for roughly $11 million days after AML concerns surfaced about flows tied to prior thefts. Consequently, exchanges, market makers, and bridge integrators should validate exposure, add watchlists for tainted flows, and harden solver, deployer, and validator controls before operations resume.
Google’s Project Zero team uncovered a method to bypass ASLR on Apple devices by exploiting NSDictionary’s JSON serialization behavior, potentially weakening memory protections.
Pass-the-Hash succeeds when local admin passwords repeat and admins sign in everywhere. Small ADs can end that pattern fast. Use Windows LAPS to rotate a unique secret per device and enforce a Tier 0/1/2 admin model so privileged credentials never roam. Add Credential Guard and LSA Protection to shrink theft opportunities.
Harrods informed loyalty program members of a data breach tied to a third-party provider. The luxury retailer is investigating and urging customer caution.
Security researchers revealed that ChatGPT’s Atlas Browser can be manipulated through hidden prompt injections, allowing attackers to hijack AI behavior, leak data, and bypass safeguards. Learn how it works and how to defend against it.